Report - fitleanhealth.com/mw25ckd_leads-GlucoFreeze-032523

Report Overview

Submitted URL
fitleanhealth.com/mw25ckd_leads-GlucoFreeze-032523
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-03-25 22:30:51
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	54.186.169.128
ocsp.r2m01.amazontrust.com	unknown	2022-10-12T22:43:53Z	2023-03-29T09:11:41Z	1.4 kB	4.0 kB	54.230.80.227
pixel.rubiconproject.com	314	2012-10-09T05:17:38Z	2023-03-29T05:57:15Z	425 B	237 B	213.19.162.80
ups.analytics.yahoo.com	287	2019-05-09T17:57:40Z	2023-03-29T05:57:15Z	854 B	1.0 kB	3.71.149.231
fitleanhealth.com	unknown	2021-12-09T18:21:56Z	2023-03-25T23:30:22Z	860 B	2.7 kB	188.114.96.1
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	2.2 kB	35 kB	34.120.237.76
cm.adform.net	1667	2015-03-30T09:47:01Z	2023-03-29T09:08:32Z	405 B	264 B	37.157.4.23
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	3.1 kB	6.3 kB	142.250.74.131
criteo-sync.teads.tv	1786	2017-02-17T11:06:41Z	2023-03-29T09:08:41Z	396 B	271 B	23.195.255.234
ib.adnxs.com	241	2012-05-20T21:01:49Z	2023-03-29T05:36:29Z	854 B	1.9 kB	37.252.173.215
ocsp.entrust.net	1208	2014-01-10T03:18:45Z	2023-03-29T05:40:35Z	340 B	2.0 kB	104.110.10.32
display.buygoods.com	389768	2020-11-11T11:21:40Z	2023-03-28T00:18:52Z	422 B	559 B	172.66.40.141
sync-criteo.ads.yieldmo.com	2354	2019-12-10T22:28:48Z	2023-03-29T12:40:21Z	416 B	810 B	54.155.81.193
r3maf0.n3cdn1.secureserver.net	unknown	2022-11-19T17:18:37Z	2023-03-11T22:10:06Z	454 B	699 B	162.159.136.45
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-29T11:45:01Z	3.4 kB	7.6 kB	192.229.221.95
c.clarity.ms	803	2021-02-04T00:22:47Z	2023-03-29T05:26:27Z	857 B	1.2 kB	68.219.88.97
dnacdn.net	3760	2019-09-02T17:07:45Z	2023-03-29T05:57:13Z	513 B	709 B	178.250.0.157
embed-cloudfront.wistia.com	unknown	2022-11-08T05:17:21Z	2023-03-29T15:44:57Z	1.4 kB	517 kB	54.230.111.74
gum.criteo.com	381	2015-01-22T11:58:57Z	2023-03-29T10:15:08Z	1.3 kB	1.0 kB	178.250.0.157
dis.criteo.com	660	2012-06-02T17:38:12Z	2023-03-29T12:40:22Z	820 B	834 B	178.250.0.163
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-29T10:10:07Z	394 B	32 kB	142.250.74.74
eb2.3lift.com	402	2014-09-24T17:03:42Z	2023-03-29T13:40:31Z	406 B	206 B	76.223.111.18
dpm.demdex.net	204	2012-05-22T07:45:05Z	2023-03-29T05:12:02Z	738 B	1.3 kB	52.51.141.47
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
ocsp.starfieldtech.com	6616	2012-06-22T20:08:50Z	2023-03-29T05:25:57Z	692 B	4.7 kB	192.124.249.24
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T11:19:48Z	492 B	32 kB	216.58.207.227
matching.ivitrack.com	10236	2017-09-04T19:11:27Z	2023-03-29T12:40:21Z	405 B	406 B	34.117.157.22
r.casalemedia.com	1896	2012-06-19T10:48:07Z	2023-03-29T09:08:33Z	830 B	1.0 kB	185.80.36.245
fast.wistia.com	5153	2012-07-04T02:34:57Z	2023-03-29T13:00:27Z	2.8 kB	288 kB	151.101.130.110
www.clarity.ms	1404	2018-08-22T09:41:57Z	2023-03-29T05:25:59Z	761 B	25 kB	13.107.238.53
d10lpsik1i8c69.cloudfront.net	unknown	2016-05-17T23:03:51Z	2023-03-29T13:24:35Z	372 B	501 B	54.230.245.178
gem.gbc.criteo.com	6039	2019-01-31T11:05:09Z	2023-03-29T10:08:44Z	387 B	492 B	185.235.84.3
embed-ssl.wistia.com	22795	2017-01-29T18:01:09Z	2023-03-29T13:00:28Z	464 B	206 kB	54.230.111.70
simage2.pubmatic.com	578	2012-07-21T05:13:48Z	2023-03-29T12:40:21Z	462 B	771 B	185.64.189.110
ad.360yield.com	657	2012-11-28T12:30:25Z	2023-03-29T05:57:15Z	860 B	857 B	3.64.164.161
s.thebrighttag.com	1487	2014-11-26T16:16:07Z	2023-03-29T09:08:42Z	359 B	376 B	3.133.28.46
settings.luckyorange.net	7516	2015-03-18T04:45:16Z	2023-03-29T14:31:11Z	561 B	889 B	172.67.75.100
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	4.1 kB	11 kB	23.36.76.226
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-29T10:13:53Z	1.2 kB	16 kB	172.217.21.170
contextual.media.net	513	2012-05-21T09:20:31Z	2023-03-29T13:38:36Z	413 B	986 B	23.38.200.22
sync.outbrain.com	757	2016-08-02T08:37:14Z	2023-03-29T05:57:15Z	422 B	143 B	64.202.112.191
sslwidget.criteo.com	1723	2012-05-31T04:43:28Z	2023-03-29T12:40:20Z	1.1 kB	457 B	178.250.1.9
tracking.buygoods.com	303552	2017-10-16T22:08:32Z	2023-03-28T07:56:17Z	676 B	1.3 kB	172.66.43.22
rtb-csync.smartadserver.com	583	2012-12-17T17:38:47Z	2023-03-29T14:27:11Z	423 B	570 B	185.86.139.101
trk.anarchywarrior.com	unknown	2021-09-16T18:06:03Z	2023-03-28T05:31:24Z	538 B	1.3 kB	172.67.215.10
www.wm74trk.com	unknown	2020-04-27T00:59:55Z	2023-03-29T05:33:02Z	556 B	912 B	34.107.190.195
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-29T05:16:53Z	428 B	19 kB	104.17.25.14
glucofreezenow.com	unknown	2022-03-06T17:00:46Z	2023-03-28T05:31:39Z	5.6 kB	1.1 MB	69.172.200.220
secure.adnxs.com	396	2012-05-22T18:37:37Z	2023-03-29T05:57:15Z	818 B	2.0 kB	37.252.171.21
ocsp.r2m02.amazontrust.com	unknown	2022-10-12T16:01:39Z	2023-03-29T09:11:13Z	700 B	2.0 kB	54.230.80.227
c.bing.com	247	2012-05-22T12:26:32Z	2023-03-29T05:26:27Z	496 B	1.0 kB	13.107.21.200
visitor.omnitagjs.com	1722	2017-01-30T05:58:42Z	2023-03-29T05:57:15Z	453 B	511 B	185.255.84.153
oneocsp.microsoft.com	1473	2020-08-13T08:58:55Z	2023-03-29T05:30:56Z	349 B	2.2 kB	204.79.197.203
cm.g.doubleclick.net	202	2012-05-22T11:58:28Z	2023-03-29T14:09:49Z	1.1 kB	2.2 kB	142.250.74.130
match.sharethrough.com	604	2015-12-22T23:55:59Z	2023-03-29T12:40:21Z	442 B	80 B	3.127.20.54
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-29T08:59:28Z	680 B	1.9 kB	104.18.32.68
ocsp.godaddy.com	698	2012-05-20T21:28:57Z	2023-03-29T05:12:39Z	340 B	2.3 kB	192.124.249.36
id5-sync.com	504	2017-01-25T22:02:34Z	2023-03-29T05:36:29Z	391 B	1.0 kB	141.95.98.65
dynamic.criteo.com	4826	2018-04-12T12:04:05Z	2023-03-29T11:32:58Z	376 B	355 B	178.250.0.147
sync-t1.taboola.com	1269	2020-06-29T13:52:33Z	2023-03-29T12:40:21Z	422 B	155 B	141.226.228.48
y.clarity.ms	unknown	2023-02-13T18:09:57Z	2023-03-29T07:55:16Z	1.4 kB	888 B	104.211.35.148
pipedream.wistia.com	6958	2017-01-30T05:30:40Z	2023-03-29T16:13:03Z	481 B	211 B	52.4.213.160
x.bidswitch.net	286	2012-10-04T01:30:53Z	2023-03-29T05:57:10Z	842 B	948 B	52.28.194.209
status.thawte.com	5123	2017-11-27T13:33:51Z	2023-03-29T06:09:13Z	341 B	799 B	192.229.221.95
beacon.krxd.net	408	2012-05-22T06:25:40Z	2023-03-29T05:16:39Z	378 B	450 B	52.208.205.244
criteo-partners.tremorhub.com	2360	2017-11-20T18:11:05Z	2023-03-29T12:40:21Z	401 B	487 B	3.212.185.15
distillery.wistia.com	6708	2012-09-30T04:46:15Z	2023-03-29T16:14:42Z	442 B	164 B	44.195.191.171
exchange.mediavine.com	2109	2019-07-17T19:29:32Z	2023-03-29T13:09:34Z	433 B	1.5 kB	3.122.161.116
ad.yieldlab.net	3515	2014-05-07T02:17:56Z	2023-03-29T09:08:41Z	397 B	523 B	23.13.245.180

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-25	medium	fitleanhealth.com/mw25ckd_leads-GlucoFreeze-032523	Phishing
2023-03-25	medium	fitleanhealth.com/mw25ckd_leads-GlucoFreeze-032523	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (30)

	URL	Size	First Seen	Last Seen
	glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba	912 B	2023-03-13	2023-12-22
Pretty URL glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:40:08 Last Seen2023-12-22 02:22:17 Times Seen10 Hash 97c7608f984fa63f92115aa52172ea8e 4e375c39d93189cd4897d9e7e760cf1ffd2e6261 029cff41ab776e5a7e59e2ff07834267caeabdea1e9866264ff41fc2f2f44000 Loading...

	glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba	1.3 kB	2023-03-29	2023-12-22
Pretty URL glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:38:12 Last Seen2023-12-22 02:22:17 Times Seen6 Hash c0f96d6a8d8de64105ec8d34ae2cec76 bfbe1dc916b7fc110f448d2edec17199e0a303f5 b276d7c45e8b5684678970fba41d18298edc59ed7abd43591d881e2a859faf23 Loading...

	glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba	678 B	2023-03-13	2024-01-26
Pretty URL glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:40:08 Last Seen2024-01-26 21:59:47 Times Seen70 Hash d3fec2fb34bb78e6961b9ee97936e35d 34a62eb757bf399891c5045f5b7902a714c0eaaf bfee5200bd297bd79b7bd7bf041649ed5cb98638ab268cf6705a6720cff314c0 Loading...

	d10lpsik1i8c69.cloudfront.net/w.js	5.3 kB	2023-03-07	2024-01-30
Pretty URL d10lpsik1i8c69.cloudfront.net/w.js IP 54.230.245.178 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:48 Last Seen2024-01-30 04:20:01 Times Seen1356 Hash dc0bbcecf2e632d9beb92f4d88b21c2b 3afe594fed441bf00db76442e36fcdcb51f4202a 389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4 Loading...

	glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba	288 B	2023-03-07	2024-01-08
Pretty URL glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:52 Last Seen2024-01-08 01:35:02 Times Seen573 Hash 5cd7c2485cc82fc034007a1bda2498ae 9d8bc3c285f9c006ae1b8ff309f53ea6a51a137c 9f0ff3271e6149ab91c177f1dee5672ed4dc5264f439620e8af86fc4d9f70c2b Loading...

	www.clarity.ms/eus-f-sc/s/0.7.5/clarity.js	57 kB	2023-03-26	2023-04-01
Pretty URL www.clarity.ms/eus-f-sc/s/0.7.5/clarity.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:41:56 Last Seen2023-04-01 10:38:55 Times Seen342 Hash fd4821572207b64610b72cf7ac032a4d 9349d0d5a6364f9959637373668e2b02407f6420 6e899f48eacbd0c3e68dc8b16f71148b60b6794872922db69f74a80556998876 Loading...

	fast.wistia.com/assets/external/engines/hls_video.js	496 kB	2023-03-26	2023-03-29
Pretty URL fast.wistia.com/assets/external/engines/hls_video.js IP 151.101.130.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:39:37 Last Seen2023-03-29 23:04:47 Times Seen25 Hash 8984c3c25608b98e24c3f748a629b827 bacfe5e3caee9c2e8cb6b51f95c2f664f0c424e9 ec6f0accd86699f8ecaf47735b56b3ea300486e41fb7882dbd577c30967f416f Loading...

	r3maf0.n3cdn1.secureserver.net/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.4&time=1679654730	99 B	2023-03-07	2023-09-11
Pretty URL r3maf0.n3cdn1.secureserver.net/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.4&time=1679654730 IP 162.159.136.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:19 Last Seen2023-09-11 04:47:00 Times Seen48 Hash 86f60f0ee06297a33cc7b381b3a71b38 5e6408f710170c11af079400f6dc47027ff8f5c3 ed8fa1ff8b55dd19225f59a5e74520a8b20206c2f6d354e1e6f0e5881d93fe4a Loading...

	glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba	856 B	2023-03-13	2023-12-22
Pretty URL glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:40:08 Last Seen2023-12-22 02:22:17 Times Seen9 Hash 2b6e2007885b68aa101cbd0b9cb94bf2 b985c9a866bcd328fad0c78e169903b35e9a346f f0beda67050f79e36ed86f6dd43b079908dcf60d63f2ae3e4c10a5d3ca7249d2 Loading...

