click.heartcarepages.com/?t=c&ids=MjY0NzUzNzU0__NzAyMQ==__MTU0NTg4MDI=__NDY4__234&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGdGFtcg==
170.187.185.18301 Moved Permanently 354 B URL HTTP/1.1 click.heartcarepages.com/?t=c&ids=MjY0NzUzNzU0__NzAyMQ==__MTU0NTg4MDI=__NDY4__234&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGdGFtcg==
IP 170.187.185.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 976c589b74ac8066848686bd8dc56a70
be643cf14a481820c71fe5acbbb843d2c68493a4
37d24873b799e2c5d6e07e6f7f2eb374609dfb8783a3133a5777c18b5127caaf
GET /?t=c&ids=MjY0NzUzNzU0__NzAyMQ==__MTU0NTg4MDI=__NDY4__234&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGdGFtcg== HTTP/1.1
Host: click.heartcarepages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 20 Nov 2022 15:58:16 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 354
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: upgrade-insecure-requests
Location: https://click.heartcarepages.com/?t=c&ids=MjY0NzUzNzU0__NzAyMQ==__MTU0NTg4MDI=__NDY4__234&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGdGFtcg==
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eb76c0b3adf4098ad8a9d1e38250758f
99610ddb2b4ec6d04250ac244f966951695d4f00
01ed8c191c175471aee23cbc196d558e5bf5209f166806fc97db08eb06544bab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17146
Expires: Sun, 20 Nov 2022 20:44:02 GMT
Date: Sun, 20 Nov 2022 15:58:16 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2061bb5a62c7dbe5a39e49a98bf7d214
812ff4923fc0fa69fa7db7c362d5af728e297099
6f0c1ecd37ba47802a386c487e3c2eb1794a06e8b9f56e016326686e3d80ef92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3205
Cache-Control: max-age=156393
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:16 GMT
Etag: "637a01fc-1d7"
Expires: Tue, 22 Nov 2022 11:24:49 GMT
Last-Modified: Sun, 20 Nov 2022 10:31:24 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 20 Nov 2022 15:45:15 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 781
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4533
Expires: Sun, 20 Nov 2022 17:13:49 GMT
Date: Sun, 20 Nov 2022 15:58:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5QF05ESHJDub5vcGos9fQtkApZjcfSbXg6Z//DZR8PEMjfRu9YjAnD0ZH5+fH2+17M4p/oVyRH4=
x-amz-request-id: XJ4E040Y3JV2WJE6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 20 Nov 2022 15:41:46 GMT
age: 990
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 15:58:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8da77d16497ad72b9a15817a2ac0da08
95a66662673815b97ba200aef6233fc078e58ea1
5c7a6519573d79710b3247748ebadde7533eaf0f46b67f282e8641d229d13316
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C7A6519573D79710B3247748EBADDE7533EAF0F46B67F282E8641D229D13316"
Last-Modified: Fri, 18 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 20 Nov 2022 21:58:16 GMT
Date: Sun, 20 Nov 2022 15:58:16 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 20 Nov 2022 15:44:50 GMT
cache-control: public,max-age=3600
age: 806
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 27138f8625c320bd1434ccd92263b641
6a8f18728c9f324c1c631ffc85901d84ec4d0e0c
02338368cfa2325e8463bd169cb0ad4df2967ca4260b75bc665cd0836e90e9f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4324
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:17 GMT
Last-Modified: Sun, 20 Nov 2022 14:46:13 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d9c0d6744bddd13a753455a614b1e9dc
70cdb332d1f0435d8745a978f217802d6c6d2141
41f3a85acb459896ffcc0ac7eae0384137f9d7b064f5d416bad235d92ee58a5c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=120733
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:17 GMT
Etag: "63798336-116"
Expires: Tue, 22 Nov 2022 01:30:30 GMT
Last-Modified: Sun, 20 Nov 2022 01:30:30 GMT
Server: nginx
Content-Length: 278
push.services.mozilla.com/
35.165.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: T6JOTWCtJcE8giiC44l/Hg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: a+i2vsZeRbi7Lzd/2WP0oFs+5hA=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d9c0d6744bddd13a753455a614b1e9dc
70cdb332d1f0435d8745a978f217802d6c6d2141
41f3a85acb459896ffcc0ac7eae0384137f9d7b064f5d416bad235d92ee58a5c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=120733
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:17 GMT
Etag: "63798336-116"
Expires: Tue, 22 Nov 2022 01:30:30 GMT
Last-Modified: Sun, 20 Nov 2022 01:30:30 GMT
Server: nginx
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e8cbf2e58314bf5cffe492086438e53
b746d0e8b154a69c5753e1b057807dd7570c8617
a742362b82bcb0bad7a4434ba7505ef06f7024b2923908ca1a158e366e77c629
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A742362B82BCB0BAD7A4434BA7505EF06F7024B2923908CA1A158E366E77C629"
Last-Modified: Fri, 18 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10386
Expires: Sun, 20 Nov 2022 18:51:23 GMT
Date: Sun, 20 Nov 2022 15:58:17 GMT
Connection: keep-alive
getbloodsugarformula.com/watch-the-video?utm_source=cpa&utm_medium=everBS&utm_content=bsugarvsl&utm_campaign=bloodsugarcpaever&affid=361&oid=14&uid=&_ef_transaction_id=&n=614&oid=14&affid=361&sub1=mw1agiop1120bloodsugar&creative_id=8
165.22.148.141200 OK 84 kB URL HTTP/1.1 getbloodsugarformula.com/watch-the-video?utm_source=cpa&utm_medium=everBS&utm_content=bsugarvsl&utm_campaign=bloodsugarcpaever&affid=361&oid=14&uid=&_ef_transaction_id=&n=614&oid=14&affid=361&sub1=mw1agiop1120bloodsugar&creative_id=8
IP 165.22.148.141:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (64456)
Hash 8a189e9b91c3b6207a43fb0a22ec59ed
22f4eb1eced781114d67fd673db7ba81c4e68b0e
9d078e97735f8bbe65f1bef728715f00b6a525383b5521841f91f1c8ca181de9
GET /watch-the-video?utm_source=cpa&utm_medium=everBS&utm_content=bsugarvsl&utm_campaign=bloodsugarcpaever&affid=361&oid=14&uid=&_ef_transaction_id=&n=614&oid=14&affid=361&sub1=mw1agiop1120bloodsugar&creative_id=8 HTTP/1.1
Host: getbloodsugarformula.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emdlvr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 20 Nov 2022 15:58:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: Express
ETag: W/"642cd-KKp7Pg1tkB2YmqJus3zH7fQ/QOo"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c28dcab32cb68e75be2f9d541e417a3c
7e94e4d48e4004090b100451a37752a7ae691550
fe2434a22cb390d054adcb47b67cbc3d1141a753f87839723554dd1bced75e45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a16fd70048d81d63ac778964066b5fd5
8678fd9c7ef3f0b3a286e170e87bf59773f41881
fa9dd59489cb48e8509ce8297c3491823e446cdcde0f7393cd621b2abd0702dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-N3LSGNS
142.250.74.168200 OK 83 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-N3LSGNS
IP 142.250.74.168:0
File type ASCII text, with very long lines (28936)
Hash d23bcaab99dc0a326253136b38918542
655c2e987488bf66c246f5fe6aed025fce510d1c
0b7308b2930dfb146081304b59949b6fad4dda611a62ff14d4284b88abaac3c1
GET /gtm.js?id=GTM-N3LSGNS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 20 Nov 2022 15:58:18 GMT
expires: Sun, 20 Nov 2022 15:58:18 GMT
cache-control: private, max-age=900
last-modified: Sun, 20 Nov 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83216
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c28dcab32cb68e75be2f9d541e417a3c
7e94e4d48e4004090b100451a37752a7ae691550
fe2434a22cb390d054adcb47b67cbc3d1141a753f87839723554dd1bced75e45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a16fd70048d81d63ac778964066b5fd5
8678fd9c7ef3f0b3a286e170e87bf59773f41881
fa9dd59489cb48e8509ce8297c3491823e446cdcde0f7393cd621b2abd0702dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 801bfa5219b8edbae22ab4be73ea5f1b
6795d174c6af1841ff34a78c0723c8fd9a69bdce
5288c50ab4af870e03058d86bbf4fca0cb0cbb10136580858cb7c05e91605805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Lora:wght@400;500;600&display=swap
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css2?family=Lora:wght@400;500;600&display=swap
IP 142.250.74.10:0
Hash 5feaab1c408813a2c3f43b420ecca0fa
fcf8600498d8aca78081a6e51c48162d2de46324
3d8018a689100a8c973072616a65b2d42b2781548fde9d1ef3170f43f6c425c6
GET /css2?family=Lora:wght@400;500;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 20 Nov 2022 15:58:18 GMT
date: Sun, 20 Nov 2022 15:58:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2668
Expires: Sun, 20 Nov 2022 16:42:46 GMT
Date: Sun, 20 Nov 2022 15:58:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2668
Expires: Sun, 20 Nov 2022 16:42:46 GMT
Date: Sun, 20 Nov 2022 15:58:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2640ea-cb67-4da2-9989-09bf608bd138.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2640ea-cb67-4da2-9989-09bf608bd138.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2dcdeb5df10dd86dbc155dbefc4fd72b
b0a20213cdedc7fa472dbdad4e1152152009433e
ba98ae058e591f010056de61cdc58e09b5a2742be08421e0ba57ac2a0de36422
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2640ea-cb67-4da2-9989-09bf608bd138.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11915
x-amzn-requestid: 93e2bad9-148f-4b10-9c07-8ab77bcaafcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jW6F0BoAMFU3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c2c-19e415980648396973718d73;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3vxezxpU1re737vRthcDcV3hDb1NAhhZrslBYjIHE7hdtD40FslmzA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:35:16 GMT
age: 62582
etag: "b0a20213cdedc7fa472dbdad4e1152152009433e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a41f9693b9247dcce6c2340bb5c02828
e982a3a8a8c6baac9d1676ad93646d6c4cd9f58e
aa23cead1d44bf9db22654eb14113ef356d4ac972d301969c02803964418d556
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9798
x-amzn-requestid: abab4eb2-0a35-4113-8a52-e07c08f069cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bkiY2HXCoAMFVrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371b105-1cb176423ca3231a093cc4c7;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 03:07:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sCEwyGN6h_P0abZJGEY8PJNE7j1Nmz62-wvzWWO5gbFwA1auACXtJw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 17:23:16 GMT
age: 81302
etag: "e982a3a8a8c6baac9d1676ad93646d6c4cd9f58e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l3euSue3hLTcBU1OSLRCDuBDeXXM2mAIz0LhADeJV-30r-dW_TFV0w==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:48:38 GMT
age: 65380
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f65b21-5dd5-42d9-9985-0823fc534495.webp
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f65b21-5dd5-42d9-9985-0823fc534495.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25aa851caa96376b563f0322e8621292
71a917b184ec9ad1bb370724f4e4c707468e865e
7ffbeca58e1a4cc8f26f1a832376ae97d17c973efef9a1f4bebb44536da5ae1c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f65b21-5dd5-42d9-9985-0823fc534495.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4292
x-amzn-requestid: 5b50eebe-81f9-43fa-b259-eb9be43ff3be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i0SH1uoAMFdUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b4e-7322c4461f94c93c29542312;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:31:58 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: pcLZxnbI_hWCZstg2gZwNR3-v6d4Y1szI-Kg_RMXsgneiIRXBZHWkA==
via: 1.1 3c22982dfb94f708939a6ef528c5e55c.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:19:52 GMT
etag: "71a917b184ec9ad1bb370724f4e4c707468e865e"
content-type: image/jpeg
age: 63506
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19c1a99-6290-4f30-afcf-c426abf8c229.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19c1a99-6290-4f30-afcf-c426abf8c229.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 907cdf495815b066cbeaccd9c862c544
6082de99b599bc3c9ce14e2641a2bf60f9f187d8
fbccb495391bba54b463e8c4eaf3207af00b098c4b5f816011d240257aa56f6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19c1a99-6290-4f30-afcf-c426abf8c229.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11562
x-amzn-requestid: f01b0409-b43d-4d9c-92c0-0023c5e49d58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jV_GDmIAMFvqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c26-69366c73760dcd5b72634f73;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pvgyUJPVgG_PrCetQXIXLgxyEBar2nMFywc6HracpnEsn2tiCw_Pfg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:42:03 GMT
age: 65775
etag: "6082de99b599bc3c9ce14e2641a2bf60f9f187d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a4c45ae-b32f-41fd-b114-30dd881b4ef3.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a4c45ae-b32f-41fd-b114-30dd881b4ef3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1e751db3c22be366e4bef8b30644677
a2147825fc70ee46cdff2c5857646078c7cc3dad
713e83ce024a939bbc34268a18ea20e6e18fedeeeb6c5e5788df9b473c1c1c27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a4c45ae-b32f-41fd-b114-30dd881b4ef3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7659
x-amzn-requestid: 78936c00-59d6-45ae-97fe-b038a9748078
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i0BFtdoAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b4c-45f909677dc2cece6f0e27aa;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:31:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -B6mMWjuXxI3rVMu78ut9_BICmn-XzHWHfmj5Xi6H0OoXSAMCPNm0Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:44 GMT
etag: "a2147825fc70ee46cdff2c5857646078c7cc3dad"
content-type: image/jpeg
age: 65794
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
getbloodsugarformula.com/assets/images/dr-holly.png
165.22.148.141200 OK 47 kB URL HTTP/1.1 getbloodsugarformula.com/assets/images/dr-holly.png
IP 165.22.148.141:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 195 x 214, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e8e699004e095e8bfadc6a5a8d84871
6e401e1c5e1f51e57ac2caa3857ee35af6c65c38
060a68e01bc020ef6e13e388a78b47047fd61069b5c3e77bdb3a08f3f1367281
GET /assets/images/dr-holly.png HTTP/1.1
Host: getbloodsugarformula.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/watch-the-video?utm_source=cpa&utm_medium=everBS&utm_content=bsugarvsl&utm_campaign=bloodsugarcpaever&affid=361&oid=14&uid=&_ef_transaction_id=&n=614&oid=14&affid=361&sub1=mw1agiop1120bloodsugar&creative_id=8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 20 Nov 2022 15:58:18 GMT
Content-Type: image/png
Content-Length: 47026
Last-Modified: Thu, 22 Jul 2021 07:12:10 GMT
Connection: keep-alive
ETag: "60f91a4a-b7b2"
Expires: Tue, 20 Dec 2022 15:58:18 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 801bfa5219b8edbae22ab4be73ea5f1b
6795d174c6af1841ff34a78c0723c8fd9a69bdce
5288c50ab4af870e03058d86bbf4fca0cb0cbb10136580858cb7c05e91605805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.bloodsugarformula.com
143.204.42.20200 OK 20 kB URL HTTP/2 d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.bloodsugarformula.com
IP 143.204.42.20:0
File type ASCII text, with very long lines (5690), with CRLF, LF line terminators
Hash 17bf021188983f73aa7609ff078cca5c
6ac0459a7075b66b98e4abb06618dc977376fb99
b4bb1aa6557de8dfcb4664d21449685569cce2c069e482c9e18068b894be528d
GET /UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.bloodsugarformula.com HTTP/1.1
Host: d9i5ve8f04qxt.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript; charset=UTF-8
content-length: 19466
last-modified: Fri, 21 Oct 2022 13:37:12 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sat, 19 Nov 2022 19:39:47 GMT
cache-control: max-age=604800,s-maxage=604800
etag: "17bf021188983f73aa7609ff078cca5c"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: EinKLtd2ChgSjBaRbydp97DEI3Y9NhI-HIA2IlZJs2P2G9U9Y2BIug==
age: 73383
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 90715aa046abff979e36577f3247abb6
03edc43eb58ea3ea7cd3c87edeb700ef62bc7c5c
e059962a100bbbe671b29a701c93d67b8441b778e597acc8f2993710eef5c477
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ff21c73bee9c356da1c37e2e886552fa
ac256006eef856cbcaf5d479ba4b659c58263df6
44f91ae7aeb7b3ae170490fb6bfe9bd3b4f02763021170a76f61a63056170a03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 143
Cache-Control: max-age=155474
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:18 GMT
Etag: "637a0a5d-139"
Expires: Tue, 22 Nov 2022 11:09:32 GMT
Last-Modified: Sun, 20 Nov 2022 11:07:09 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d561fb4c2606ae6f3e27b550aac78eb1
08fab66de067ec1b26229eb8ca8025228b1e77df
696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
10720395.fls.doubleclick.net/activityi;src=10720395;type=allvi009;cat=allvi0;ord=1;num=9511905738414;gtm=2wgb90;auiddc=1877520804.1668959899;~oref=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8?