	fast.wistia.com/embed/medias/44xtnk0cns.jsonp	5.4 kB	2023-03-29	2023-03-29
Pretty URL fast.wistia.com/embed/medias/44xtnk0cns.jsonp IP 151.101.130.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:38:12 Last Seen2023-03-29 22:38:12 Times Seen1 Hash 561e8a173cc38c5198785153071b9f8c 706eb6ceb11eb4c8e5ebf3f1892b667638c3bd95 c33f4809b68cfe5b4a09ff4180de9ab3abb913b71e28af775b9160a3d287a95c Loading...

	glucofreezenow.com/still-broadcast/assets/js/main.js	0 B	2023-03-07	2024-04-26
Pretty URL glucofreezenow.com/still-broadcast/assets/js/main.js IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 10:28:14 Times Seen37089725 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba	5.0 kB	2023-03-29	2023-03-29
Pretty URL glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:38:12 Last Seen2023-03-29 22:38:12 Times Seen1 Hash 4af24d59ab65cfafe712b1768c08e3ad 17fc3cd1f3c55305c7a15d4660e24a5f008a0eee 5fdba34eda63e6f66ae2c9e7a0879b4983fdafd45dbe7885c399a77ea9de8d7e Loading...

	fitleanhealth.com/mw25ckd_leads-GlucoFreeze-032523	146 B	2023-03-29	2023-03-29
Pretty URL fitleanhealth.com/mw25ckd_leads-GlucoFreeze-032523 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:38:12 Last Seen2023-03-29 22:38:12 Times Seen1 Hash 49233d1bd8a055c388b8afe28fab4945 f19e49664bafd057a9729e15ea91b38eaa2e726b 2c6e1b26f2ea5a0e1267bbc6f88ae4c0811ec40ccba07646c65a6eed7edf2201 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 10:19:24 Times Seen139364 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba	302 B	2023-03-29	2024-01-26
Pretty URL glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:38:12 Last Seen2024-01-26 21:59:47 Times Seen65 Hash 2a5928445792ce2bd250271033a0c4b8 1444e13ab86beb255f88ee0de699f9cf05619ed6 c1bd679d2480b5f4e15124d169578cc81118613d0de137d4d6a4559f0fc4e105 Loading...

	dynamic.criteo.com/js/ld/ld.js?a=89824	45 kB	2023-03-29	2023-03-29
Pretty URL dynamic.criteo.com/js/ld/ld.js?a=89824 IP 178.250.0.147 ASN #44788 Criteo SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:38:12 Last Seen2023-03-29 22:38:12 Times Seen1 Hash 52c4e1d498d38e5dc00fa168f38bfabb ce7a5926f3d5b63e29a34a2ef7762dad970e796b 019f24aeff3efc153221972d4ef52e1e17e8d28baefccb3d410d646b9140c4b1 Loading...

	gum.criteo.com/syncframe?topUrl=glucofreezenow.com&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22glucofreezenow.com%22,%22topUrl%22:%22glucofreezenow.com%22,%22version%22:%225_14_1%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true,%22pm%22:0%7D	418 B	2023-03-07	2023-04-01
Pretty URL gum.criteo.com/syncframe?topUrl=glucofreezenow.com&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22glucofreezenow.com%22,%22topUrl%22:%22glucofreezenow.com%22,%22version%22:%225_14_1%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true,%22pm%22:0%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:37 Last Seen2023-04-01 10:34:33 Times Seen447 Hash 755b312976dc0edb23fa08bed999c482 6685710ba04dc63e4122ec3ce89f3adfe479adf4 663197a6a8353d989cdc65d4f3112e425a00839c85a3fde99bbe451a9c604a6f Loading...

	glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba	477 B	2023-03-13	2024-01-26
Pretty URL glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:40:08 Last Seen2024-01-26 21:59:47 Times Seen68 Hash 3ec789d2138e6e984881027980712b96 109973fb1fa1645b1c1c1de3d3cf0fdf322cd57c 7e729400252647acdf27c968119e3ad6f7ccce0244cf00becdf4dc950418ac64 Loading...

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/js/bootstrap.bundle.min.js	81 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/js/bootstrap.bundle.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 00:39:52 Times Seen553 Hash 21f815ff6d1883c4e81d821d38ff4070 386ea8bd17f21149c4e3a2303665fe6398e4e7d0 f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f Loading...

	glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba	389 B	2023-03-13	2024-01-26
Pretty URL glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:40:08 Last Seen2024-01-26 21:59:47 Times Seen68 Hash db0d9adedfd2ae7573d0fabbdfb34085 6c4cb7fc5863685356654c14e0b98dbf0bdbc35d daf4728d775b2c06d7c9b00e802c223362619729659396acb541242a0ecc2ba8 Loading...

	tracking.buygoods.com/track/?a=6808&firstcookie=0&tracking_redirect=&referrer=https%3A%2F%2Ffitleanhealth.com%2F&sessid2=&product=gluco_freeze,gluco_freeze_3,gluco_freeze_6&caller_url=https%3A%2F%2Fglucofreezenow.com%2Fstill-broadcast%2Findex.html%3Faff_id%3D7990%26subid%3Dmw25ckd_032523_leads%26subid5%3D0e4b01eab09c497fbaf64fc163f697ba	7.5 kB	2023-03-29	2023-03-29
Pretty URL tracking.buygoods.com/track/?a=6808&firstcookie=0&tracking_redirect=&referrer=https%3A%2F%2Ffitleanhealth.com%2F&sessid2=&product=gluco_freeze,gluco_freeze_3,gluco_freeze_6&caller_url=https%3A%2F%2Fglucofreezenow.com%2Fstill-broadcast%2Findex.html%3Faff_id%3D7990%26subid%3Dmw25ckd_032523_leads%26subid5%3D0e4b01eab09c497fbaf64fc163f697ba IP 172.66.43.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:38:12 Last Seen2023-03-29 22:38:12 Times Seen1 Hash 3b558787518da3016d720c69c8c40400 064bc75a68de7fc51a4b92f413a078af32f5ece5 f69b79d88972382ffa0e866732a47a96e09ecf88b65b54dfad3eb8a66bf7d55c Loading...

	gum.criteo.com/syncframe?topUrl=glucofreezenow.com&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22glucofreezenow.com%22,%22topUrl%22:%22glucofreezenow.com%22,%22version%22:%225_14_1%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true,%22pm%22:0%7D	14 kB	2023-03-07	2023-05-06
Pretty URL gum.criteo.com/syncframe?topUrl=glucofreezenow.com&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22glucofreezenow.com%22,%22topUrl%22:%22glucofreezenow.com%22,%22version%22:%225_14_1%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true,%22pm%22:0%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:36 Last Seen2023-05-06 00:14:31 Times Seen2035 Hash 49e65b540d43d40997ce3844d41b2dd0 b7331c5edc086ee2c7731b1b36e937e7c44450a7 f185c1b78d87a007d9492a85c6ce64c06cc851ef9f13ca3caf8aaafe243b0ac2 Loading...

	sslwidget.criteo.com/event?a=89824&v=5.14.1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523%26ref%3Dhttps%253A%252F%252Ffitleanhealth.com&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=8IzaJV8zcDdaN3lkSTJqT1RsS2J5azlLTWE1WUJ2YlY3eU1SJTJCZDJURjF1VkdhbzM4a0Y2RExWelhjWXAlMkYzR2IwVGFma0dqUnY4VFh6WHVEVDdTbTRaZDBGeWJIc0F0NTdUaGtrNlZzV2lLb0lLSyUyQlV3NGJWZWolMkY5RGdsdFZPUWt4VCUyQk1xWnk0ZFNERFplM0phVWlraiUyRnVMQUElM0QlM0Q&tld=glucofreezenow.com&dy=1&fu=https%253A%252F%252Fglucofreezenow.com%252Fstill-broadcast%252Findex.html%253Faff_id%253D7990%2526subid%253Dmw25ckd_032523_leads%2526subid5%253D0e4b01eab09c497fbaf64fc163f697ba&pu=https%253A%252F%252Ffitleanhealth.com%252F&dtycbr=50008	8.5 kB	2023-03-29	2023-03-29
Pretty URL sslwidget.criteo.com/event?a=89824&v=5.14.1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523%26ref%3Dhttps%253A%252F%252Ffitleanhealth.com&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=8IzaJV8zcDdaN3lkSTJqT1RsS2J5azlLTWE1WUJ2YlY3eU1SJTJCZDJURjF1VkdhbzM4a0Y2RExWelhjWXAlMkYzR2IwVGFma0dqUnY4VFh6WHVEVDdTbTRaZDBGeWJIc0F0NTdUaGtrNlZzV2lLb0lLSyUyQlV3NGJWZWolMkY5RGdsdFZPUWt4VCUyQk1xWnk0ZFNERFplM0phVWlraiUyRnVMQUElM0QlM0Q&tld=glucofreezenow.com&dy=1&fu=https%253A%252F%252Fglucofreezenow.com%252Fstill-broadcast%252Findex.html%253Faff_id%253D7990%2526subid%253Dmw25ckd_032523_leads%2526subid5%253D0e4b01eab09c497fbaf64fc163f697ba&pu=https%253A%252F%252Ffitleanhealth.com%252F&dtycbr=50008 IP 178.250.1.9 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:38:12 Last Seen2023-03-29 22:38:12 Times Seen1 Hash ab3e9a0bc7c3f5a30d78bb976cdbe36c 535498e29bc08f4cdfe5f5e9b472416f7a4d9bab f27595b51a9a4e10dca7663902e36e5c8da01a4efec3a7a05b2385291b6dd56f Loading...

	display.buygoods.com/v1/disclaimer?id=disclaimer-bg&account_id=6808&background=white	1.3 kB	2023-03-13	2024-01-26
Pretty URL display.buygoods.com/v1/disclaimer?id=disclaimer-bg&account_id=6808&background=white IP 172.66.40.141 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:40:08 Last Seen2024-01-26 21:59:47 Times Seen71 Hash 297397072c9f43bbe283628c0c014bd0 8e6ce9988b80049b88d459b08af31ed6863f043b bf4fa464d20fe3b9ff1c550dd8d0ae0d3e22579019233d974ae40c21b6671338 Loading...

	glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba	4.7 kB	2023-03-13	2023-12-22
Pretty URL glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:40:08 Last Seen2023-12-22 02:22:17 Times Seen9 Hash 3375dc4b7bd93de605dbf3f6c74a951c 1247e9c5f8f321968444b8981e531d5d0226de0a 807574f6b99241e8d82f9c3bab433c0e6569d8f69bcc3d0bd8c0b33b1a988d4d Loading...

	fast.wistia.com/assets/external/E-v1.js	647 kB	2023-03-29	2023-03-29
Pretty URL fast.wistia.com/assets/external/E-v1.js IP 151.101.130.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:42:06 Last Seen2023-03-29 23:04:47 Times Seen22 Hash 03df1a0b3aa0ede25696bb339ea08c3e b7dac80b872362794b382b2ad0ded723bca7b1d2 34570cff06f911edbf1ba5166e8fb484c8afbe59978d4e554df9c7a88a387efa Loading...

	fast.wistia.com/assets/external/wistia-mux.js	127 kB	2023-03-26	2023-03-29
Pretty URL fast.wistia.com/assets/external/wistia-mux.js IP 151.101.130.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:39:38 Last Seen2023-03-29 23:04:47 Times Seen33 Hash ed64034fd4327b81f88a507917e1b47f b4a17e390eebadb47b19cf03c7f21f580043912a 2f0832e32b22aeff693406c2fe93a8180f6bf9510869a15948fdbeaee046f9d5 Loading...

	www.clarity.ms/tag/7u0gjnakkh	624 B	2023-03-29	2023-03-29
Pretty URL www.clarity.ms/tag/7u0gjnakkh IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:38:12 Last Seen2023-03-29 22:38:12 Times Seen1 Hash 36a7ef29da08f7e4864b0955347839aa a685e00bf066dd2974f9b0179355a475e520dbaa 443adddf949183ad826c23ea84d9d609c4b15aeeea69c948c8e4024ff65fd8f2 Loading...

	fast.wistia.com/assets/external/playPauseLoadingControl.js	60 kB	2023-03-26	2023-03-29
Pretty URL fast.wistia.com/assets/external/playPauseLoadingControl.js IP 151.101.130.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:39:38 Last Seen2023-03-29 23:04:48 Times Seen31 Hash 1151a1209028251c635085fce9413bb2 3900f9e91f3fcb9225126f551f6cb2772f4ffc8b e0e71837ba059f7318e80a4410db81dc1ec7ca6f5b34914f99bf6a4ecd94f98e Loading...

		Size	First Seen	Last Seen
	#1 Write - 1124bf73807fb00f64246f260004f73e	5.6 kB	2023-03-29	2023-03-29
Pretty Observations First Seen2023-03-29 22:38:12 Last Seen2023-03-29 22:38:12 Times Seen1 Hash 1124bf73807fb00f64246f260004f73e f0c55ce8f97ab5217ab1048055354599f21691fa 9185fe7b7ed7d038929f734cd39c0af55de3f8914151b7d852e629f6faa1976d Loading...

HTTP Transactions (144)

URL IP Response Size

fitleanhealth.com/mw25ckd_leads-GlucoFreeze-032523

188.114.96.1

301 Moved Permanently

266 B

URL HTTP/1.1
fitleanhealth.com/mw25ckd_leads-GlucoFreeze-032523
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
266 B (266 bytes)
Hash
a9c6a790cfc5fbb4387b17e93d0ac8b4
86c5aabe13c5c10cb086e89f6746d5be3e1a97d6
bbae0545b332a910aae021c51010749a8faca328d8e290096c9ab5bc180ade47

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mw25ckd_leads-GlucoFreeze-032523 HTTP/1.1
Host: fitleanhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 25 Mar 2023 22:30:39 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Age: 19261
Content-Security-Policy: upgrade-insecure-requests
Location: https://fitleanhealth.com/mw25ckd_leads-GlucoFreeze-032523
Vary: User-Agent, Accept-Encoding
X-Backend: local
X-Cache: cached
X-Cache-Hit: HIT
X-Cacheable: YES:Forced
X-Cacheproxy-Retries: 0/2
X-Content-Type-Options: nosniff
X-Php-Version: 7.4
X-Xss-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7tM4wC%2F%2BCtYcup%2FIcOBEvGZamQoMTrLbBVLxlX2nxJLgZNHmUGc9%2BWJmHecqbfpMC31tt0gavut7G0GhJdxiPkvGrRvNg6cTbyN6tvfIkRGFikArDj55KbrqQBGbt4Ewxun3A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ada998299790b65-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16611
Expires: Sun, 26 Mar 2023 03:07:30 GMT
Date: Sat, 25 Mar 2023 22:30:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16920
Expires: Sun, 26 Mar 2023 03:12:39 GMT
Date: Sat, 25 Mar 2023 22:30:39 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 22:27:45 GMT
content-type: application/json
age: 174
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4258
Expires: Sat, 25 Mar 2023 23:41:37 GMT
Date: Sat, 25 Mar 2023 22:30:39 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: jfadarT9/t/m3YjURJD6B4l3M4pzcYdRmYWO++sZ+X6sX32ggOOFsyBRy7peW6H3BDLRFP9CAUI7VqGXCTeFfA==
x-amz-request-id: F050W5HD82HRS4CG
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 22:00:57 GMT
age: 1783
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 22:30:40 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

trk.anarchywarrior.com/566b7d8b-1550-480f-8818-c13a62597505?&sub1=mw25ckd_032523_leads

172.67.215.10

302 Found

0 B

URL HTTP/2
trk.anarchywarrior.com/566b7d8b-1550-480f-8818-c13a62597505?&sub1=mw25ckd_032523_leads
IP
172.67.215.10:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /566b7d8b-1550-480f-8818-c13a62597505?&sub1=mw25ckd_032523_leads HTTP/1.1
Host: trk.anarchywarrior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fitleanhealth.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 25 Mar 2023 22:30:40 GMT
content-length: 0
location: https://www.wm74trk.com/28KL6/24PQD1K/?sub1=mw25ckd_032523_leads&sub5=wrp85139rltpruhn262c6k3o&sub3=91.90.42.154
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: 566b7d8b-1550-480f-8818-c13a62597505-v4=n9XXQKIXVQMRgG1AtbiYOe7dn6YTly5kaK1mEkxYRcw; Max-Age=86400; Expires=Sun, 26-Mar-2023 22:30:40 GMT; Domain=trk.anarchywarrior.com; Path=/; HttpOnly
cc-v4=G7YDQCKP43%2F3t35KWcsbbCIqhlbftr4pOnfTDe0vhhslp2W00O0GXp6d9Skdk7nWV%2Fn2SWKuSJDQLF7KYmSMImPRtNc7%2BbiPI8c6vwK4eM%2FYlJ7af5ANPeHyzXXK%2Bl4nSpWGXLogL1aDzuK1gn2Zzg%3D%3D; Max-Age=31536000; Expires=Sun, 24-Mar-2024 22:30:40 GMT; Domain=trk.anarchywarrior.com; Path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2F%2FfRpL1Fp6L3TT8XLUI77bRTtUURo%2FqwWTZE7kc0axUCfLY9cW5fWiTF7ad%2BlCBjUzaHZU00B8IkWPb05GyBICmJbObGTy4Xq0qd5wieKD5J2gRUypJVF5OHs7YRQGfmmc3pP1mGMCa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ada99869b4e0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 22:17:24 GMT
age: 796
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1846 bytes)
Hash
d69de8a32a9247e26ec8cdd4077d603a
9215b0a57c1d49b53c8fbbe8cf61d706bb513f65
e907fbfc560da12bb14805eec4275b3b78699bf10ff2045708440d101098c3f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 25 Mar 2023 22:30:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 15024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 25 Mar 2023 19:33:33 GMT
Expires: Sun, 26 Mar 2023 19:33:33 GMT
ETag: "9215b0a57c1d49b53c8fbbe8cf61d706bb513f65"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
717ebcc65cb1390c2509851bac7b5878
1e04e3058329f3809bc01022d441172dcacc1aaa
3c8d41efe14dc75e001ce50aae65e133d90bcb2e2f86b2426cefe7abe4c7b588

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8195
Expires: Sun, 26 Mar 2023 00:47:15 GMT
Date: Sat, 25 Mar 2023 22:30:40 GMT
Connection: keep-alive

www.wm74trk.com/28KL6/24PQD1K/?sub1=mw25ckd_032523_leads&sub5=wrp85139rltpruhn262c6k3o&sub3=91.90.42.154

34.107.190.195

302 Found

163 B

URL HTTP/2
www.wm74trk.com/28KL6/24PQD1K/?sub1=mw25ckd_032523_leads&sub5=wrp85139rltpruhn262c6k3o&sub3=91.90.42.154
IP
34.107.190.195:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text
Size
163 B (163 bytes)
Hash
0c77c3735bf5bd6de301d815554e31d5
ce985d03afbb60a5f0b3bb3366039e209f4e543d
1970039b1957f89f4ffa2674c9f6c48eab72d0a10759d3be233039a28730fc58

HTTP Headers

GET /28KL6/24PQD1K/?sub1=mw25ckd_032523_leads&sub5=wrp85139rltpruhn262c6k3o&sub3=91.90.42.154 HTTP/1.1
Host: www.wm74trk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fitleanhealth.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Sat, 25 Mar 2023 22:30:40 GMT
content-type: text/html; charset=utf-8
content-length: 163
accept-ch: Sec-Ch-Ua-Platform-Version
location: https://glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba
set-cookie: uniqueClick_24PQD1K=bd035938-9232-4b29-a10c-c794dce6e40d:1679783440; Path=/; Expires=Tue, 28 Mar 2023 22:30:40 GMT; Secure; SameSite=None
transaction_id=0e4b01eab09c497fbaf64fc163f697ba; Path=/; Expires=Fri, 23 Jun 2023 22:30:40 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 9674015c-7404-442e-b17d-1b3f92270d86
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1846 bytes)
Hash
d69de8a32a9247e26ec8cdd4077d603a
9215b0a57c1d49b53c8fbbe8cf61d706bb513f65
e907fbfc560da12bb14805eec4275b3b78699bf10ff2045708440d101098c3f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 25 Mar 2023 22:30:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 15024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 25 Mar 2023 19:33:33 GMT
Expires: Sun, 26 Mar 2023 19:33:33 GMT
ETag: "9215b0a57c1d49b53c8fbbe8cf61d706bb513f65"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

push.services.mozilla.com/

54.186.169.128

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.186.169.128:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /1OdIVEmOAukXtaa+g1NZg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KuIJ1WIsN3q6XEvJG0DMGfH48AQ=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bcaf15c259e9baa1f6f0097bb1f34af4
65e17e4cde9c05dcf9c31571686362bb9c0c6666
b2a60d1fe79f0810cfdcf2e32b9a531373f66f84268045687dc03b4cd77d3cdd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2A60D1FE79F0810CFDCF2E32B9A531373F66F84268045687DC03B4CD77D3CDD"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16326
Expires: Sun, 26 Mar 2023 03:02:47 GMT
Date: Sat, 25 Mar 2023 22:30:41 GMT
Connection: keep-alive

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css

104.17.25.14

200 OK

18 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65326)
Size
18 kB (17550 bytes)
Hash
fdb6e9f0aa2a1f504c5100bfd3f158f7
db187483f667bf064b0009bbfa428be0fe27751b
e81b8a4c9a7f47d61c661b4e9dc0c501541a5dec5e5cf97f1fd1fb03db4aef64

HTTP Headers

GET /ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:41 GMT
content-type: text/css; charset=utf-8
content-length: 17550
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f2c377f-2722e"
last-modified: Thu, 06 Aug 2020 17:01:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2178694
expires: Thu, 14 Mar 2024 22:30:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDemmeRrf1B25fH0UMqvIJ4bF6xUjyY7LjOGphgMT7qfy5qt0FK51%2FDaK9xvcciaA9yxoH1hkF%2FAeMdtQzWEUaKBd5TI6mexPY7J78uMpRLa6JBPVZuzKfxskRJW3KQzia%2FSz3Kx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ada998f3d16b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/44xtnk0cns.jsonp

151.101.130.110

200 OK

1.6 kB

URL HTTP/2
fast.wistia.com/embed/medias/44xtnk0cns.jsonp
IP
151.101.130.110:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (5308)
Size
1.6 kB (1608 bytes)
Hash
4e08c9c055dc5892c8dadc6047fe8aa5
01e21d58008a6de09f0ae7a4b84eca004f591925
e9639dd2fe04ae4fe8360a358639def1ecf1af134f7c504a19146d8d68dc930f

HTTP Headers

GET /embed/medias/44xtnk0cns.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: application/javascript; charset=utf-8
etag: W/"c33f4809b68cfe5b4a09ff4180de9ab3"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: db77cacaccf084ead232cfeb5cdfb7ab
x-runtime: 0.041176
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 25 Mar 2023 22:30:41 GMT
age: 13541
x-served-by: cache-iad-kjyo7100176-IAD, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 81, 1
x-timer: S1679783442.844269,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1608
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fast.wistia.com/assets/external/E-v1.js

151.101.130.110

200 OK

117 kB

URL HTTP/2
fast.wistia.com/assets/external/E-v1.js
IP
151.101.130.110:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
117 kB (117310 bytes)
Hash
069fe9e390ba04b1e305cf15d8cbaca0
e94d72e8f2810227ae13d520d969b85f608328d9
17cf41a535a1b281316f3f3358ccbfd0d4ff9798485106a88023bb3351dc6b4b

HTTP Headers

GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Fri, 24 Mar 2023 14:48:39 GMT
etag: "069fe9e390ba04b1e305cf15d8cbaca0"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 25 Mar 2023 22:30:41 GMT
age: 3016
x-served-by: cache-iad-kjyo7100121-IAD, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 40, 104
x-timer: S1679783442.851193,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: 1d1291f7b820d76ce634e6d72f254308143836f0
content-length: 117310
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.74

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 11:24:26 GMT
expires: Fri, 22 Mar 2024 11:24:26 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 212775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

glucofreezenow.com/1xm.jpg

69.172.200.220

200 OK

269 kB

URL HTTP/2
glucofreezenow.com/1xm.jpg
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1519x1993, components 3\012- data
Size
269 kB (268956 bytes)
Hash
6058555906b1e0ae50eda7c117652b2e
d48a578f9a7b8f870fcf6c7d5dca9a1fbee04e8c
7cf47a03006043204740a935b6c85719a66f03d78c9be5961b97739739374bdb

HTTP Headers

GET /1xm.jpg HTTP/1.1
Host: glucofreezenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba
Cookie: uid=wKhaAmQfdhGQcAA6AwTeAg==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:41 GMT
content-type: image/jpeg
content-length: 268956
last-modified: Sun, 06 Mar 2022 14:43:44 GMT
etag: "6224c8a0-41a9c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 8a4c367920c04f7c0780a82421f2e662
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

glucofreezenow.com/6xm.jpg

69.172.200.220

200 OK

463 kB

URL HTTP/2
glucofreezenow.com/6xm.jpg
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 3235x2241, components 3\012- data
Size
463 kB (463183 bytes)
Hash
7f6ad0f7195793a38e0c68d9302c39a7
4aacf9213b01311999a5b6d0ce9de568ba717b85
9bb40dffe2afff00f3b42fb26faf0cf6127cfc9fcc3339fe5b2ccb4f6b975442

HTTP Headers

GET /6xm.jpg HTTP/1.1
Host: glucofreezenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba
Cookie: uid=wKhaAmQfdhGQcAA6AwTeAg==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:41 GMT
content-type: image/jpeg
content-length: 463183
last-modified: Sun, 06 Mar 2022 14:43:46 GMT
etag: "6224c8a2-7114f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 1385afb09220bf41ebe2022fcf177aef
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

glucofreezenow.com/3xm.jpg

69.172.200.220

200 OK

330 kB

URL HTTP/2
glucofreezenow.com/3xm.jpg
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 2415x2002, components 3\012- data
Size
330 kB (330272 bytes)
Hash
7a06be5957059f0874cb383f841e3c85
28da2d3a838587515a64847512896d972f29c848
b6162beb636dc007c25416bbb692bcc8468dd622268b8e8dc00f2e3c09a7ee38

HTTP Headers

GET /3xm.jpg HTTP/1.1
Host: glucofreezenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba
Cookie: uid=wKhaAmQfdhGQcAA6AwTeAg==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:41 GMT
content-type: image/jpeg
content-length: 330272
last-modified: Sun, 06 Mar 2022 14:43:46 GMT
etag: "6224c8a2-50a20"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: e2b7ba5aefeee6989bcd041e9307c4e9
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

glucofreezenow.com/xkm(1).jpg

69.172.200.220

200 OK

34 kB

URL HTTP/2
glucofreezenow.com/xkm(1).jpg
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1100x527, components 3\012- data
Size
34 kB (34327 bytes)
Hash
9d5760f9946d6556a7ff2623b177800c
6fca3c35cb7ce23d55d46fa9a0ad3e7a16ba9ea8
98b8581981e293666aae1977953931103c850844e9a564b088c383cf7e060f33

HTTP Headers

GET /xkm(1).jpg HTTP/1.1
Host: glucofreezenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba
Cookie: uid=wKhaAmQfdhGQcAA6AwTeAg==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:41 GMT
content-type: image/jpeg
content-length: 34327
last-modified: Sun, 06 Mar 2022 14:43:43 GMT
etag: "6224c89f-8617"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: a5e338fffc57e27cad552448dc9aa5d0
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8385
Expires: Sun, 26 Mar 2023 00:50:27 GMT
Date: Sat, 25 Mar 2023 22:30:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8385
Expires: Sun, 26 Mar 2023 00:50:27 GMT
Date: Sat, 25 Mar 2023 22:30:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8385
Expires: Sun, 26 Mar 2023 00:50:27 GMT
Date: Sat, 25 Mar 2023 22:30:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8385
Expires: Sun, 26 Mar 2023 00:50:27 GMT
Date: Sat, 25 Mar 2023 22:30:42 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb3b49ab-f78e-4860-8aae-369eacfe43e3.jpeg