142.250.74.70200 OK 376 B URL HTTP/2 10720395.fls.doubleclick.net/activityi;src=10720395;type=allvi009;cat=allvi0;ord=1;num=9511905738414;gtm=2wgb90;auiddc=1877520804.1668959899;~oref=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (724), with no line terminators
Hash fb7174057ac1ddbe3b5daedfdeba4e2a
3409e95ff768793c551e4558cd8039e3c8006912
0807a08aad380507f1d471f3500af0596fa4dde6f9611c928e7f396706dc5ab8
GET /activityi;src=10720395;type=allvi009;cat=allvi0;ord=1;num=9511905738414;gtm=2wgb90;auiddc=1877520804.1668959899;~oref=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8? HTTP/1.1
Host: 10720395.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 15:58:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 376
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 20-Nov-2022 16:13:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:46:16 GMT
expires: Fri, 17 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 238322
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d561fb4c2606ae6f3e27b550aac78eb1
08fab66de067ec1b26229eb8ca8025228b1e77df
696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 98780
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 90715aa046abff979e36577f3247abb6
03edc43eb58ea3ea7cd3c87edeb700ef62bc7c5c
e059962a100bbbe671b29a701c93d67b8441b778e597acc8f2993710eef5c477
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash b2da70e096a6e99861195add32860753
0033c58c56364980b899b4377229ca58437debce
4301b9289325679e3a4f6966a10d7720d33220b87823196179564babbb421e50
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112211
Date: Sun, 20 Nov 2022 15:58:18 GMT
Etag: "63795391-1d7"
Expires: Mon, 21 Nov 2022 23:08:29 GMT
Last-Modified: Sat, 19 Nov 2022 22:07:13 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FFolNgtQhRzXRSqaMqe1QQXrYf82Dpafjb_H8B8rtITbDxJVodPVAw==
Age: 3676
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d561fb4c2606ae6f3e27b550aac78eb1
08fab66de067ec1b26229eb8ca8025228b1e77df
696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c1129dd95fbbf99f16e15337d465c6c1
cdc8013a26845925e6dd0302f505619e0e0d4ef9
e657dd8c640dd8fc991ec22aec19c19c049aff06a80a11b54bd7df5884fc24a9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 15:58:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 06:26:57 GMT
Expires: Fri, 25 Nov 2022 06:26:56 GMT
Etag: "cdc8013a26845925e6dd0302f505619e0e0d4ef9"
Cache-Control: max-age=397117,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76d262e73fdb0b65-OSL
getbloodsugarformula.com/assets/gif/123Desktop_2.gif
165.22.148.141200 OK 188 kB URL HTTP/1.1 getbloodsugarformula.com/assets/gif/123Desktop_2.gif
IP 165.22.148.141:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 862 x 486\012- data
Size 188 kB (187808 bytes)
Hash fff229301b7346b0f335c32321fa7484
3b02853dce1db82c5a40d71fa0c53c82cf54c274
3b65819eefe415d4f2f78ea9d63217cdf87e4c610fa6db2f8fbe03962bc1a333
GET /assets/gif/123Desktop_2.gif HTTP/1.1
Host: getbloodsugarformula.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/watch-the-video?utm_source=cpa&utm_medium=everBS&utm_content=bsugarvsl&utm_campaign=bloodsugarcpaever&affid=361&oid=14&uid=&_ef_transaction_id=&n=614&oid=14&affid=361&sub1=mw1agiop1120bloodsugar&creative_id=8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 20 Nov 2022 15:58:18 GMT
Content-Type: image/gif
Content-Length: 187808
Last-Modified: Mon, 25 Apr 2022 09:07:30 GMT
Connection: keep-alive
ETag: "626664d2-2dda0"
Expires: Tue, 20 Dec 2022 15:58:18 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
adservice.google.com/ddm/fls/i/src=10720395;type=allvi009;cat=allvi0;ord=1;num=9511905738414;gtm=2wgb90;auiddc=1877520804.1668959899;~oref=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8
142.250.74.66200 OK 381 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10720395;type=allvi009;cat=allvi0;ord=1;num=9511905738414;gtm=2wgb90;auiddc=1877520804.1668959899;~oref=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (723), with no line terminators
Hash 2e5328cdef252a8ad666bbbb3251ae59
63b2969fe3635c4c425b434df6c1a6b1c47a9332
a05ddb8474d9d4126290fc2188b4b8332b3b3cdff532f6314ed3ec6e4c8c264c
GET /ddm/fls/i/src=10720395;type=allvi009;cat=allvi0;ord=1;num=9511905738414;gtm=2wgb90;auiddc=1877520804.1668959899;~oref=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10720395.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 15:58:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 381
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.bloodsugarformula.com/cgi-bin/UCAffiliateNetworkPixel
13.248.142.152200 OK 749 B URL HTTP/2 secure.bloodsugarformula.com/cgi-bin/UCAffiliateNetworkPixel
IP 13.248.142.152:0
File type ASCII text, with CRLF line terminators
Hash 004bd2df64337e40d6d69d9cb3d6339f
0362f6839c7c480a7edaa9de4ac3ae9372233fa8
4be7daa460d00f96babb706b52659b321a801eec2885c01e031424c3a148b1f3
GET /cgi-bin/UCAffiliateNetworkPixel HTTP/1.1
Host: secure.bloodsugarformula.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 15:58:19 GMT
content-type: text/javascript; charset=utf-8
content-length: 749
set-cookie: AWSALB=bTdpuw7+EgfldYq7s4Y0AKUzmH6tGcULnqF/MZy913X6Z7EWOqI6EKLD93Le3oIYFnQdZOkzWQHK6pb5TOrzgXFA4P+lx2+wNWlp/YfmMc2SPHa31aCTRADq1OiT; Expires=Sun, 27 Nov 2022 15:58:19 GMT; Path=/
AWSALBCORS=bTdpuw7+EgfldYq7s4Y0AKUzmH6tGcULnqF/MZy913X6Z7EWOqI6EKLD93Le3oIYFnQdZOkzWQHK6pb5TOrzgXFA4P+lx2+wNWlp/YfmMc2SPHa31aCTRADq1OiT; Expires=Sun, 27 Nov 2022 15:58:19 GMT; Path=/; SameSite=None; Secure
server: Apache
x-content-type-options: nosniff
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 0221df1d0f7ec47514a03758ce83f18f
59aaf8e97c727c44933ad992e2d7202f9aee236e
3497027e232c118c1a2484226c8f0eda34db55fa03728990c43bdf7f418acae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
emdlvr.com/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.6
104.21.51.219200 OK 25 kB URL HTTP/2 emdlvr.com/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.6
IP 104.21.51.219:0
Hash ec6ca48661439a9979fb49a6d3eab017
4e5991da4d1ebc9af8dbb4f92d50db211d440b0c
3ea0ebb7eadd9d130b70f14d13dfa2efd6a8c0d9fc42c7cb81d82a0a26eab488
GET /wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.6 HTTP/1.1
Host: emdlvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emdlvr.com/tamr
Cookie: prli_click_76=tamr; prli_visitor=637a4e99729a8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 15:58:17 GMT
content-type: application/javascript
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 23 Oct 2022 08:36:36 GMT
expires: Tue, 22 Nov 2022 10:10:24 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 2440073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0XwfuzKnM8ROnZjRjtNVjCcdS94nu%2FyYielf8wwHnh08%2BudOtReKCFbiGwnIKlPuR2AadD2OejQRslXdcrRQs5jHVmE7FBsZWODkdB%2BAemRk0PWbFvKXGqFR3kp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d262dfecceb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=10720395;type=allvi009;cat=allvi0;ord=1;num=9511905738414;gtm=2wgb90;auiddc=1877520804.1668959899;~oref=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8
142.250.74.2200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10720395;type=allvi009;cat=allvi0;ord=1;num=9511905738414;gtm=2wgb90;auiddc=1877520804.1668959899;~oref=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=10720395;type=allvi009;cat=allvi0;ord=1;num=9511905738414;gtm=2wgb90;auiddc=1877520804.1668959899;~oref=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 15:58:19 GMT
expires: Sun, 20 Nov 2022 15:58:19 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 19f4544c828db59227c011c1dacb0222
5e33a464ded55da55da13ed03de8af5868ee4b97
1c53a0002bb1e7b1923ed81a023d7f76514ba97b15623c2a5ac647298fe1dcf2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6077
Cache-Control: max-age=98773
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:19 GMT
Etag: "637915b3-13a"
Expires: Mon, 21 Nov 2022 19:24:32 GMT
Last-Modified: Sat, 19 Nov 2022 17:43:15 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (16620), with no line terminators
Hash a73a09a868a98d7505575c520aaf6616
ed4e4c3fe9ad7ed18564e5f9aed6a9a68b522c7f
8b22d2e0e3e79c7ea27bf76720b302fd18ba1240fbf8dd99e54ced655d17c8e4
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "c83bb35b39c166b49387a9cb3633d4be:1668418404.864545"
Last-Modified: Mon, 14 Nov 2022 09:17:09 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sun, 20 Nov 2022 16:18:19 GMT
Date: Sun, 20 Nov 2022 15:58:19 GMT
Content-Length: 5276
Connection: keep-alive
d1pqvb2h9xgm7r.cloudfront.net/v1/rt
143.204.42.109204 No Content 0 B URL HTTP/2 d1pqvb2h9xgm7r.cloudfront.net/v1/rt
IP 143.204.42.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/rt HTTP/1.1
Host: d1pqvb2h9xgm7r.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://getbloodsugarformula.com/
Origin: https://getbloodsugarformula.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 20 Nov 2022 01:20:09 GMT
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
access-control-max-age: 300
apigw-requestid: b4EPggKuIAMEbWw=
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: l5A-TD0VIjppPbh0e_uqkXIfNHvFijVoRBm5mMbwq2Zfmbbp9eBvvQ==
age: 52690
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 0221df1d0f7ec47514a03758ce83f18f
59aaf8e97c727c44933ad992e2d7202f9aee236e
3497027e232c118c1a2484226c8f0eda34db55fa03728990c43bdf7f418acae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gum.criteo.com/syncframe?topUrl=getbloodsugarformula.com&origin=onetag
178.250.2.146200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=getbloodsugarformula.com&origin=onetag
IP 178.250.2.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 336d3e015f987a65d205999a49be4805
57a3f572cd89347b5ead196670776134f1f0f69e
9621f1cc5441ed0d364b0fb9986a8c6742af2c5c356e6e4edb432728fe319ff3
GET /syncframe?topUrl=getbloodsugarformula.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 15:58:18 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=338cca7e-28d3-4bcd-a3b7-34864f1e1276; expires=Fri, 15 Dec 2023 15:58:19 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 807494
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6e07952580ed9b0b719f84f99482fa20
b5564e1d1eead2bc9bc28024cd72079dd4636208
3b786eca06c2e0248296acb9207ce8d107d3d4d9f360e1197c10600031b79ed3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2588
Cache-Control: max-age=154644
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:19 GMT
Etag: "6379fd93-1d7"
Expires: Tue, 22 Nov 2022 10:55:43 GMT
Last-Modified: Sun, 20 Nov 2022 10:12:35 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
getbloodsugarformula.com/assets/images/favicon.png
165.22.148.141200 OK 626 B URL HTTP/1.1 getbloodsugarformula.com/assets/images/favicon.png
IP 165.22.148.141:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 6f0a2020c9053d6f433799e6e5f986ea
35705b601ae2479acb095644aafa9650e01a4deb
bbb0b829da5d238a52047711126d4e7220300e904bee550638e315ca524556d4
GET /assets/images/favicon.png HTTP/1.1
Host: getbloodsugarformula.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/watch-the-video?utm_source=cpa&utm_medium=everBS&utm_content=bsugarvsl&utm_campaign=bloodsugarcpaever&affid=361&oid=14&uid=&_ef_transaction_id=&n=614&oid=14&affid=361&sub1=mw1agiop1120bloodsugar&creative_id=8
Cookie: _gcl_au=1.1.1877520804.1668959899; _li_dcdm_c=.getbloodsugarformula.com; _lc2_fpi=081bd5eedc66--01gjaw63bxqaybrhj8hn7n100j; ucacid=1683866409.067992
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 20 Nov 2022 15:58:19 GMT
Content-Type: image/png
Content-Length: 626
Last-Modified: Thu, 22 Jul 2021 07:12:10 GMT
Connection: keep-alive
ETag: "60f91a4a-272"
Expires: Tue, 20 Dec 2022 15:58:19 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
secure.bloodsugarformula.com/cgi-bin/UCAffiliateNetworkPixel?t=0.5423819020537647&r=https%3A%2F%2Femdlvr.com%2F&u=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8
13.248.142.152200 OK 0 B URL HTTP/2 secure.bloodsugarformula.com/cgi-bin/UCAffiliateNetworkPixel?t=0.5423819020537647&r=https%3A%2F%2Femdlvr.com%2F&u=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8
IP 13.248.142.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/UCAffiliateNetworkPixel?t=0.5423819020537647&r=https%3A%2F%2Femdlvr.com%2F&u=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8 HTTP/1.1
Host: secure.bloodsugarformula.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Cookie: AWSALBCORS=bTdpuw7+EgfldYq7s4Y0AKUzmH6tGcULnqF/MZy913X6Z7EWOqI6EKLD93Le3oIYFnQdZOkzWQHK6pb5TOrzgXFA4P+lx2+wNWlp/YfmMc2SPHa31aCTRADq1OiT
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 15:58:19 GMT
content-length: 0
set-cookie: AWSALB=zBzmqYjw/vAA/dMzeJMqGR+VbC3jZv5EEwTuhhHMSeHkqV28XxEEH+sW8ja3wdU8M8+vyBn8enXE8EpllBw/N5hK2qYbCxTbSYpAzCPIEwjb8EwKLk9g0dUlBQpS; Expires=Sun, 27 Nov 2022 15:58:19 GMT; Path=/
AWSALBCORS=zBzmqYjw/vAA/dMzeJMqGR+VbC3jZv5EEwTuhhHMSeHkqV28XxEEH+sW8ja3wdU8M8+vyBn8enXE8EpllBw/N5hK2qYbCxTbSYpAzCPIEwjb8EwKLk9g0dUlBQpS; Expires=Sun, 27 Nov 2022 15:58:19 GMT; Path=/; SameSite=None; Secure
PHR1-ANP=7363; domain=secure.bloodsugarformula.com; path=/; expires=Tue, 20-Dec-2022 15:58:19 GMT; HttpOnly
JSESSIONID=abcC6HmeKdgEQOdhuz-5o; path=/; HttpOnly
LBJSESSIONID=abcC6HmeKdgEQOdhuz-5o.n223; path=/; HttpOnly
server: Apache
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash b4fba3d0cb0fb328645972b963b7f135
a64c095c1f9c651eccf2545891c2715c601bb11c
50e9b6ee0962956c128d1c28fe01b8a7f56525a6d292455c671694dd051879f8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1890
Cache-Control: max-age=153247
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:19 GMT
Etag: "6379fad8-138"
Expires: Tue, 22 Nov 2022 10:32:26 GMT
Last-Modified: Sun, 20 Nov 2022 10:00:56 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash b4fba3d0cb0fb328645972b963b7f135
a64c095c1f9c651eccf2545891c2715c601bb11c
50e9b6ee0962956c128d1c28fe01b8a7f56525a6d292455c671694dd051879f8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1887
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:19 GMT
Last-Modified: Sun, 20 Nov 2022 15:26:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6e07952580ed9b0b719f84f99482fa20
b5564e1d1eead2bc9bc28024cd72079dd4636208
3b786eca06c2e0248296acb9207ce8d107d3d4d9f360e1197c10600031b79ed3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3472
Cache-Control: max-age=155528
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:19 GMT
Etag: "6379fd93-1d7"
Expires: Tue, 22 Nov 2022 11:10:27 GMT
Last-Modified: Sun, 20 Nov 2022 10:12:35 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 20 Nov 2022 15:58:19 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 1fe9909ddb7047ac6007372de166a9cc
c587a2ed422d0fb971d3405414248500d9e9b741
9600bbcb0b456ea7867d39751c580bc7be7e3ec3a5c44a2937043ec4c39b380c
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 20 Nov 2022 15:58:19 GMT
server: ESF
cache-control: private
content-length: 31044
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d1pqvb2h9xgm7r.cloudfront.net/v1/rt
143.204.42.109204 No Content 0 B URL HTTP/2 d1pqvb2h9xgm7r.cloudfront.net/v1/rt
IP 143.204.42.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/rt HTTP/1.1
Host: d1pqvb2h9xgm7r.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://getbloodsugarformula.com/
Origin: https://getbloodsugarformula.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 20 Nov 2022 01:20:09 GMT
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
access-control-max-age: 300
apigw-requestid: b4EPggKuIAMEbWw=
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wBpPZ-jGrOkbIvZiTRA_-7pPNvA28sE__wo3MGszBkXkONDAECUPSg==
age: 52690
X-Firefox-Spdy: h2
s.pinimg.com/ct/core.js
23.38.200.197200 OK 1.1 kB IP 23.38.200.197:0
File type ASCII text, with very long lines (1146), with no line terminators
Hash 8d9d0550c915347e312e24f00d311e50
cb44712b22cb011b759da4e741b543238839c735
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "8d9d0550c915347e312e24f00d311e50"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
d1pqvb2h9xgm7r.cloudfront.net/v1/rt
143.204.42.109200 OK 35 B URL HTTP/2 d1pqvb2h9xgm7r.cloudfront.net/v1/rt
IP 143.204.42.109:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 475f17a5b4cbad6f74b12d209cc6eb57
802d6e3d48cbbbad5531c0694feef0eb6f818e14
0233e7f8880750dd606cb8b2d005219f0bb158c8a54966867f9049df8b48dda1
POST /v1/rt HTTP/1.1
Host: d1pqvb2h9xgm7r.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 574
Origin: https://getbloodsugarformula.com
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 35
date: Sun, 20 Nov 2022 15:58:19 GMT
server: Apache
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: date, x-api-id
apigw-requestid: b6E4Wj7LoAMEbyg=
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZnkgG6hUwKl5naHrPeKHOMDbDSAWDKLnrWOxYInhfevCTXhAgEUMYg==