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb3b49ab-f78e-4860-8aae-369eacfe43e3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9486 bytes)
Hash
6530dbbc16d84b7047fa4bc66364fbf4
a53e0919923151e009e12010c60acb5a9175d37e
e64a2699e763d75a068ee6ceafd4eb2a1922488dc2e052699fb4242f0bf20524

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb3b49ab-f78e-4860-8aae-369eacfe43e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9486
x-amzn-requestid: b0324b5e-303e-485a-ae57-c001378aa401
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW2eRHjaoAMF74w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6ac1-27f002da252bd7ee19802f3d;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:42:25 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: V-lhHgr1lyxVF9XaxHQ6abgEwVC_llAl8opmQ8qKJ7Ee76HWSP1ZoA==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 22:08:53 GMT
age: 1309
etag: "a53e0919923151e009e12010c60acb5a9175d37e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd27448b3-5d7d-4249-939a-22a55ff03bfc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5916 bytes)
Hash
4079fe41a14c57ac6160bdb654f6ef64
99d9cd4a1d423d776284f2d638763ebe33e247ad
218e38cf89853672bb8b24c1c53d58092a75827fb9f7aad02c8e4bbc02d44325

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd27448b3-5d7d-4249-939a-22a55ff03bfc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5916
x-amzn-requestid: 86502622-4d93-4767-a7ab-b963bfc9900b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kUHgjoAMFmug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-069ef5781ce60e9821010204;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: r9nGZ_sMvuN7uuq8utQofWNeZtbpZfPWOzrNkaBYrmWCV5KUtGzK4w==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:07 GMT
age: 3215
etag: "99d9cd4a1d423d776284f2d638763ebe33e247ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75161517-cef9-4f1d-98e1-296b5088de2a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7882 bytes)
Hash
9ff8bb94dc368c89ab13dfcfe312e5cd
7819408faa7e232c57bf448d78cf00e7f98469f6
2a04de377d0d4c7cd4a720420806e3f7a872290fad006ef6a172b86d7c249378

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75161517-cef9-4f1d-98e1-296b5088de2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7882
x-amzn-requestid: cdb6c312-e4b1-41e4-a13e-723f8628961d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW3M0G_3oAMFpWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6beb-37ff37b35f2de72b6faf0bf9;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:47:23 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 36IijBFVCfKpOEcor_pSyo94rbX4Ym1SD_XbGZIoY16BLfcALXcS1w==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 22:08:53 GMT
etag: "7819408faa7e232c57bf448d78cf00e7f98469f6"
content-type: image/jpeg
age: 1309
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Sacramento

172.217.21.170

200 OK

9.5 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Sacramento
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
data
Size
9.5 kB (9464 bytes)
Hash
3bfa8503f541f58a25e47267957ffad0
23e4c9f1dc5e183887435c81db8a5972e9314788
7c03529f36552964bc419e21e2abfee2235bcdfcc1d1072c0a711bda10d0befc

HTTP Headers

GET /css2?family=Sacramento HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 25 Mar 2023 22:30:41 GMT
date: Sat, 25 Mar 2023 22:30:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900

172.217.21.170

200 OK

4.6 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
data
Size
4.6 kB (4601 bytes)
Hash
37045cec9dcd6a5e01fb46ecf8eed80f
5fed4217764a73d57620b5114d6755a87ddb22b4
73484c9e1c48a3c14b75fb057f7327e671df17c549d8353b26dd81e032b58cdc

HTTP Headers

GET /css2?family=Montserrat:wght@400;500;600;700;900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 25 Mar 2023 22:30:41 GMT
date: Sat, 25 Mar 2023 22:30:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9e781aa-3802-4cf5-a484-251a54be7c3b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7156 bytes)
Hash
6ca6091f5f9efa5c7a2e171b1c1538eb
32f01282a1c9e7db058c85e92a1228d498988ac2
9befacd1e0f1f863b1290e9742979a62ece98feff88f7cc3db57f4497ea96a49

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9e781aa-3802-4cf5-a484-251a54be7c3b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7156
x-amzn-requestid: 4c7fa12f-7a53-4960-bcf2-e88ccda4ea12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uTGq2IAMFY9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f698e-381360a95cc2762d499e2839;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 9CXL22uAnmLM15tpB3yS-cgRugdZre0cgBqhnsDrdxDp-xvFzy7A4g==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:18 GMT
etag: "32f01282a1c9e7db058c85e92a1228d498988ac2"
content-type: image/jpeg
age: 3204
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

glucofreezenow.com/controlScript.js

69.172.200.220

404 Not Found

9 B

URL HTTP/2
glucofreezenow.com/controlScript.js
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

HTTP Headers

GET /controlScript.js HTTP/1.1
Host: glucofreezenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba
Cookie: uid=wKhaAmQfdhGQcAA6AwTeAg==; cnid=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sat, 25 Mar 2023 22:30:42 GMT
content-type: text/plain; charset=utf-8
content-length: 9
set-cookie: persistedParams=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
persistedParams.sig=qQIP2OdsTFa87s1ohgL1NB6ingI; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
x-dis-request-id: 6ab14e00192040a2fa07e63a9c395cec
server: DOSarrest
X-Firefox-Spdy: h2

glucofreezenow.com/still-broadcast/assets/js/main.js

69.172.200.220

200 OK

0 B

URL HTTP/2
glucofreezenow.com/still-broadcast/assets/js/main.js
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /still-broadcast/assets/js/main.js HTTP/1.1
Host: glucofreezenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba
Cookie: uid=wKhaAmQfdhGQcAA6AwTeAg==; cnid=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:42 GMT
content-type: application/javascript
content-length: 0
last-modified: Sun, 06 Mar 2022 14:43:43 GMT
etag: "6224c89f-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
accept-ranges: bytes
x-dis-request-id: ad80e197a375b1211221682bf808b576
server: DOSarrest
X-Firefox-Spdy: h2

glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba

69.172.200.220

200 OK

22 kB

URL HTTP/2
glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
data
Size
22 kB (21590 bytes)
Hash
9353ee5dae1028b9e8fb5db2145a1beb
0aeac764827a6706d2a71d105b9ca74dbe618f18
aebd4f91e3e48ec07e04934eee48518437de09722cb0b8854fa11061c1352ed1

HTTP Headers

GET /still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba HTTP/1.1
Host: glucofreezenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fitleanhealth.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:41 GMT
content-type: text/html
last-modified: Wed, 11 Jan 2023 09:50:32 GMT
etag: W/"63be8668-1c98a"
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
set-cookie: uid=wKhaAmQfdhGQcAA6AwTeAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=1; path=/
cache-control: public, private
x-dis-request-id: 71d0e081df065dfe3a8f0b35343b9e56
server: DOSarrest
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://glucofreezenow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:48 GMT
expires: Sat, 23 Mar 2024 10:26:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 129834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b644abd1d83faa6f0327486dae33b18d
cb745aa55db6976159ef31ff8835e2b26fd32109
784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fast.wistia.com/assets/external/wistia-mux.js

151.101.130.110

200 OK

31 kB

URL HTTP/2
fast.wistia.com/assets/external/wistia-mux.js
IP
151.101.130.110:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65468)
Size
31 kB (31306 bytes)
Hash
fa03c21a6e8952e171cdcd98dcfa7b3c
e24d08b3ba411a5f3d4f6b0fd94010a24a7173b4
6d4c76da123aaa59aef4ff4c5b28c086570f2fb8c606bcfe497d9de352f18151

HTTP Headers

GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 24 Mar 2023 14:48:40 GMT
etag: "fa03c21a6e8952e171cdcd98dcfa7b3c"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 25 Mar 2023 22:30:42 GMT
age: 3030
x-served-by: cache-iad-kjyo7100156-IAD, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 21, 63
x-timer: S1679783443.681477,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: 1d1291f7b820d76ce634e6d72f254308143836f0
content-length: 31306
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3b0a7d2d049cee9d96771ee09db52af4
12076c20743f89b044366e2604162bf460b415bd
1f8d5e971f2a0d64e61cddad1dba09413e0eb0f9eb3ec379c798b2e4281a25bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 103
Cache-Control: max-age=145917
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:42 GMT
Etag: "641f0ca8-1d7"
Expires: Mon, 27 Mar 2023 15:02:39 GMT
Last-Modified: Sat, 25 Mar 2023 15:00:56 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471

fast.wistia.com/assets/external/engines/hls_video.js

151.101.130.110

200 OK

114 kB

URL HTTP/2
fast.wistia.com/assets/external/engines/hls_video.js
IP
151.101.130.110:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65469)
Size
114 kB (114490 bytes)
Hash
126e0af6e7ebffc26419036074e1c843
a390f7eca9671af0f873c492bf4eae3f84c2625d
bc43f74340f949aefb2151c0e997dbfae92f5a8521e5e92504cb7d06aeba2930

HTTP Headers

GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 24 Mar 2023 14:48:40 GMT
etag: "126e0af6e7ebffc26419036074e1c843"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 25 Mar 2023 22:30:42 GMT
age: 3014
x-served-by: cache-iad-kcgs7200074-IAD, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 49, 38
x-timer: S1679783443.830714,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: 1d1291f7b820d76ce634e6d72f254308143836f0
content-length: 114490
X-Firefox-Spdy: h2

fast.wistia.com/assets/images/blank.gif

151.101.130.110

200 OK

1.2 kB

URL HTTP/2
fast.wistia.com/assets/images/blank.gif
IP
151.101.130.110:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 100 x 100\012- data
Size
1.2 kB (1214 bytes)
Hash
fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

HTTP Headers

GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "641e1922-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 24 Mar 2023 21:41:54 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 25 Mar 2023 22:30:43 GMT
age: 89232
x-served-by: cache-iad-kiad7000052-IAD, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 51, 1264
x-timer: S1679783443.025505,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1214
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/44xtnk0cns.m3u8

151.101.130.110

200 OK

935 B

URL HTTP/2
fast.wistia.com/embed/medias/44xtnk0cns.m3u8
IP
151.101.130.110:0
ASN
#54113 FASTLY

File type
M3U playlist, ASCII text
Size
935 B (935 bytes)
Hash
28191ef929a427f2dc223ac4e4e0e8bd
40192dffd81a03eca4d0838a570994ffdc72176d
ddbf315a312b1572a0cb0e62a4266c5b246c3454b64cb474f6eb0f40200ee0df

HTTP Headers

GET /embed/medias/44xtnk0cns.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezenow.com
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-type: application/x-mpegURL
etag: W/"ddbf315a312b1572a0cb0e62a4266c5b"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 596fa82a0dcc52b26e5fae8f352293ed
x-runtime: 0.029417
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 25 Mar 2023 22:30:43 GMT
age: 13528
x-served-by: cache-iad-kjyo7100105-IAD, cache-bma1670-BMA
x-cache: HIT, MISS
x-cache-hits: 128, 0
x-timer: S1679783443.015464,VS0,VE91
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 935
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
486e7630b8a81832135aaad511b01d77
73cfc018f7747794497e374f2e2dfe7957ed2135
f623c064c45a5ddd61f4f960d855faa4b5426742f168c777494985fc35ef005f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3544
Cache-Control: max-age=157620
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:43 GMT
Etag: "641f2cef-1d7"
Expires: Mon, 27 Mar 2023 18:17:43 GMT
Last-Modified: Sat, 25 Mar 2023 17:18:39 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471

embed-cloudfront.wistia.com/deliveries/30ce033c3cc27af9521f5f64a7d90da910d97e22.m3u8

54.230.111.74

200 OK

93 kB

URL HTTP/2
embed-cloudfront.wistia.com/deliveries/30ce033c3cc27af9521f5f64a7d90da910d97e22.m3u8
IP
54.230.111.74:0
ASN
#16509 AMAZON-02

File type
M3U playlist, ASCII text
Size
93 kB (93305 bytes)
Hash
92f6524432911fc8b1501e374678982e
9b49a4dd8dfb529d3e82cd5bd01939da31547ebf
8aa9d4c9c677642edcd19dd43b66990b6d817df2e6317fe4c8e41028e991e080

HTTP Headers

GET /deliveries/30ce033c3cc27af9521f5f64a7d90da910d97e22.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezenow.com
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 93305
server: envoy
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 30ce033c3cc27af9521f5f64a7d90da910d97e22-hls-segment
surrogate-key: 30ce033c3cc27af9521f5f64a7d90da910d97e22-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 135
date: Sat, 25 Mar 2023 12:14:47 GMT
expires: Sun, 24 Mar 2024 11:41:43 GMT
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: khZH4pjyw4f3ao7XTtuVcQXmC9KYd77XR3bliR0N2vdfjpE6aN_lHw==
age: 38940
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

www.clarity.ms/eus-f-sc/s/0.7.5/clarity.js

13.107.238.53

200 OK

24 kB

URL HTTP/2
www.clarity.ms/eus-f-sc/s/0.7.5/clarity.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (56527)
Size
24 kB (24167 bytes)
Hash
a2ea86db73d1c14db5c71c43b3c1c73f
a791287588cd69d66aafdbea4b216822003854ad
ce2c94e7c8d8f711f3bfbd67daf061a09c4816093c350fba72882d213945a321

HTTP Headers

GET /eus-f-sc/s/0.7.5/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d95d062a00a927"
x-cache: TCP_HIT
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
x-azure-ref-originshield: 0O1IfZAAAAADKOw6/3j8MRbOVHCM0MCbkQU1TMDRFREdFMTkyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0EnYfZAAAAACmyw6QeC7gSLrJQhqSRPHNU1ZHMjBFREdFMDYyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 25 Mar 2023 22:30:42 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
f275ddbbdd218034a7b4b9bca9debb26
6d57f763157f97d9e13d6644cdc6272e999acea1
0f87718bea06096a6d67a11d31f41f9227070ed458de8e30f1ac59ffcb8b7137