X-Firefox-Spdy: h2
rp.liadm.com/j?dtstmp=1668959899184&aid=a-06yf&se=e30&duid=081bd5eedc66--01gjaw63bxqaybrhj8hn7n100j&tna=v2.5.1&pu=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8&wpn=lc-bundle&refr=https%3A%2F%2Femdlvr.com%2F&c=PHRpdGxlPkJsb29kIFN1Z2FyIEZvcm11bGE8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJOYXR1cmFsbHkgaGVscHMgYmFsYW5jZSBjaG9sZXN0ZXJvbCBsZXZlbHMsIGZpZ2h0IG94aWRhdGlvbiwgcmVkdWNlIG51bWJuZXNzIGluIGhhbmRzIGFuZCBmZWV0LCBzdXBwb3J0IGhlYWx0aHkgYmxvb2QgdmVzc2VscyBhbmQgYmxvb2Qgc3VnYXIgbGV2ZWxzISI-
3.223.51.75302 Found 0 B URL HTTP/2 rp.liadm.com/j?dtstmp=1668959899184&aid=a-06yf&se=e30&duid=081bd5eedc66--01gjaw63bxqaybrhj8hn7n100j&tna=v2.5.1&pu=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8&wpn=lc-bundle&refr=https%3A%2F%2Femdlvr.com%2F&c=PHRpdGxlPkJsb29kIFN1Z2FyIEZvcm11bGE8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJOYXR1cmFsbHkgaGVscHMgYmFsYW5jZSBjaG9sZXN0ZXJvbCBsZXZlbHMsIGZpZ2h0IG94aWRhdGlvbiwgcmVkdWNlIG51bWJuZXNzIGluIGhhbmRzIGFuZCBmZWV0LCBzdXBwb3J0IGhlYWx0aHkgYmxvb2QgdmVzc2VscyBhbmQgYmxvb2Qgc3VnYXIgbGV2ZWxzISI-
IP 3.223.51.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j?dtstmp=1668959899184&aid=a-06yf&se=e30&duid=081bd5eedc66--01gjaw63bxqaybrhj8hn7n100j&tna=v2.5.1&pu=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8&wpn=lc-bundle&refr=https%3A%2F%2Femdlvr.com%2F&c=PHRpdGxlPkJsb29kIFN1Z2FyIEZvcm11bGE8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJOYXR1cmFsbHkgaGVscHMgYmFsYW5jZSBjaG9sZXN0ZXJvbCBsZXZlbHMsIGZpZ2h0IG94aWRhdGlvbiwgcmVkdWNlIG51bWJuZXNzIGluIGhhbmRzIGFuZCBmZWV0LCBzdXBwb3J0IGhlYWx0aHkgYmxvb2QgdmVzc2VscyBhbmQgYmxvb2Qgc3VnYXIgbGV2ZWxzISI- HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getbloodsugarformula.com
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 20 Nov 2022 15:58:19 GMT
content-length: 0
trace-id: 2ac34b3434951f5a
vary: Origin
location: /j?dtstmp=1668959899184&aid=a-06yf&se=e30&duid=081bd5eedc66--01gjaw63bxqaybrhj8hn7n100j&tna=v2.5.1&pu=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8&wpn=lc-bundle&refr=https%3A%2F%2Femdlvr.com%2F&c=PHRpdGxlPkJsb29kIFN1Z2FyIEZvcm11bGE8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJOYXR1cmFsbHkgaGVscHMgYmFsYW5jZSBjaG9sZXN0ZXJvbCBsZXZlbHMsIGZpZ2h0IG94aWRhdGlvbiwgcmVkdWNlIG51bWJuZXNzIGluIGhhbmRzIGFuZCBmZWV0LCBzdXBwb3J0IGhlYWx0aHkgYmxvb2QgdmVzc2VscyBhbmQgYmxvb2Qgc3VnYXIgbGV2ZWxzISI-&n3pc=true
set-cookie: lidid=f6e1fcd2-bb53-4f0e-8b54-86dc7cc1955d; Max-Age=63072000; Expires=Tue, 19 Nov 2024 15:58:19 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://getbloodsugarformula.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aef3984dc528d9c6aeaeb62752f5c01d
56a959993eb3e2dbc1047ac8f0477cc279631b48
099598c1ff8acfd47c6800ef89c25d0723e7cc8a2ca67bc7a5191c6a84e3c821
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5593
Cache-Control: max-age=110882
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:19 GMT
Etag: "637946e4-1d7"
Expires: Mon, 21 Nov 2022 22:46:21 GMT
Last-Modified: Sat, 19 Nov 2022 21:13:08 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aef3984dc528d9c6aeaeb62752f5c01d
56a959993eb3e2dbc1047ac8f0477cc279631b48
099598c1ff8acfd47c6800ef89c25d0723e7cc8a2ca67bc7a5191c6a84e3c821
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4001
Cache-Control: max-age=109289
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:19 GMT
Etag: "637946e4-1d7"
Expires: Mon, 21 Nov 2022 22:19:48 GMT
Last-Modified: Sat, 19 Nov 2022 21:13:08 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ecf20bb738504255b997d0f8d32f84da
4083bb312c0263ccdbccdd6e157060d3f85996c7
65a66ce857bb2fd22d467c16a4f405faf4a50700a8fd1a4b8c5b903df10c4aaf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/YkfklCtf3s5-_1quWHAnTHHVaBZ-i7ToAeXFpu3i2Ro.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/YkfklCtf3s5-_1quWHAnTHHVaBZ-i7ToAeXFpu3i2Ro.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36162)
Hash e9bf756aa2fac02f3307febffa242635
d0da1ab271c03a49fe6499a38e6f3c34d396c5d4
12655f58f30c13fae1942aae99ace0d8e450ead33ec120b89d78fd98a279e0bb
GET /js/th/YkfklCtf3s5-_1quWHAnTHHVaBZ-i7ToAeXFpu3i2Ro.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14349
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 05:04:55 GMT
expires: Wed, 15 Nov 2023 05:04:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
age: 471204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.9a94ee76.js
23.38.200.197200 OK 21 kB URL HTTP/2 s.pinimg.com/ct/lib/main.9a94ee76.js
IP 23.38.200.197:0
File type Unicode text, UTF-8 text, with very long lines (59858), with no line terminators
Hash e43867aadc515024dd460d8611098a12
c4fd1b2ace2f8a96a38e4b4996be8d7c46fdfd3f
76d528cb411bf6ff7fd77619aa507bec3bdf7f02063add1d9fe9009088f78d98
GET /ct/lib/main.9a94ee76.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "e43867aadc515024dd460d8611098a12"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 20728
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d418191564a2a363ad0d5a244e5ba2ba
37fa564547b44eb40c23eb6e0a454e14d9458642
06da7d01b65ecc80c1b9b3fe0712fdd9c714cfe39ceb3e699491b34b8f855734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tr.outbrain.com/unifiedPixel?marketerId=00d6bb52b7c8b7c2fd34fe63f991bdf564&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8&optOut=false&bust=09418442808059851&referrer=https%3A%2F%2Femdlvr.com%2F
64.202.112.127200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00d6bb52b7c8b7c2fd34fe63f991bdf564&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8&optOut=false&bust=09418442808059851&referrer=https%3A%2F%2Femdlvr.com%2F
IP 64.202.112.127:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00d6bb52b7c8b7c2fd34fe63f991bdf564&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8&optOut=false&bust=09418442808059851&referrer=https%3A%2F%2Femdlvr.com%2F HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 15:58:19 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 40570cd4c1c1a62521147387134799a3
content-encoding: gzip
yt3.ggpht.com/ytc/AMLnZu-GnzJ7ZGkXHEDi-xd3PCUUsHKBivKOYdyn76DVKw=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.3 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-GnzJ7ZGkXHEDi-xd3PCUUsHKBivKOYdyn76DVKw=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 94cf9183dce53a511af48c858e88fa3c
33269aff376016773011e7f9d4f88c0b66697a48
d68c9ecb951aa1a3af288e3b7b7dc7944c3e485df5be778af4ff82b801899e18
GET /ytc/AMLnZu-GnzJ7ZGkXHEDi-xd3PCUUsHKBivKOYdyn76DVKw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1275
x-xss-protection: 0
date: Sun, 20 Nov 2022 15:39:37 GMT
expires: Sun, 06 Nov 2022 06:01:07 GMT
cache-control: public, max-age=86400, no-transform
age: 1122
etag: "vf6"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=00d6bb52b7c8b7c2fd34fe63f991bdf564
64.202.112.127200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00d6bb52b7c8b7c2fd34fe63f991bdf564
IP 64.202.112.127:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00d6bb52b7c8b7c2fd34fe63f991bdf564 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 15:58:19 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 1433314890eaa93274953b7ca979b77e
content-encoding: gzip
rp.liadm.com/j?dtstmp=1668959899184&aid=a-06yf&se=e30&duid=081bd5eedc66--01gjaw63bxqaybrhj8hn7n100j&tna=v2.5.1&pu=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8&wpn=lc-bundle&refr=https%3A%2F%2Femdlvr.com%2F&c=PHRpdGxlPkJsb29kIFN1Z2FyIEZvcm11bGE8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJOYXR1cmFsbHkgaGVscHMgYmFsYW5jZSBjaG9sZXN0ZXJvbCBsZXZlbHMsIGZpZ2h0IG94aWRhdGlvbiwgcmVkdWNlIG51bWJuZXNzIGluIGhhbmRzIGFuZCBmZWV0LCBzdXBwb3J0IGhlYWx0aHkgYmxvb2QgdmVzc2VscyBhbmQgYmxvb2Qgc3VnYXIgbGV2ZWxzISI-&n3pc=true
3.223.51.75200 OK 13 B URL HTTP/2 rp.liadm.com/j?dtstmp=1668959899184&aid=a-06yf&se=e30&duid=081bd5eedc66--01gjaw63bxqaybrhj8hn7n100j&tna=v2.5.1&pu=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8&wpn=lc-bundle&refr=https%3A%2F%2Femdlvr.com%2F&c=PHRpdGxlPkJsb29kIFN1Z2FyIEZvcm11bGE8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJOYXR1cmFsbHkgaGVscHMgYmFsYW5jZSBjaG9sZXN0ZXJvbCBsZXZlbHMsIGZpZ2h0IG94aWRhdGlvbiwgcmVkdWNlIG51bWJuZXNzIGluIGhhbmRzIGFuZCBmZWV0LCBzdXBwb3J0IGhlYWx0aHkgYmxvb2QgdmVzc2VscyBhbmQgYmxvb2Qgc3VnYXIgbGV2ZWxzISI-&n3pc=true
IP 3.223.51.75:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 97efe0b7ee61e154d57e80758bb797d8
810b4e115fe9f5ae697666febf2a9abf0b21c9ec
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
GET /j?dtstmp=1668959899184&aid=a-06yf&se=e30&duid=081bd5eedc66--01gjaw63bxqaybrhj8hn7n100j&tna=v2.5.1&pu=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8&wpn=lc-bundle&refr=https%3A%2F%2Femdlvr.com%2F&c=PHRpdGxlPkJsb29kIFN1Z2FyIEZvcm11bGE8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJOYXR1cmFsbHkgaGVscHMgYmFsYW5jZSBjaG9sZXN0ZXJvbCBsZXZlbHMsIGZpZ2h0IG94aWRhdGlvbiwgcmVkdWNlIG51bWJuZXNzIGluIGhhbmRzIGFuZCBmZWV0LCBzdXBwb3J0IGhlYWx0aHkgYmxvb2QgdmVzc2VscyBhbmQgYmxvb2Qgc3VnYXIgbGV2ZWxzISI-&n3pc=true HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getbloodsugarformula.com
Referer: https://getbloodsugarformula.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 15:58:19 GMT
content-type: application/json
content-length: 13
trace-id: aacb8de0a8045dad
vary: Origin
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: 702fd93b-360d-4f55-9646-b5f636098d07
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://getbloodsugarformula.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d418191564a2a363ad0d5a244e5ba2ba
37fa564547b44eb40c23eb6e0a454e14d9458642
06da7d01b65ecc80c1b9b3fe0712fdd9c714cfe39ceb3e699491b34b8f855734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1pqvb2h9xgm7r.cloudfront.net/v1/rt
143.204.42.109200 OK 35 B URL HTTP/2 d1pqvb2h9xgm7r.cloudfront.net/v1/rt
IP 143.204.42.109:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 475f17a5b4cbad6f74b12d209cc6eb57
802d6e3d48cbbbad5531c0694feef0eb6f818e14
0233e7f8880750dd606cb8b2d005219f0bb158c8a54966867f9049df8b48dda1
POST /v1/rt HTTP/1.1
Host: d1pqvb2h9xgm7r.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 619
Origin: https://getbloodsugarformula.com
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 35
date: Sun, 20 Nov 2022 15:58:19 GMT
server: Apache
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: date, x-api-id
apigw-requestid: b6E4ZiIiIAMEVMg=
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: BZV7VZJavjhI2GV4bHOv5rClvLRQtlTblMSo5_E3NIljoeZlxfWMwQ==
X-Firefox-Spdy: h2
www.ibph4trk.com/sdk/click?effp=531e0abc63b0a3d92e656259ec49c2bc&_ef_transaction_id=&oid=14&affid=361&__cc=&async=json&uid=&sub1=mw1agiop1120bloodsugar
35.244.130.28200 OK 86 B URL HTTP/2 www.ibph4trk.com/sdk/click?effp=531e0abc63b0a3d92e656259ec49c2bc&_ef_transaction_id=&oid=14&affid=361&__cc=&async=json&uid=&sub1=mw1agiop1120bloodsugar
IP 35.244.130.28:0
File type JSON data\012- , ASCII text
Hash 68741351e777af321dc008a919320a23
537d685ebd553169d8269d7f5a48ad2955eda62f
f0e1a279cc0254b15d5db5ff124ce3e5283a51830004cb747416ecf82e6b6452
GET /sdk/click?effp=531e0abc63b0a3d92e656259ec49c2bc&_ef_transaction_id=&oid=14&affid=361&__cc=&async=json&uid=&sub1=mw1agiop1120bloodsugar HTTP/1.1
Host: www.ibph4trk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getbloodsugarformula.com/
Origin: https://getbloodsugarformula.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 15:58:20 GMT
content-type: application/json; charset=utf-8
content-length: 86
access-control-allow-credentials: true
access-control-allow-origin: https://getbloodsugarformula.com
set-cookie: uniqueClick=7448b9c2-ca93-4168-a3b8-9bab385ccb45:1668959900; Path=/; Expires=Mon, 21 Nov 2022 15:58:20 GMT; Secure; SameSite=None
transaction_id=9b5dd39604294b17a8f6998f7b9352ef; Path=/; Expires=Sat, 18 Feb 2023 15:58:20 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: b468690c-cb81-477b-8d15-76380c1c6561
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=810524130072458&ev=PageView&dl=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8&rl=https%3A%2F%2Femdlvr.com%2F&if=false&ts=1668959900037&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668959900029.1079344432&it=1668959899728&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=810524130072458&ev=PageView&dl=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8&rl=https%3A%2F%2Femdlvr.com%2F&if=false&ts=1668959900037&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668959900029.1079344432&it=1668959899728&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=810524130072458&ev=PageView&dl=https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8&rl=https%3A%2F%2Femdlvr.com%2F&if=false&ts=1668959900037&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668959900029.1079344432&it=1668959899728&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 20 Nov 2022 15:58:20 GMT
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2613101000314&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1668959900067&dep=2%2CPAGE_LOAD
23.38.200.197200 OK 373 B URL HTTP/2 ct.pinterest.com/user/?tid=2613101000314&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1668959900067&dep=2%2CPAGE_LOAD
IP 23.38.200.197:0
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash 7c95bf1e7580e7dfa7f4f5c10b0addd9
a1e3954cd6a0d4a5fc0a6c344d91e6c24504722b
1f8cb83a1e4eedc470a6d0c6acc5f5ff13fa65639378a8a14d5db82e288b2e17
GET /user/?tid=2613101000314&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1668959900067&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getbloodsugarformula.com
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU1qVXdOalExTlRBdFpHWXpOaTAwTWpSaUxXRmlNemN0T1dZeU4yVXhNMk15WkRCaA
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://getbloodsugarformula.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 373
x-envoy-upstream-service-time: 0
referrer-policy: origin
x-pinterest-rid: 4199494132986353
date: Sun, 20 Nov 2022 15:58:20 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1668959900.999721ff
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2613101000314&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8%22%2C%22ref%22%3A%22https%3A%2F%2Femdlvr.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1668959900068
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2613101000314&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8%22%2C%22ref%22%3A%22https%3A%2F%2Femdlvr.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1668959900068
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2613101000314&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8%22%2C%22ref%22%3A%22https%3A%2F%2Femdlvr.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1668959900068 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1488566481924237
date: Sun, 20 Nov 2022 15:58:20 GMT
akamai-grn: 0.274f2417.1668959900.999721fc
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613101000314&cb=1668959900217&dep=5%2CEVENT_TAGS_ABSENT
23.38.200.197200 OK 373 B URL HTTP/2 ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613101000314&cb=1668959900217&dep=5%2CEVENT_TAGS_ABSENT
IP 23.38.200.197:0
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash 7c95bf1e7580e7dfa7f4f5c10b0addd9
a1e3954cd6a0d4a5fc0a6c344d91e6c24504722b
1f8cb83a1e4eedc470a6d0c6acc5f5ff13fa65639378a8a14d5db82e288b2e17
GET /user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613101000314&cb=1668959900217&dep=5%2CEVENT_TAGS_ABSENT HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getbloodsugarformula.com
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPVlUa3pPV0V4TVdJdE9HRmlZUzAwTkRGa0xXRmxNalF0WlRJeFpHTXhZemd4TVdObQ
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://getbloodsugarformula.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 373
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 2157479275647913
date: Sun, 20 Nov 2022 15:58:20 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1668959900.9997236f
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d5ccc6ed714b650846fefb0a8e24ca22
30521fa613dcb97b95ad3baab58c4446482d5061
ef46e9367b670662ae596685c5f27da1bf065e714ef2e86c65d5267a188d08d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-55722554-1&cid=1868565358.1668959899&jid=892369750&gjid=1896368162&_gid=1031016560.1668959899&_u=aGBACEAARAAAACAAI~&z=1883961619
142.251.1.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-55722554-1&cid=1868565358.1668959899&jid=892369750&gjid=1896368162&_gid=1031016560.1668959899&_u=aGBACEAARAAAACAAI~&z=1883961619
IP 142.251.1.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-55722554-1&cid=1868565358.1668959899&jid=892369750&gjid=1896368162&_gid=1031016560.1668959899&_u=aGBACEAARAAAACAAI~&z=1883961619 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://getbloodsugarformula.com