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5295
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:43 GMT
Etag: "641e8e05-138"
Last-Modified: Sat, 25 Mar 2023 21:02:28 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 312

embed-cloudfront.wistia.com/deliveries/30ce033c3cc27af9521f5f64a7d90da910d97e22.m3u8/seg-1-v1-a1.ts

54.230.111.74

200 OK

328 kB

URL HTTP/2
embed-cloudfront.wistia.com/deliveries/30ce033c3cc27af9521f5f64a7d90da910d97e22.m3u8/seg-1-v1-a1.ts
IP
54.230.111.74:0
ASN
#16509 AMAZON-02

File type
MPEG transport stream data\012- data
Size
328 kB (328248 bytes)
Hash
5c074e556997d1ef47c74cdbab88ab26
7dba8ba56b3ff8f6b9b3429e0d3c711fae30d732
9915f45d50bfc93201d0b44b0f796a80bc4631705e000a21f58a1796c9433fa1

HTTP Headers

GET /deliveries/30ce033c3cc27af9521f5f64a7d90da910d97e22.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezenow.com
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: video/MP2T
content-length: 328248
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 30ce033c3cc27af9521f5f64a7d90da910d97e22-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
surrogate-key: 30ce033c3cc27af9521f5f64a7d90da910d97e22-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
accept-ranges: bytes
date: Mon, 20 Mar 2023 07:27:45 GMT
expires: Tue, 19 Mar 2024 06:32:49 GMT
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ev0QrU6fLloJbePCgxGGwF6vUnR01W4r712NrUeaj9cdZcLxLYkQ7w==
age: 489474
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
f275ddbbdd218034a7b4b9bca9debb26
6d57f763157f97d9e13d6644cdc6272e999acea1
0f87718bea06096a6d67a11d31f41f9227070ed458de8e30f1ac59ffcb8b7137

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5295
Cache-Control: max-age=118689
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:43 GMT
Etag: "641e8e05-138"
Expires: Mon, 27 Mar 2023 07:28:52 GMT
Last-Modified: Sat, 25 Mar 2023 06:00:37 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 312

fast.wistia.com/assets/external/playPauseLoadingControl.js

151.101.130.110

200 OK

16 kB

URL HTTP/2
fast.wistia.com/assets/external/playPauseLoadingControl.js
IP
151.101.130.110:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (60297), with no line terminators
Size
16 kB (16032 bytes)
Hash
b2b44b80faa65cce5d5bb98b9687d152
75d08cab6749fba40af8155d1754afac39e101c2
6c59ce5a293b58600081ec1339632e7da41e70fc8739726fee0f2b8e7204c1c7

HTTP Headers

GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 24 Mar 2023 14:48:40 GMT
etag: "b2b44b80faa65cce5d5bb98b9687d152"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 25 Mar 2023 22:30:43 GMT
age: 3030
x-served-by: cache-iad-kjyo7100120-IAD, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 40, 67
x-timer: S1679783443.299803,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: 1d1291f7b820d76ce634e6d72f254308143836f0
content-length: 16032
X-Firefox-Spdy: h2

oneocsp.microsoft.com/ocsp

204.79.197.203

200 OK

1.7 kB

URL HTTP/1.1
oneocsp.microsoft.com/ocsp
IP
204.79.197.203:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.7 kB (1741 bytes)
Hash
e95214b9b9e930001c2d121108c70582
a90fd99ea0c6596e050a124b6c1019ca301938fb
754101420b171fe316df5f8da0411db7931e81f1a2aed81ec71500292b3b540f

HTTP Headers

POST /ocsp HTTP/1.1
Host: oneocsp.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Length: 1741
Content-Type: application/ocsp-response
Expires: Tue, 28 Mar 2023 15:50:24 GMT
Last-Modified: Fri, 24 Mar 2023 21:08:22 GMT
ETag: "754101420b171fe316df5f8da0411db7931e81f1a2aed81ec71500292b3b540f"
X-Powered-By: ASP.NET
x-content-type-options: nosniff
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 1FC5A55B075443DD93BB271CFFDAF12F Ref B: OSL30EDGE0408 Ref C: 2023-03-25T22:30:43Z
Date: Sat, 25 Mar 2023 22:30:43 GMT

embed-cloudfront.wistia.com/deliveries/a2c9724d2837a786894a2826cac86344ce5d571e.m3u8

54.230.111.74

200 OK

93 kB

URL HTTP/2
embed-cloudfront.wistia.com/deliveries/a2c9724d2837a786894a2826cac86344ce5d571e.m3u8
IP
54.230.111.74:0
ASN
#16509 AMAZON-02

File type
M3U playlist, ASCII text
Size
93 kB (93305 bytes)
Hash
42d62ca7249e8fb902d300fc6a54eb87
5d4a72b85f99868a3bc2d928f4682d7ab61a6099
b285b20eae4458d3a5f9402a7d1e672257e280591d287199dc67a7606aaedf7d

HTTP Headers

GET /deliveries/a2c9724d2837a786894a2826cac86344ce5d571e.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezenow.com
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 93305
server: envoy
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: a2c9724d2837a786894a2826cac86344ce5d571e-hls-segment
surrogate-key: a2c9724d2837a786894a2826cac86344ce5d571e-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 64
date: Sat, 25 Mar 2023 22:30:43 GMT
expires: Sun, 24 Mar 2024 09:57:59 GMT
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sTUhRzkka4RkiRrQJrusLaEogs8XE2iuUKBbmbmjX_QEpcLuHh705g==
age: 45164
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

embed-ssl.wistia.com/deliveries/26fa4d76d2c0dab2f8ad43889661b231b96ae145.webp?image_crop_resized=1280x720

54.230.111.70

200 OK

205 kB

URL HTTP/2
embed-ssl.wistia.com/deliveries/26fa4d76d2c0dab2f8ad43889661b231b96ae145.webp?image_crop_resized=1280x720
IP
54.230.111.70:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
205 kB (205354 bytes)
Hash
7da588c28118b33f794205e564928c6b
8a87d70478a91ec98ba128ad0e6f916c6cbc7555
ecdd4793b50c7608b546169eb6e24610d34b74ca61741b81c2771d7f4ee3aabc

HTTP Headers

GET /deliveries/26fa4d76d2c0dab2f8ad43889661b231b96ae145.webp?image_crop_resized=1280x720 HTTP/1.1
Host: embed-ssl.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/webp
accept-ranges: none
access-control-request-method: *
content-disposition: inline
edge-cache-tag: 26fa4d76d2c0dab2f8ad43889661b231b96ae145
last-modified: Mon, 27 Dec 2021 16:25:14 UTC
surrogate-key: 26fa4d76d2c0dab2f8ad43889661b231b96ae145 thumbnail-delivery
x-envoy-upstream-service-time: 237
server: envoy
date: Sat, 25 Mar 2023 22:30:43 GMT
cache-control: max-age=31536000
etag: pzzq-ZrCl25Z0777IqN2fJHNoHM=
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WM7zQ00QO0Jkg5vNrqt3ahT_F830zInmYAKndPjhlKyhBqTJNaiyKw==
age: 23989
x-cdn: cloudfront
vary: Origin
X-Firefox-Spdy: h2

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 594
Origin: https://glucofreezenow.com
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 25 Mar 2023 22:30:43 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://glucofreezenow.com
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

distillery.wistia.com/x

44.195.191.171

204 No Content

0 B

URL HTTP/2
distillery.wistia.com/x
IP
44.195.191.171:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1714
Origin: https://glucofreezenow.com
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sat, 25 Mar 2023 22:30:43 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2

c.clarity.ms/c.gif

68.219.88.97

302 Found

0 B

URL HTTP/2
c.clarity.ms/c.gif
IP
68.219.88.97:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4B4C3F6C33F940D2B4DFD41C1E71F82F&RedC=c.clarity.ms&MXFR=1CA063EBA0CB6C74223A7134A4CB6244
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=1CA063EBA0CB6C74223A7134A4CB6244; domain=.clarity.ms; expires=Thu, 18-Apr-2024 22:30:43 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sat, 25 Mar 2023 22:30:43 GMT
content-length: 0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c4a554fed93d9d56c467006a431aed22
34bc3b4c2444c96196e47e0757786ef89bfea2c8
b81ba8f35c0e1468c2400dd8f018303be8e16f0e95ba3fed2a690b9e89ba9020

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B81BA8F35C0E1468C2400DD8F018303BE8E16F0E95BA3FED2A690B9E89BA9020"
Last-Modified: Sat, 25 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8368
Expires: Sun, 26 Mar 2023 00:50:12 GMT
Date: Sat, 25 Mar 2023 22:30:44 GMT
Connection: keep-alive

matching.ivitrack.com/sync?realm=criteo&uid=k-nZTIytjqvabkv62-5n_2wj76iscJW4gBoA9hEQ

34.117.157.22

200 OK

42 B

URL HTTP/2
matching.ivitrack.com/sync?realm=criteo&uid=k-nZTIytjqvabkv62-5n_2wj76iscJW4gBoA9hEQ
IP
34.117.157.22:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /sync?realm=criteo&uid=k-nZTIytjqvabkv62-5n_2wj76iscJW4gBoA9hEQ HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: istio-envoy
date: Sat, 25 Mar 2023 22:30:43 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c4a554fed93d9d56c467006a431aed22
34bc3b4c2444c96196e47e0757786ef89bfea2c8
b81ba8f35c0e1468c2400dd8f018303be8e16f0e95ba3fed2a690b9e89ba9020

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B81BA8F35C0E1468C2400DD8F018303BE8E16F0E95BA3FED2A690B9E89BA9020"
Last-Modified: Sat, 25 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8368
Expires: Sun, 26 Mar 2023 00:50:12 GMT
Date: Sat, 25 Mar 2023 22:30:44 GMT
Connection: keep-alive

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 121820
Origin: https://glucofreezenow.com
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 25 Mar 2023 22:30:44 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://glucofreezenow.com
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40

178.250.0.157

302 Found

0 B

URL HTTP/2
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Sat, 25 Mar 2023 22:30:44 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 777800
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
16b626f47a581102b49d63971ba7de07
71a5764d3235a3769641752b4b72e3050e2d4d1e
7ebaa76ccac7e0a75b7e8b9881fc294439bdbb096fe5ab858c463bc275a1157d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=138861
Date: Sat, 25 Mar 2023 22:30:44 GMT
Etag: "641eef08-1d7"
Expires: Mon, 27 Mar 2023 13:05:05 GMT
Last-Modified: Sat, 25 Mar 2023 12:54:32 GMT
Server: ECAcc (bsa/EB26)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aHfE8b71s3h0ejhAXbAT3kPSN4tyGrRIp4OnGq_SkZKvdzcTMgp5KQ==
Age: 633

criteo-sync.teads.tv/um?eid=80&uid=k-wn8UBdjqvabkv62-5n_2wj76iseJZ3hRLPQBEw

23.195.255.234

200 OK

23 B

URL HTTP/2
criteo-sync.teads.tv/um?eid=80&uid=k-wn8UBdjqvabkv62-5n_2wj76iseJZ3hRLPQBEw
IP
23.195.255.234:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
23 B (23 bytes)
Hash
da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

HTTP Headers

GET /um?eid=80&uid=k-wn8UBdjqvabkv62-5n_2wj76iseJZ3hRLPQBEw HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.10
content-length: 23
expires: Sat, 25 Mar 2023 22:30:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 25 Mar 2023 22:30:44 GMT
X-Firefox-Spdy: h2

contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-axfIP9jqvabkv62-5n_2wj76iseIiCmSVerQDg

23.38.200.22

200 OK

65 B

URL HTTP/2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-axfIP9jqvabkv62-5n_2wj76iseIiCmSVerQDg
IP
23.38.200.22:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 87a, 1 x 1\012- data
Size
65 B (65 bytes)
Hash
9fc4a410879e22eeb224e6c43c95ec52
21aa9fe1c1d54cb7479008698efdb167c8915ca6
e9265c8d1f568b85f487c3cfadb4305e5d7b122a16a9ec9f8a7d116f2fa5fdab

HTTP Headers

GET /cksync.php?cs=3&type=crt&ovsid=k-axfIP9jqvabkv62-5n_2wj76iseIiCmSVerQDg HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache
content-length: 65
content-type: image/gif
set-cookie: visitor-id=3227850443580255000V10; Expires=Sun, 24 Mar 2024 22:30:44 GMT; domain=.media.net; Path=/;
data-c-ts=1679783444;Expires=Mon, 24 Apr 2023 22:30:44 GMT;path=/;domain=.media.net;
data-c=k-axfIP9jqvabkv62-5n_2wj76iseIiCmSVerQDg~~3;Expires=Mon, 24 Apr 2023 22:30:44 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sat, 25 Mar 2023 22:30:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 25 Mar 2023 22:30:44 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
569c8dde76c4139934968e10799a623a
d3bc05734eb6d4aaa401dfa58c5f0058bfa088e1
0b16425c42800abfebaa465a6a4e2f5c2f0cfaecccd7eaae987934fa85861b61

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 36
Cache-Control: max-age=110218
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:44 GMT
Etag: "641e817a-1d7"
Expires: Mon, 27 Mar 2023 05:07:42 GMT
Last-Modified: Sat, 25 Mar 2023 05:07:06 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471

pipedream.wistia.com/mput?topic=metrics

52.4.213.160

200 OK

2 B

URL HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
52.4.213.160:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 7092
Origin: https://glucofreezenow.com
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:44 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2

pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-FJtO7djqvabkv62-5n_2wj76iscHVKW8eCb8Ow&expires=30

213.19.162.80

204 No Content

0 B

URL HTTP/1.1
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-FJtO7djqvabkv62-5n_2wj76iscHVKW8eCb8Ow&expires=30
IP
213.19.162.80:0
ASN
#26667 RUBICONPROJECT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tap.php?v=6434&nid=2149&put=k-FJtO7djqvabkv62-5n_2wj76iscHVKW8eCb8Ow&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 0163a7456b0a5605e8b1fb1d4fba3e4d
Content-Type: image/gif

ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID

37.252.173.215

307 Redirection

0 B

URL HTTP/1.1
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP
37.252.173.215:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 25 Mar 2023 22:30:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: 37b363d8-7fe2-453a-9293-2cd31c8c69bd
Set-Cookie: uuid2=2440330734316381546; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 23-Jun-2023 22:30:44 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

secure.adnxs.com/setuid?entity=52&code=k-xA62l9jqvabkv62-5n_2wj76iscAVLOsO9yW2Q

37.252.171.21

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/setuid?entity=52&code=k-xA62l9jqvabkv62-5n_2wj76iscAVLOsO9yW2Q
IP
37.252.171.21:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /setuid?entity=52&code=k-xA62l9jqvabkv62-5n_2wj76iscAVLOsO9yW2Q HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 25 Mar 2023 22:30:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-xA62l9jqvabkv62-5n_2wj76iscAVLOsO9yW2Q
AN-X-Request-Uuid: 966a5658-7fbf-4db3-b965-1abb60d9ffa5
Set-Cookie: uuid2=7456282831532289744; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 23-Jun-2023 22:30:44 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1fa9b6e556a7ee902fd5d848618774c7
da4e091dd6192b2dadcc6fc8b6ffa08dbe14a5d0
d1a6a253d705fb48ed955ae382acd9053eb789cb07050bfd8ae5c74d7afe3409

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108128
Date: Sat, 25 Mar 2023 22:30:44 GMT
Etag: "641e71e5-1d7"
Expires: Mon, 27 Mar 2023 04:32:52 GMT
Last-Modified: Sat, 25 Mar 2023 04:00:37 GMT
Server: ECAcc (bsa/EB6C)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nhSjhPGR6wFsStk738wC-Lb_0Dt9Zous8D9ms1CbCsmqvo0o-eKpTA==
Age: 1935

eb2.3lift.com/xuid?mid=2711&xuid=k-NKi1Ktjqvabkv62-5n_2wj76isfnTAWeFriHMA&dongle=013b

76.223.111.18

200 OK

37 B

URL HTTP/2
eb2.3lift.com/xuid?mid=2711&xuid=k-NKi1Ktjqvabkv62-5n_2wj76isfnTAWeFriHMA&dongle=013b
IP
76.223.111.18:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
37 B (37 bytes)
Hash
3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

HTTP Headers

GET /xuid?mid=2711&xuid=k-NKi1Ktjqvabkv62-5n_2wj76isfnTAWeFriHMA&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:44 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5716bd17f0cc1d649bcba4a6400ad0fa
752def7b1cf7d2f2e8213b28cb17f93e1015d333
ef78bd37975cc2a43c78562c8fcd9977f92a2ef525b87cfcef89f114f28eac3b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-4HErbdjqvabkv62-5n_2wj76isd5zWblZZWmYdP2psvMCI1C

3.122.161.116

200 OK

333 B

URL HTTP/2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-4HErbdjqvabkv62-5n_2wj76isd5zWblZZWmYdP2psvMCI1C
IP
3.122.161.116:0
ASN
#16509 AMAZON-02

File type
data
Size
333 B (333 bytes)
Hash
2ad66432462d665779fc7534aa5ac6d0
496d9f7a1c78dab6387fa5a92e56efa2e9e55c8d
3009c5be8eb352fb19f429d5b827c391e90e61d35eee05bdd7911bfb70549991

HTTP Headers

GET /usersync/push?partner=criteo&partnerId=k-4HErbdjqvabkv62-5n_2wj76isd5zWblZZWmYdP2psvMCI1C HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:44 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%22ae724eb0-cb5c-11ed-8de5-d773c61cba0a%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sat, 08 Apr 2023 22:30:44 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%22ae724eb0-cb5c-11ed-8de5-d773c61cba0a%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sat, 08 Apr 2023 22:30:44 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%22ae724eb0-cb5c-11ed-8de5-d773c61cba0a%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sat, 08 Apr 2023 22:30:44 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%22ae724eb0-cb5c-11ed-8de5-d773c61cba0a%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sat, 08 Apr 2023 22:30:44 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-4HErbdjqvabkv62-5n_2wj76isd5zWblZZWmYdP2psvMCI1C%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Sat, 08 Apr 2023 22:30:44 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
eaa0f8d426c20746ce7e01e97d8e8c89
a67608f1c08f6ba856aa4346b29af389644307a9
890816ddb0ebf2cbebafd7c62714b29e406b444bc34c4c118b64255b62202d64

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 25 Mar 2023 22:30:44 GMT
Last-Modified: Sat, 25 Mar 2023 21:36:02 GMT
Server: ECAcc (bsa/EAE4)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: t0NgkWcpYuRPPisJITL_bs1gQ6q9M6_FhGqvm2rscVQH3o8XIio6ZA==
Age: 3282

cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tfW0vdjqvabkv62-5n_2wj76isc2EYufhY5GCg&google_cm&google_hm=ay10ZlcwdmRqcXZhYmt2NjItNW5fMndqNzZpc2MyRVl1ZmhZNUdDZw

142.250.74.130

302 Found

440 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tfW0vdjqvabkv62-5n_2wj76isc2EYufhY5GCg&google_cm&google_hm=ay10ZlcwdmRqcXZhYmt2NjItNW5fMndqNzZpc2MyRVl1ZmhZNUdDZw
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
440 B (440 bytes)
Hash
ebfdb2347219dbc5ef71ecc93064401c
55fd69074bd0f799b93b85adbaac7b4a871c5c0c
cabeeba8b0c2e5e9bf68e11949672b81823538809ace784c11f20b6e1169135d

HTTP Headers

GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tfW0vdjqvabkv62-5n_2wj76isc2EYufhY5GCg&google_cm&google_hm=ay10ZlcwdmRqcXZhYmt2NjItNW5fMndqNzZpc2MyRVl1ZmhZNUdDZw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-tfW0vdjqvabkv62-5n_2wj76isc2EYufhY5GCg&google_cm=&google_hm=ay10ZlcwdmRqcXZhYmt2NjItNW5fMndqNzZpc2MyRVl1ZmhZNUdDZw&google_tc=
date: Sat, 25 Mar 2023 22:30:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 25-Mar-2023 22:45:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ff6990423fa8f56d36fd3ab0ebafca04
78b19df28e55d320addce61f08ca27240884ebca
bec51b93740fa7335a16766c9e288c464ae59ff90cdd5ef131be6eebe1e111cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4684
Cache-Control: max-age=136116
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:44 GMT
Etag: "641ed47c-1d7"
Expires: Mon, 27 Mar 2023 12:19:20 GMT
Last-Modified: Sat, 25 Mar 2023 11:01:16 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471

match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-mH5Rt9jqvabkv62-5n_2wj76iscErNdDVJhr6A

3.127.20.54

204 No Content

0 B

URL HTTP/2
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-mH5Rt9jqvabkv62-5n_2wj76iscErNdDVJhr6A
IP
3.127.20.54:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-mH5Rt9jqvabkv62-5n_2wj76iscErNdDVJhr6A HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sat, 25 Mar 2023 22:30:44 GMT
X-Firefox-Spdy: h2

cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-tfW0vdjqvabkv62-5n_2wj76isc2EYufhY5GCg&google_cm=&google_hm=ay10ZlcwdmRqcXZhYmt2NjItNW5fMndqNzZpc2MyRVl1ZmhZNUdDZw&google_tc=

142.250.74.130

302 Found

332 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-tfW0vdjqvabkv62-5n_2wj76isc2EYufhY5GCg&google_cm=&google_hm=ay10ZlcwdmRqcXZhYmt2NjItNW5fMndqNzZpc2MyRVl1ZmhZNUdDZw&google_tc=
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
332 B (332 bytes)
Hash
e039345d252905280d1158de28ed0869
73e0471c3f2920a3c7620ce4ebb72faeaac451c2
5684b882e2c3b397e438added6c89849df508425e8aec0a6ba933b14c0cb9976

HTTP Headers

GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-tfW0vdjqvabkv62-5n_2wj76isc2EYufhY5GCg&google_cm=&google_hm=ay10ZlcwdmRqcXZhYmt2NjItNW5fMndqNzZpc2MyRVl1ZmhZNUdDZw&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tfW0vdjqvabkv62-5n_2wj76isc2EYufhY5GCg&google_error=3
date: Sat, 25 Mar 2023 22:30:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-1U8KN9jqvabkv62-5n_2wj76isenyay_wGH9IQ

3.71.149.231

302 Found

0 B

URL HTTP/2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-1U8KN9jqvabkv62-5n_2wj76isenyay_wGH9IQ
IP
3.71.149.231:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ups/58301/sync?_origin=1&uid=k-1U8KN9jqvabkv62-5n_2wj76isenyay_wGH9IQ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 25 Mar 2023 22:30:44 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-1U8KN9jqvabkv62-5n_2wj76isenyay_wGH9IQ&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBBR2H2QCECnyrtsecmtH-CjYw3WTCpkFEgEBAQHHIGQpZAAAAAAA_eMAAA&S=AQAAAogz2PqDBAgV5LYN6zs2S0Q; Expires=Mon, 25 Mar 2024 04:30:44 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID

37.252.173.215

302 Found

0 B

URL HTTP/1.1
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP
37.252.173.215:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sat, 25 Mar 2023 22:30:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 500554ba-5548-4018-ac47-b1844a59d398
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-xA62l9jqvabkv62-5n_2wj76iscAVLOsO9yW2Q

37.252.171.21

200 OK

43 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-xA62l9jqvabkv62-5n_2wj76iscAVLOsO9yW2Q
IP
37.252.171.21:0
ASN
#29990 ASN-APPNEX

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

HTTP Headers

GET /bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-xA62l9jqvabkv62-5n_2wj76iscAVLOsO9yW2Q HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 25 Mar 2023 22:30:44 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 76b9e7c8-cd30-4d4a-abbc-e72c6d086853
Set-Cookie: anj=dTM7k!M4/rCxrEQF']wIg2GVIeuaSF!]tbPl@/D!9hy6]/Cv]tiIJ$_4=:[43j)e^g]lBF3Ee[ngQ7^X6<%'4f4u=f_<45e>lmK<cG2`B*bpRz*qF1`*bcV=+gP+4; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 23-Jun-2023 22:30:44 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a9bc8c4ca4ab70ccad0de19046a1972c
553ee3971b64db6b8f8111b8900057cd95964ca2
24804800335e95d9c2f7ca0b44e6e1d1ba2d0d31bf227a2d6281a4341f61a519

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2813
Cache-Control: max-age=144639
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:44 GMT
Etag: "641efd16-1d7"
Expires: Mon, 27 Mar 2023 14:41:23 GMT
Last-Modified: Sat, 25 Mar 2023 13:54:30 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
678d29248aa32ac654d461a9453b0bcb
4bfd729759e57cf5444488ca7a7fb637d79c6f9f
90203638d9d2afd2de6de65e8884a8aba4396212df76357380172b0053f6dd53

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "90203638D9D2AFD2DE6DE65E8884A8ABA4396212DF76357380172B0053F6DD53"
Last-Modified: Sat, 25 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9297
Expires: Sun, 26 Mar 2023 01:05:41 GMT
Date: Sat, 25 Mar 2023 22:30:44 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
7ef51c0fa2320bb875996a5e9dc8a3b2
9800551f1f2e2b51d6bd2142972770683dc5df97
0e153635305bdf3a1bcda79feac0d97209af15bc0044cc176c3b8a621c768f22

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 22:30:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 25 Mar 2023 01:56:50 GMT
Expires: Sat, 01 Apr 2023 01:56:49 GMT
Etag: "9800551f1f2e2b51d6bd2142972770683dc5df97"
Cache-Control: max-age=530164,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ada999f0a360afa-OSL

cm.adform.net/pixel?adform_pid=15&adform_pc=k-geRQutjqvabkv62-5n_2wj76ise81Pae0jKeCg

37.157.4.23

200 OK

43 B

URL HTTP/2
cm.adform.net/pixel?adform_pid=15&adform_pc=k-geRQutjqvabkv62-5n_2wj76ise81Pae0jKeCg
IP
37.157.4.23:0
ASN
#198622 Adform A/S

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /pixel?adform_pid=15&adform_pc=k-geRQutjqvabkv62-5n_2wj76ise81Pae0jKeCg HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 22:30:44 GMT
content-type: image/gif
content-length: 43
last-modified: Wed, 11 Oct 2017 13:40:08 GMT
etag: "59de1f38-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1acdc82b2aa5400857a4bc33075573e0
8925d539e3a6b1fdfb29d9cd32da040721f1ffb5
d2b7aa5dece1b68cc2f9970b3f97c366df11a06eac837bbc855420a8ecfba5c2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2140
Cache-Control: max-age=112314
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:44 GMT
Etag: "641e8172-1d7"
Expires: Mon, 27 Mar 2023 05:42:38 GMT
Last-Modified: Sat, 25 Mar 2023 05:06:58 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471

ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-1U8KN9jqvabkv62-5n_2wj76isenyay_wGH9IQ&verify=true

3.71.149.231

204 No Content

0 B

URL HTTP/2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-1U8KN9jqvabkv62-5n_2wj76isenyay_wGH9IQ&verify=true
IP
3.71.149.231:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ups/58301/sync?_origin=1&uid=k-1U8KN9jqvabkv62-5n_2wj76isenyay_wGH9IQ&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sat, 25 Mar 2023 22:30:44 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBBR2H2QCEPDTwMfcFkK6WDw9JJdAqJUFEgEBAQHHIGQpZAAAAAAA_eMAAA&S=AQAAArRlBp9eh6-108Ul4c_PCJ4; Expires=Mon, 25 Mar 2024 04:30:44 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
a5b955b321d64d73e2a0798d051969d8
4248a40c2ed92acd770773d66b0ef1198a7e8d2d
1defc8832131ee288e0357d2e0d643ae4c0f048114bb11c0ec1fb7823d8ad718