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://getbloodsugarformula.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 20 Nov 2022 15:58:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dynamic.criteo.com/js/ld/ld.js?a=83723
178.250.0.147200 OK 15 kB URL HTTP/2 dynamic.criteo.com/js/ld/ld.js?a=83723
IP 178.250.0.147:0
File type ASCII text, with very long lines (43225)
Hash 65cb697629cd2ff0b4d26a85395edba8
3e4cad74e810192e788c946d423a9caf7ce87a5f
f1ddbecca3e9ae57c904cb6a7e9f72e99dcfa6668f9305afaca98b1c87a67a76
GET /js/ld/ld.js?a=83723 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 15:58:18 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 20 Nov 2022 15:58:20 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7c88df2207b55c5d7162965694ccbd4c
4584e9cb0fc0dfc1e487f29d1d6fd45f72190b5f
ea555d5cdf27447eb07482c4835f251630425d4281dc9cc9abc5db5aedb6ff2b
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1148
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 20 Nov 2022 15:58:20 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 449 B IP 178.250.2.146:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (671), with no line terminators
Hash ea3b8d18e20cef745a42a79d1bfec51e
feb02570775c5001d1b464b11663d9c61f0b19af
e6f0b269022ff774f49a8d9b53515226017d6b86ac5fe50183dfd4d7530419d2
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=oPEqQV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dHSWdTWlZRejMyZWYyQVRwamtIU0ExckRvc1UlMkZzNDBKaHNrZklXMmt3SA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 15:58:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=X9g6iF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dHSWdTWlZRejMyZWYyQVRwamtIU0F4VHpQcjk5aGtxZ21pWHUwdzI0ckQ; expires=Fri, 15 Dec 2023 15:58:20 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 340088
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 2331b69315c4794c4b1070eafef1886e
55249968046b55280bde75b9ce4a970878392c69
b70f17583bb857bbd7a5105e5d314f5872f37b7157d3cd96d17d07fb68a5152f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 42 B URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: du51SBf977LXsZyEqLtW3zkVxWfAU3B0HOj0X1Whz7E+dXaX7Bg6WlKhP7+jvovIL0lUGlOtlFMwD8OX9xxt+A==
content-length: 27340
x-fb-trip-id: 1679558926
date: Sun, 20 Nov 2022 15:58:19 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613101000314&cb=1668959900579&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU1qVXdOalExTlRBdFpHWXpOaTAwTWpSaUxXRmlNemN0T1dZeU4yVXhNMk15WkRCaA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8%22%2C%22ref%22%3A%22https%3A%2F%2Femdlvr.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613101000314&cb=1668959900579&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU1qVXdOalExTlRBdFpHWXpOaTAwTWpSaUxXRmlNemN0T1dZeU4yVXhNMk15WkRCaA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8%22%2C%22ref%22%3A%22https%3A%2F%2Femdlvr.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613101000314&cb=1668959900579&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU1qVXdOalExTlRBdFpHWXpOaTAwTWpSaUxXRmlNemN0T1dZeU4yVXhNMk15WkRCaA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fgetbloodsugarformula.com%2Fwatch-the-video%3Futm_source%3Dcpa%26utm_medium%3DeverBS%26utm_content%3Dbsugarvsl%26utm_campaign%3Dbloodsugarcpaever%26affid%3D361%26oid%3D14%26uid%3D%26_ef_transaction_id%3D%26n%3D614%26oid%3D14%26affid%3D361%26sub1%3Dmw1agiop1120bloodsugar%26creative_id%3D8%22%2C%22ref%22%3A%22https%3A%2F%2Femdlvr.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 1564700212948115
date: Sun, 20 Nov 2022 15:58:20 GMT
set-cookie: _pinterest_ct_ua="TWc9PSZEemlFVUxZN1ZWdDViTk9yUDBQeHllZmFuejlrRnljSWRVc2dJaFdsZ2ZNUkN6bTlnZ0FzN3lza08xZnBSWk1xRzU0a24xZjhsdlloaVlWd2s3Wkk5RkI4YWF6ZC9pT1NCZWprT0ZGT3RjYz0mMjdvei9uV1YxTC9JNGZsL2FsSWRyclFDR2VJPQ=="; Expires=Mon, 20 Nov 2023 15:58:20 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.274f2417.1668959900.99972a17
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-55722554-1&cid=1868565358.1668959899&jid=892369750&_u=aGBACEAARAAAACAAI~&z=1300278436
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-55722554-1&cid=1868565358.1668959899&jid=892369750&_u=aGBACEAARAAAACAAI~&z=1300278436
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-55722554-1&cid=1868565358.1668959899&jid=892369750&_u=aGBACEAARAAAACAAI~&z=1300278436 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 15:58:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 16ff61f559078afb0f0e72d65613ce83
321231624c14958c784bcbf7cb97aec02cce0866
c8b98f9cc81276dd355058b599638a6027c95444dc7ec55ed83bee89e58edba2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/GBxBCwW6uCo/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgZShlMA8=&rs=AOn4CLBIAsfiDSjrHpDEtyJLQdWbwGNakQ
142.250.74.150200 OK 56 kB URL HTTP/2 i.ytimg.com/vi/GBxBCwW6uCo/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgZShlMA8=&rs=AOn4CLBIAsfiDSjrHpDEtyJLQdWbwGNakQ
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 0a9e4925b3e071201727ea63dea361c0
80b9025384156827f9f4043abc8a55276220ca2c
6c49e174a1e960cf37203fcf6bd34c9bae02de09a5be58b0ac959126b2eaf052
GET /vi/GBxBCwW6uCo/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgZShlMA8=&rs=AOn4CLBIAsfiDSjrHpDEtyJLQdWbwGNakQ HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 55939
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 20 Nov 2022 15:58:20 GMT
expires: Sun, 20 Nov 2022 17:58:20 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 16ff61f559078afb0f0e72d65613ce83
321231624c14958c784bcbf7cb97aec02cce0866
c8b98f9cc81276dd355058b599638a6027c95444dc7ec55ed83bee89e58edba2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668981499&ei=m056Y7WuJpeo7QTR1I-gBg&ip=91.90.42.154&id=o-AGiOPrSNlfw2EGAVaqIDglYGKZp6FTOnml4Wv-DhfHqr&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=oH&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7r&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1411250&spc=SFxXNsxWdr97QpYRETocKDN4G4nv5T4&vprv=1&mime=video%2Fwebm&ns=xF9DYbbjnyUtH7hXcVXv97AJ&otf=1&otfp=1&dur=0.000&lmt=1664372329592311&mt=1668959582&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=IpbBQamwxpd2Zg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAM7_c3rYU_cmXdp4RMK_iDo1CNG1tv5AyfgwAUD0qk5UAiA86e8b55D1aE07ChsZ86Vj9XbY4nQXYTZLOPkwUMmL0g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAOCo1MOmMCZz-2KGkSYOIdQJl9FjEfd4iO-OmekxmN7wAiA5V_2QHzqUq-SjYx6XsXg589Yw0ifdE2H9lBOa6mkTjg%3D%3D&alr=yes&cpn=mtpgMsWANwtAoyWK&cver=1.20221116.01.00&sq=0&rn=1&rbuf=0
91.90.45.173200 OK 280 B URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668981499&ei=m056Y7WuJpeo7QTR1I-gBg&ip=91.90.42.154&id=o-AGiOPrSNlfw2EGAVaqIDglYGKZp6FTOnml4Wv-DhfHqr&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=oH&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7r&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1411250&spc=SFxXNsxWdr97QpYRETocKDN4G4nv5T4&vprv=1&mime=video%2Fwebm&ns=xF9DYbbjnyUtH7hXcVXv97AJ&otf=1&otfp=1&dur=0.000&lmt=1664372329592311&mt=1668959582&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=IpbBQamwxpd2Zg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAM7_c3rYU_cmXdp4RMK_iDo1CNG1tv5AyfgwAUD0qk5UAiA86e8b55D1aE07ChsZ86Vj9XbY4nQXYTZLOPkwUMmL0g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAOCo1MOmMCZz-2KGkSYOIdQJl9FjEfd4iO-OmekxmN7wAiA5V_2QHzqUq-SjYx6XsXg589Yw0ifdE2H9lBOa6mkTjg%3D%3D&alr=yes&cpn=mtpgMsWANwtAoyWK&cver=1.20221116.01.00&sq=0&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 3f9c39405faee2ae5eb7256d390b541f
3eb0865a99516875987bf55249b00c52aaf7c7e1
a2b792073c55be5ff869c5ae278055e74190d86c4f983731baeb31984499d4aa
GET /videoplayback?expire=1668981499&ei=m056Y7WuJpeo7QTR1I-gBg&ip=91.90.42.154&id=o-AGiOPrSNlfw2EGAVaqIDglYGKZp6FTOnml4Wv-DhfHqr&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=oH&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7r&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1411250&spc=SFxXNsxWdr97QpYRETocKDN4G4nv5T4&vprv=1&mime=video%2Fwebm&ns=xF9DYbbjnyUtH7hXcVXv97AJ&otf=1&otfp=1&dur=0.000&lmt=1664372329592311&mt=1668959582&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=IpbBQamwxpd2Zg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAM7_c3rYU_cmXdp4RMK_iDo1CNG1tv5AyfgwAUD0qk5UAiA86e8b55D1aE07ChsZ86Vj9XbY4nQXYTZLOPkwUMmL0g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAOCo1MOmMCZz-2KGkSYOIdQJl9FjEfd4iO-OmekxmN7wAiA5V_2QHzqUq-SjYx6XsXg589Yw0ifdE2H9lBOa6mkTjg%3D%3D&alr=yes&cpn=mtpgMsWANwtAoyWK&cver=1.20221116.01.00&sq=0&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 28 Oct 2022 20:15:14 GMT