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 25 Mar 2023 22:30:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 15036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 25 Mar 2023 20:46:19 GMT
Expires: Sun, 26 Mar 2023 20:46:19 GMT
ETag: "4248a40c2ed92acd770773d66b0ef1198a7e8d2d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

id5-sync.com/s/966/9.gif?puid=k-1jR-ddjqvabkv62-5n_2wj76isfagm_M7vzK0A

141.95.98.65

200

43 B

URL HTTP/1.1
id5-sync.com/s/966/9.gif?puid=k-1jR-ddjqvabkv62-5n_2wj76isfagm_M7vzK0A
IP
141.95.98.65:0
ASN
#16276 OVH SAS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /s/966/9.gif?puid=k-1jR-ddjqvabkv62-5n_2wj76isfagm_M7vzK0A HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sat, 25-Mar-2023 22:35:44 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sat, 25-Mar-2023 22:35:44 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sat, 25-Mar-2023 22:35:44 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sat, 25-Mar-2023 22:35:44 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sat, 25-Mar-2023 22:35:44 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sat, 25-Mar-2023 22:35:44 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sat, 25 Mar 2023 22:30:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload

x.bidswitch.net/sync?dsp_id=46&user_id=k-BnWb-9jqvabkv62-5n_2wj76isfM4B6h9Xi5gg&expires=30

52.28.194.209

302 Found

0 B

URL HTTP/2
x.bidswitch.net/sync?dsp_id=46&user_id=k-BnWb-9jqvabkv62-5n_2wj76isfM4B6h9Xi5gg&expires=30
IP
52.28.194.209:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?dsp_id=46&user_id=k-BnWb-9jqvabkv62-5n_2wj76isfM4B6h9Xi5gg&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 25 Mar 2023 22:30:44 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-BnWb-9jqvabkv62-5n_2wj76isfM4B6h9Xi5gg&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=ce37525f-6e66-437d-aec5-be1098cd04f1; path=/; expires=Sun, 24-Mar-2024 22:30:44 GMT; domain=.bidswitch.net; samesite=none; secure
c=1679783444; path=/; expires=Sun, 24-Mar-2024 22:30:44 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1679783444; path=/; expires=Sun, 24-Mar-2024 22:30:44 GMT; domain=.bidswitch.net; samesite=none; secure
c=1679783444; path=/; expires=Sun, 24-Mar-2024 22:30:44 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5716bd17f0cc1d649bcba4a6400ad0fa
752def7b1cf7d2f2e8213b28cb17f93e1015d333
ef78bd37975cc2a43c78562c8fcd9977f92a2ef525b87cfcef89f114f28eac3b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0JrTK9jqvabkv62-5n_2wj76iseZ5g_ILit7Ww

185.80.36.245

302 Found

0 B

URL HTTP/1.1
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0JrTK9jqvabkv62-5n_2wj76iseZ5g_ILit7Ww
IP
185.80.36.245:0
ASN
#27381 CASALE-MEDIA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rum?cm_dsp_id=20&external_user_id=k-0JrTK9jqvabkv62-5n_2wj76iseZ5g_ILit7Ww HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Date: Sat, 25 Mar 2023 22:30:44 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: /rum?cm_dsp_id=20&external_user_id=k-0JrTK9jqvabkv62-5n_2wj76iseZ5g_ILit7Ww&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 0
Set-Cookie: CMID=ZB92FLPkseP6.7rLvda9AwAA; Path=/; Domain=casalemedia.com; Expires=Sun, 24 Mar 2024 22:30:44 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4444; Path=/; Domain=casalemedia.com; Expires=Fri, 23 Jun 2023 22:30:44 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4444; Path=/; Domain=casalemedia.com; Expires=Fri, 23 Jun 2023 22:30:44 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive

c.bing.com/c.gif?ctsa=mr&CtsSyncId=4B4C3F6C33F940D2B4DFD41C1E71F82F&RedC=c.clarity.ms&MXFR=1CA063EBA0CB6C74223A7134A4CB6244

13.107.21.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?ctsa=mr&CtsSyncId=4B4C3F6C33F940D2B4DFD41C1E71F82F&RedC=c.clarity.ms&MXFR=1CA063EBA0CB6C74223A7134A4CB6244
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?ctsa=mr&CtsSyncId=4B4C3F6C33F940D2B4DFD41C1E71F82F&RedC=c.clarity.ms&MXFR=1CA063EBA0CB6C74223A7134A4CB6244 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezenow.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4B4C3F6C33F940D2B4DFD41C1E71F82F&MUID=067A4E0CF1376A3731EE5CD3F0C26B61
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: MUID=067A4E0CF1376A3731EE5CD3F0C26B61; domain=.bing.com; expires=Thu, 18-Apr-2024 22:30:44 GMT; path=/; SameSite=None; Secure; Priority=High;
MR=0; domain=c.bing.com; expires=Sat, 01-Apr-2023 22:30:44 GMT; path=/; SameSite=None; Secure;
SRM_B=067A4E0CF1376A3731EE5CD3F0C26B61; domain=c.bing.com; expires=Thu, 18-Apr-2024 22:30:44 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2945F67D293B4B46BB4D9DC4716A2919 Ref B: OSL30EDGE0119 Ref C: 2023-03-25T22:30:44Z
date: Sat, 25 Mar 2023 22:30:44 GMT
content-length: 0
X-Firefox-Spdy: h2

ad.yieldlab.net/m?dt_id=8664&ext_id=k-aPpJN9jqvabkv62-5n_2wj76isfmGrkNKArStQ

23.13.245.180

204 No Content

0 B

URL HTTP/1.1
ad.yieldlab.net/m?dt_id=8664&ext_id=k-aPpJN9jqvabkv62-5n_2wj76isfmGrkNKArStQ
IP
23.13.245.180:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /m?dt_id=8664&ext_id=k-aPpJN9jqvabkv62-5n_2wj76isfmGrkNKArStQ HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
x-application-context: application
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Fri, 24 Mar 2023 22:30:44 GMT
Date: Sat, 25 Mar 2023 22:30:44 GMT
Connection: keep-alive
Set-Cookie: id=b77c39da-2de4-4b35-84eb-e83b0de2c099; Path=/; Domain=prod.svc.y6b.de; Expires=Sun, 24-Mar-2024 22:30:44 GMT; Max-Age=31536000; Secure; SameSite=None

dpm.demdex.net/ibs:dpid=28645&dpuuid=

52.51.141.47

302 Found

0 B

URL HTTP/1.1
dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP
52.51.141.47:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v046-015700753.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=06010247525325378123154516305676624945; Max-Age=15552000; Expires=Thu, 21 Sep 2023 22:30:44 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 6jWDt8h7Qx8=
Content-Length: 0
Connection: keep-alive

x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-BnWb-9jqvabkv62-5n_2wj76isfM4B6h9Xi5gg&expires=30

52.28.194.209

200 OK

43 B

URL HTTP/2
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-BnWb-9jqvabkv62-5n_2wj76isfM4B6h9Xi5gg&expires=30
IP
52.28.194.209:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /ul_cb/sync?dsp_id=46&user_id=k-BnWb-9jqvabkv62-5n_2wj76isfM4B6h9Xi5gg&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:44 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2

status.thawte.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
92e5fd8909cc36ced62d240107f1f8b2
314d168136fc38450cf38523fbe3d2bfe82813c7
5e257c6bf9f169e32d3a9bce538932af4b7314766f71277d70df19cf55c2a85c

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1147
Cache-Control: max-age=165717
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:44 GMT
Etag: "641f55ee-1d7"
Expires: Mon, 27 Mar 2023 20:32:41 GMT
Last-Modified: Sat, 25 Mar 2023 20:13:34 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
748e7d7bff47739d07570b76ec24f725
ed91476d8dfb2cbc5bd2a8598cb7b8cb220d6192
c830050408346fde1bba3ee9ebec28f493cf15a34807403c241bebb4ee666a3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3061
Cache-Control: max-age=125805
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:44 GMT
Etag: "641eb28c-1d7"
Expires: Mon, 27 Mar 2023 09:27:29 GMT
Last-Modified: Sat, 25 Mar 2023 08:36:28 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
e6893aff6547c79a9ae650d0e10ad367
89c7d67f34a6353a08ce5e3483bf625f93f6c305
9f03fd0aac72d302987b17595747e8f1944d1c5a8941e8c70695b95d03c4b8ea

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 22:30:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 25 Mar 2023 15:11:57 GMT
Expires: Sat, 01 Apr 2023 15:11:56 GMT
Etag: "89c7d67f34a6353a08ce5e3483bf625f93f6c305"
Cache-Control: max-age=577871,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ada99a0ccdc0afa-OSL

c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4B4C3F6C33F940D2B4DFD41C1E71F82F&MUID=067A4E0CF1376A3731EE5CD3F0C26B61

68.219.88.97

200 OK

42 B

URL HTTP/2
c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4B4C3F6C33F940D2B4DFD41C1E71F82F&MUID=067A4E0CF1376A3731EE5CD3F0C26B61
IP
68.219.88.97:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?ctsa=mr&CtsSyncId=4B4C3F6C33F940D2B4DFD41C1E71F82F&MUID=067A4E0CF1376A3731EE5CD3F0C26B61 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezenow.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 16 Mar 2023 17:16:22 GMT
accept-ranges: bytes
etag: "c4b6d572b58d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sat, 25-Mar-2023 22:40:44 GMT; path=/; SameSite=None; Secure;
date: Sat, 25 Mar 2023 22:30:44 GMT
content-length: 42
X-Firefox-Spdy: h2

dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=

52.51.141.47

200 OK

59 B

URL HTTP/1.1
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP
52.51.141.47:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
59 B (59 bytes)
Hash
1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13

HTTP Headers

GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v046-0ec49e33e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: nBoMMn/kRkk=
Content-Length: 59
Connection: keep-alive

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
030cd276b04b21f8665b167ac23bf5ce
2ab01dcd5cef4fabaa9014260488c4e13c743be9
a5c59ff1631acfbd697df2fa612c0654774a739c6f58e1014c895563630888eb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101210
Date: Sat, 25 Mar 2023 22:30:44 GMT
Etag: "641e44ef-1d7"
Expires: Mon, 27 Mar 2023 02:37:34 GMT
Last-Modified: Sat, 25 Mar 2023 00:48:47 GMT
Server: ECAcc (bsa/EB26)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: j1FdQn0vXsqm3rNAgZEUxV_qGLrLRPSHuIbGAYiKUz3fJenwWxdmOw==
Age: 6527

simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-JCehAtjqvabkv62-5n_2wj76iscbCGDlKqHzMQ

185.64.189.110

200 OK

42 B

URL HTTP/2
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-JCehAtjqvabkv62-5n_2wj76iscbCGDlKqHzMQ
IP
185.64.189.110:0
ASN
#62713 AS-PUBMATIC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-JCehAtjqvabkv62-5n_2wj76iscbCGDlKqHzMQ HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 22:30:43 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-JCehAtjqvabkv62-5n_2wj76iscbCGDlKqHzMQ&KRTB&23144-uid:k-JCehAtjqvabkv62-5n_2wj76iscbCGDlKqHzMQ&KRTB&23286-uid:k-JCehAtjqvabkv62-5n_2wj76iscbCGDlKqHzMQ&KRTB&23287-uid:k-JCehAtjqvabkv62-5n_2wj76iscbCGDlKqHzMQ; domain=pubmatic.com; secure; expires=Mon, 24-Apr-2023 22:30:43 GMT; path=/
PugT=1679783443; domain=pubmatic.com; secure; expires=Mon, 24-Apr-2023 22:30:43 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2

r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0JrTK9jqvabkv62-5n_2wj76iseZ5g_ILit7Ww&C=1

185.80.36.245

200 OK

43 B

URL HTTP/1.1
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0JrTK9jqvabkv62-5n_2wj76iseZ5g_ILit7Ww&C=1
IP
185.80.36.245:0
ASN
#27381 CASALE-MEDIA

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /rum?cm_dsp_id=20&external_user_id=k-0JrTK9jqvabkv62-5n_2wj76iseZ5g_ILit7Ww&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 22:30:44 GMT
Server: Apache
Cache-Control: no-cache
Content-Type: image/gif
Expires: 0
Pragma: no-cache
Content-Length: 43
Keep-Alive: timeout=1, max=499
Connection: Keep-Alive

visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-l1aZM9jqvabkv62-5n_2wj76ise3hp6K5oAHhg

185.255.84.153

200 OK

49 B

URL HTTP/2
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-l1aZM9jqvabkv62-5n_2wj76ise3hp6K5oAHhg
IP
185.255.84.153:0
ASN
#200271 Iguane Solutions SAS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
49 B (49 bytes)
Hash
4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

HTTP Headers

GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-l1aZM9jqvabkv62-5n_2wj76ise3hp6K5oAHhg HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=358d31d71037dcd966fd2f3d6fd69130; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sat, 25 Mar 2023 22:30:44 GMT
content-length: 49
x-envoy-upstream-service-time: 2
server: ayl-lb-fra02
X-Firefox-Spdy: h2

ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-wWuVg9jqvabkv62-5n_2wj76isd_U47w95M3vw

3.64.164.161

302 Found

0 B

URL HTTP/2
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-wWuVg9jqvabkv62-5n_2wj76isd_U47w95M3vw
IP
3.64.164.161:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?publisher_dsp_id=38&external_user_id=k-wWuVg9jqvabkv62-5n_2wj76isd_U47w95M3vw HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 25 Mar 2023 22:30:44 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-wWuVg9jqvabkv62-5n_2wj76isd_U47w95M3vw
set-cookie: tuuid=8615e8d6-dce0-4136-9758-3a5e655c2636; Expires=Fri, 23 Jun 2023 22:30:44 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1679783444; Expires=Fri, 23 Jun 2023 22:30:44 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40

178.250.0.157

302 Found

0 B

URL HTTP/2
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Sat, 25 Mar 2023 22:30:44 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 711675
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-wWuVg9jqvabkv62-5n_2wj76isd_U47w95M3vw