Content-Type: video/webm
Date: Sun, 20 Nov 2022 15:58:20 GMT
Expires: Sun, 20 Nov 2022 15:58:20 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 280
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 2331b69315c4794c4b1070eafef1886e
55249968046b55280bde75b9ce4a970878392c69
b70f17583bb857bbd7a5105e5d314f5872f37b7157d3cd96d17d07fb68a5152f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 15:58:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1pqvb2h9xgm7r.cloudfront.net/v1/rt
143.204.42.109204 No Content 0 B URL HTTP/2 d1pqvb2h9xgm7r.cloudfront.net/v1/rt
IP 143.204.42.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/rt HTTP/1.1
Host: d1pqvb2h9xgm7r.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://getbloodsugarformula.com/
Origin: https://getbloodsugarformula.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 20 Nov 2022 01:20:09 GMT
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
access-control-max-age: 300
apigw-requestid: b4EPggKuIAMEbWw=
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 26XAUDqJgIzEWlPlBWLlHNU60expnUBpodpkTGcHgjUKryFlbJZqFQ==
age: 52691
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=getbloodsugarformula.com&sn=FirefoxSyncframe&so=0&topUrl=getbloodsugarformula.com&info=X9g6iF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dHSWdTWlZRejMyZWYyQVRwamtIU0F4VHpQcjk5aGtxZ21pWHUwdzI0ckQ&idsd=1255077022,97421311&cw=1&lsw=1
178.250.2.146200 OK 319 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=getbloodsugarformula.com&sn=FirefoxSyncframe&so=0&topUrl=getbloodsugarformula.com&info=X9g6iF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dHSWdTWlZRejMyZWYyQVRwamtIU0F4VHpQcjk5aGtxZ21pWHUwdzI0ckQ&idsd=1255077022,97421311&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with very long lines (391), with no line terminators
Hash 65b926963637760fe0a3f8bfa1bb1257
677b4ed2913306756b8129ef6e540d59fceca675
702bcd0f31977833efd4e267bd16a229e3d364a9fec52bcdc849c550060214d8
GET /sid/json?origin=onetag&domain=getbloodsugarformula.com&sn=FirefoxSyncframe&so=0&topUrl=getbloodsugarformula.com&info=X9g6iF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dHSWdTWlZRejMyZWYyQVRwamtIU0F4VHpQcjk5aGtxZ21pWHUwdzI0ckQ&idsd=1255077022,97421311&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=getbloodsugarformula.com&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 15:58:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1394056
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash ede8e3b268c819f4343e2677437ddfe6
817587715d0ac6ca2a83b03f031ece866d8662ea
fc33d9b26b0dcb3daff6678768ed93c11d9ed7cd6ce651b218bda9edf0daf530
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 20 Nov 2022 15:58:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 19 Nov 2022 20:46:14 GMT
Expires: Sun, 20 Nov 2022 20:46:14 GMT
ETag: "817587715d0ac6ca2a83b03f031ece866d8662ea"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
d1pqvb2h9xgm7r.cloudfront.net/v1/rt
143.204.42.109200 OK 35 B URL HTTP/2 d1pqvb2h9xgm7r.cloudfront.net/v1/rt
IP 143.204.42.109:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 475f17a5b4cbad6f74b12d209cc6eb57
802d6e3d48cbbbad5531c0694feef0eb6f818e14
0233e7f8880750dd606cb8b2d005219f0bb158c8a54966867f9049df8b48dda1
POST /v1/rt HTTP/1.1
Host: d1pqvb2h9xgm7r.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 303
Origin: https://getbloodsugarformula.com
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 35
date: Sun, 20 Nov 2022 15:58:21 GMT
server: Apache
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: date, x-api-id
apigw-requestid: b6E4mi07oAMEVtQ=
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qsBC8JbrYXne42-YCCIcyyrfY0bcsHqNRQsw7fKM6W2wLL0o59Lw4A==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6847812-c6dd-4bf9-a8fc-9fdd19604f07.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6847812-c6dd-4bf9-a8fc-9fdd19604f07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa9aba4cb1cc96d2b04905f45c902c45
dd7c1a17f049319bc8f11a5ee6905fa240d1ffc5
2f18c3906096fcead96dc14f0b5976e6573c4825e8c4948f171a67c5920ca684
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6847812-c6dd-4bf9-a8fc-9fdd19604f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11597
x-amzn-requestid: 28c7761b-1ffd-4abf-ae2b-51a2d1b07538
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1jHdGbwoAMFqrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63787efc-2f2258bb2fcd48340e08110f;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:00:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: PONP22tGAWF-ZUrQ-FpTAV6_hoaILBamhC-eSqkPL50-OdxlFJannA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 58b8655e3ea662bad02cac6b9d4c88ba.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 08:02:14 GMT
age: 28571
etag: "dd7c1a17f049319bc8f11a5ee6905fa240d1ffc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
emdlvr.com/tamr
104.21.51.219200 OK 0 B IP 104.21.51.219:0
Analyzer Verdict Alert fortinet Phishing
GET /tamr HTTP/1.1
Host: emdlvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 15:58:17 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Executive 3.2.6 http://prettylink.com
set-cookie: prli_click_76=tamr; expires=Tue, 20-Dec-2022 15:58:17 GMT; Max-Age=2592000; path=/
prli_visitor=637a4e99729a8; expires=Mon, 20-Nov-2023 15:58:17 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMoQbCHdF0D98uX6gQai6YXt2Y9U9FHfHB6enz8x0C%2BSwqS3FNrkkacZCfA1y8PzUBwG7B%2BGU94iYZfqHEDqKWX%2F5uPjO1YBBJLNhiRsIv1Bfcb4pFytcWMpCADz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d262de1a54b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube-nocookie.com/embed/GBxBCwW6uCo?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
142.250.74.142200 OK 0 B URL HTTP/2 www.youtube-nocookie.com/embed/GBxBCwW6uCo?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
IP 142.250.74.142:0
GET /embed/GBxBCwW6uCo?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3 HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 20 Nov 2022 15:58:18 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+911; expires=Tue, 19-Nov-2024 15:58:18 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
b-code.liadm.com/a-06yf.min.js
143.204.55.129200 OK 0 B URL HTTP/2 b-code.liadm.com/a-06yf.min.js
IP 143.204.55.129:0
GET /a-06yf.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 19 Nov 2022 16:10:27 GMT
cache-control: "public, max-age=86400"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xfYDVpHqpJZWnT-hMQhkkRxDv9ju3fXjAaD0v6ZoFZ1j3Y6e8NURQw==
age: 85671
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.177200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.177:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 15:58:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 109320
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.126200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.126:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 15:58:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 97948
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
click.heartcarepages.com/?t=c&ids=MjY0NzUzNzU0__NzAyMQ==__MTU0NTg4MDI=__NDY4__234&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGdGFtcg==
170.187.185.18200 OK 0 B URL HTTP/2 click.heartcarepages.com/?t=c&ids=MjY0NzUzNzU0__NzAyMQ==__MTU0NTg4MDI=__NDY4__234&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGdGFtcg==
IP 170.187.185.18:0
GET /?t=c&ids=MjY0NzUzNzU0__NzAyMQ==__MTU0NTg4MDI=__NDY4__234&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGdGFtcg== HTTP/1.1
Host: click.heartcarepages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 15:58:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
www.ibph4trk.com/scripts/sdk/everflow.js
35.244.130.28200 OK 0 B URL HTTP/2 www.ibph4trk.com/scripts/sdk/everflow.js
IP 35.244.130.28:0
GET /scripts/sdk/everflow.js HTTP/1.1
Host: www.ibph4trk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getbloodsugarformula.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 15:58:19 GMT
content-type: text/javascript
cache-control: max-age=14400
vary: Origin
x-eflow-request-id: 245b2359-73a3-465a-bcdb-e3bd185856b2
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2