3.64.164.161

200 OK

43 B

URL HTTP/2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-wWuVg9jqvabkv62-5n_2wj76isd_U47w95M3vw
IP
3.64.164.161:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-wWuVg9jqvabkv62-5n_2wj76isd_U47w95M3vw HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:44 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f2070749504b4597961aac1c33c735ac
5c9b069f3762ee7c6be4810ca34b03fbfe11e92b
82ca7ba59f933a474505c0ba5fee2cca18db6c494478e051be7773bedff455b7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170756
Date: Sat, 25 Mar 2023 22:30:44 GMT
Etag: "641f653b-1d7"
Expires: Mon, 27 Mar 2023 21:56:40 GMT
Last-Modified: Sat, 25 Mar 2023 21:18:51 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PVrch-9DyLNmcQHaXiZ5pkLqaISQbWY4p7GZO8lC5KpUPCjaF965rA==
Age: 2269

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
54ee36c8e078d2564b519175903d2be1
267ac4911149d8d5946cb56120faa1a8bb8ca8a2
39b4677d98d1118810daf1366a18e36d4daeb45a8a1c530c43925eff7a9328db

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165046
Date: Sat, 25 Mar 2023 22:30:44 GMT
Etag: "641f4aa5-1d7"
Expires: Mon, 27 Mar 2023 20:21:30 GMT
Last-Modified: Sat, 25 Mar 2023 19:25:25 GMT
Server: ECAcc (nya/796A)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iPsp4Ak-xTO4_kD6B28rxylve9ll92qiqEDirldIqV03op-z3TPyfQ==
Age: 3365

sync-criteo.ads.yieldmo.com/sync?id=k-WouhZtjqvabkv62-5n_2wj76ise6M-CCj9n8yg&pn_id=criteo&ext=1

54.155.81.193

200 OK

43 B

URL HTTP/2
sync-criteo.ads.yieldmo.com/sync?id=k-WouhZtjqvabkv62-5n_2wj76ise6M-CCj9n8yg&pn_id=criteo&ext=1
IP
54.155.81.193:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /sync?id=k-WouhZtjqvabkv62-5n_2wj76ise6M-CCj9n8yg&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:44 GMT
content-type: img/gif;charset=utf-8
content-length: 43
set-cookie: yieldmo_id=g947dc942c70e5ea3fd5%7C1679783444760%7C0%7C; Domain=.yieldmo.com; Expires=Sun, 24-Mar-2024 22:30:44 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-WouhZtjqvabkv62-5n_2wj76ise6M-CCj9n8yg; Domain=ads.yieldmo.com; Expires=Sun, 24-Mar-2024 22:30:44 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
X-Firefox-Spdy: h2

sync.outbrain.com/cookie-sync?p=criteo&uid=k-XpQCr9jqvabkv62-5n_2wj76isdI6tldgJ8AEg&initiator=partner

64.202.112.191

200 OK

0 B

URL HTTP/1.1
sync.outbrain.com/cookie-sync?p=criteo&uid=k-XpQCr9jqvabkv62-5n_2wj76isdI6tldgJ8AEg&initiator=partner
IP
64.202.112.191:0
ASN
#22075 AS-OUTBRAIN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cookie-sync?p=criteo&uid=k-XpQCr9jqvabkv62-5n_2wj76isdI6tldgJ8AEg&initiator=partner HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 22:30:44 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: 94143533ad1e77887d71bb8f57a925af

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
37b431992187f752fbb4090a20683a9c
a2e8a8d755669e776e5031533666bb3c1edbf483
3798c5b5438ba588603f2c2fa821fa49cb2146caf7981f8f2643a77fdab3e503

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6565
Cache-Control: max-age=90091
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:30:44 GMT
Etag: "641e195a-1d7"
Expires: Sun, 26 Mar 2023 23:32:15 GMT
Last-Modified: Fri, 24 Mar 2023 21:42:50 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471

beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=

52.208.205.244

204 No Content

0 B

URL HTTP/2
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP
52.208.205.244:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sat, 25 Mar 2023 22:30:44 GMT
set-cookie: _kuid_=PdNxE3vb; Expires=Thu, 21-Sep-23 22:30:44 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n012-dub-prod.krxd.net
x-request-time: D=30 t=1679783444
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40

178.250.0.157

302 Found

0 B

URL HTTP/2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Sat, 25 Mar 2023 22:30:44 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 364641
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
a94ff915a8d12828dd90ccb8f704d429
c628e9130cdeac08830630163470d4875f53dcc6
756f1837ff2ba6502aff135a398b77a1a3a75e9d5c7a022cb304caf7d8eec261

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "756F1837FF2BA6502AFF135A398B77A1A3A75E9D5C7A022CB304CAF7D8EEC261"
Last-Modified: Sat, 25 Mar 2023 14:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=622
Expires: Sat, 25 Mar 2023 22:41:07 GMT
Date: Sat, 25 Mar 2023 22:30:45 GMT
Connection: keep-alive

s.thebrighttag.com/cs?btt=0&tp=cr&uid=

3.133.28.46

200 OK

35 B

URL HTTP/2
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP
3.133.28.46:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:45 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: af306e91-cb5c-11ed-82b4-0000ac1702bb
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: 
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 5121
Origin: https://glucofreezenow.com
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 25 Mar 2023 22:30:45 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://glucofreezenow.com
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-f4hUpNjqvabkv62-5n_2wj76isfblj0n3MqZsA

185.86.139.101

200 OK

43 B

URL HTTP/2
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-f4hUpNjqvabkv62-5n_2wj76isfblj0n3MqZsA
IP
185.86.139.101:0
ASN
#201081 SmartAdServer SAS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

HTTP Headers

GET /redir/?partnerid=79&partneruserid=k-f4hUpNjqvabkv62-5n_2wj76isfblj0n3MqZsA HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
date: Sat, 25 Mar 2023 22:30:43 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=8438318115127633644; expires=Mon, 22 Apr 2024 22:30:44 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 22 Apr 2024 22:30:44 GMT; domain=smartadserver.com; path=/
csync=79:k-f4hUpNjqvabkv62-5n_2wj76isfblj0n3MqZsA; expires=Sun, 24 Mar 2024 22:30:44 GMT; domain=smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Firefox-Spdy: h2

dynamic.criteo.com/js/ld/ld.js?a=89824

178.250.0.147

200 OK

0 B

URL HTTP/2
dynamic.criteo.com/js/ld/ld.js?a=89824
IP
178.250.0.147:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/ld/ld.js?a=89824 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:42 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

display.buygoods.com/v1/disclaimer?id=disclaimer-bg&account_id=6808&background=white

172.66.40.141

200 OK

0 B

URL HTTP/2
display.buygoods.com/v1/disclaimer?id=disclaimer-bg&account_id=6808&background=white
IP
172.66.40.141:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v1/disclaimer?id=disclaimer-bg&account_id=6808&background=white HTTP/1.1
Host: display.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:42 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
cache-control: private
cf-cache-status: DYNAMIC
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
__cflb=02DiuHqbnvaBNqZ2uGBKRYmBT9SdWdqrafMzdQFvyhcYt; SameSite=Lax; path=/; expires=Sun, 26-Mar-23 21:30:42 GMT; HttpOnly
server: cloudflare
cf-ray: 7ada99903d34b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fitleanhealth.com/mw25ckd_leads-GlucoFreeze-032523

188.114.96.1

200 OK

0 B

URL HTTP/2
fitleanhealth.com/mw25ckd_leads-GlucoFreeze-032523
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mw25ckd_leads-GlucoFreeze-032523 HTTP/1.1
Host: fitleanhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:40 GMT
content-type: text/html;charset=UTF-8
age: 0
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-security-policy: upgrade-insecure-requests
expires: Mon, 07 Jul 1777 07:07:07 GMT
pragma: no-cache
set-cookie: prli_click_653=mw25ckd_leads-GlucoFreeze-032523; expires=Mon, 24-Apr-2023 22:30:40 GMT; Max-Age=2592000; path=/
prli_visitor=641f761018512; expires=Sun, 24-Mar-2024 22:30:40 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=300
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: uncached
x-cache-hit: MISS
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,2,24
x-php-version: 7.4
x-redirect-powered-by: Pretty Link Beginner 3.2.4 http://prettylink.com
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RsX4JiMD1H0X7Jx%2BgBy5XwKUtKdciBAHhb813QXS8u%2BuHhRBOEZIdOvVUqhPbehH8kY8VV6%2BshulMOer49lF0dAlY0gcGL3JucUpY5LhjfmGURr2I1%2BIYlFstq5bFrjHf3Rfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ada9983caa7b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3maf0.n3cdn1.secureserver.net/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.4&time=1679654730

162.159.136.45

200 OK

0 B

URL HTTP/2
r3maf0.n3cdn1.secureserver.net/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.4&time=1679654730
IP
162.159.136.45:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.4&time=1679654730 HTTP/1.1
Host: r3maf0.n3cdn1.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fitleanhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:40 GMT
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 16 Mar 2022 02:36:08 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: uncached
x-cache-hit: MISS
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 116441
expires: Tue, 25 Apr 2023 22:30:40 GMT
cache-control: public, max-age=2678400
server: cloudflare
cf-ray: 7ada9985df15b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.clarity.ms/tag/7u0gjnakkh

13.107.238.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/tag/7u0gjnakkh
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/7u0gjnakkh HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=728caf1cc1604fa08b466bd66d7dc5e7.20230325.20240324; expires=Sun, 24 Mar 2024 22:30:42 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
x-cache: CONFIG_NOCACHE
x-azure-ref: 0EnYfZAAAAAAQIbKfQl5pQoepyvr2ts01U1ZHMjBFREdFMDYyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 25 Mar 2023 22:30:42 GMT
X-Firefox-Spdy: h2

sslwidget.criteo.com/event?a=89824&v=5.14.1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523%26ref%3Dhttps%253A%252F%252Ffitleanhealth.com&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=8IzaJV8zcDdaN3lkSTJqT1RsS2J5azlLTWE1WUJ2YlY3eU1SJTJCZDJURjF1VkdhbzM4a0Y2RExWelhjWXAlMkYzR2IwVGFma0dqUnY4VFh6WHVEVDdTbTRaZDBGeWJIc0F0NTdUaGtrNlZzV2lLb0lLSyUyQlV3NGJWZWolMkY5RGdsdFZPUWt4VCUyQk1xWnk0ZFNERFplM0phVWlraiUyRnVMQUElM0QlM0Q&tld=glucofreezenow.com&dy=1&fu=https%253A%252F%252Fglucofreezenow.com%252Fstill-broadcast%252Findex.html%253Faff_id%253D7990%2526subid%253Dmw25ckd_032523_leads%2526subid5%253D0e4b01eab09c497fbaf64fc163f697ba&pu=https%253A%252F%252Ffitleanhealth.com%252F&dtycbr=50008

178.250.1.9

200 OK

0 B

URL HTTP/2
sslwidget.criteo.com/event?a=89824&v=5.14.1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523%26ref%3Dhttps%253A%252F%252Ffitleanhealth.com&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=8IzaJV8zcDdaN3lkSTJqT1RsS2J5azlLTWE1WUJ2YlY3eU1SJTJCZDJURjF1VkdhbzM4a0Y2RExWelhjWXAlMkYzR2IwVGFma0dqUnY4VFh6WHVEVDdTbTRaZDBGeWJIc0F0NTdUaGtrNlZzV2lLb0lLSyUyQlV3NGJWZWolMkY5RGdsdFZPUWt4VCUyQk1xWnk0ZFNERFplM0phVWlraiUyRnVMQUElM0QlM0Q&tld=glucofreezenow.com&dy=1&fu=https%253A%252F%252Fglucofreezenow.com%252Fstill-broadcast%252Findex.html%253Faff_id%253D7990%2526subid%253Dmw25ckd_032523_leads%2526subid5%253D0e4b01eab09c497fbaf64fc163f697ba&pu=https%253A%252F%252Ffitleanhealth.com%252F&dtycbr=50008
IP
178.250.1.9:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /event?a=89824&v=5.14.1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523%26ref%3Dhttps%253A%252F%252Ffitleanhealth.com&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=8IzaJV8zcDdaN3lkSTJqT1RsS2J5azlLTWE1WUJ2YlY3eU1SJTJCZDJURjF1VkdhbzM4a0Y2RExWelhjWXAlMkYzR2IwVGFma0dqUnY4VFh6WHVEVDdTbTRaZDBGeWJIc0F0NTdUaGtrNlZzV2lLb0lLSyUyQlV3NGJWZWolMkY5RGdsdFZPUWt4VCUyQk1xWnk0ZFNERFplM0phVWlraiUyRnVMQUElM0QlM0Q&tld=glucofreezenow.com&dy=1&fu=https%253A%252F%252Fglucofreezenow.com%252Fstill-broadcast%252Findex.html%253Faff_id%253D7990%2526subid%253Dmw25ckd_032523_leads%2526subid5%253D0e4b01eab09c497fbaf64fc163f697ba&pu=https%253A%252F%252Ffitleanhealth.com%252F&dtycbr=50008 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:42 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 11444813
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-DaeJ9Njqvabkv62-5n_2wj76iscVsC-lmIAbVg

141.226.228.48

200 OK

0 B

URL HTTP/2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-DaeJ9Njqvabkv62-5n_2wj76iscVsC-lmIAbVg
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-DaeJ9Njqvabkv62-5n_2wj76iscVsC-lmIAbVg HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 22:30:44 GMT
x-fastly-to-nlb-rtt: 22164
access-control-allow-credentials: true
X-Firefox-Spdy: h2

d10lpsik1i8c69.cloudfront.net/w.js

54.230.245.178

200 OK

0 B

URL HTTP/2
d10lpsik1i8c69.cloudfront.net/w.js
IP
54.230.245.178:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /w.js HTTP/1.1
Host: d10lpsik1i8c69.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Sat, 25 Mar 2023 22:12:40 GMT
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
cache-control: max-age=3600
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _1WllBcwjS94-YI-pkdiua_cFbPKAvh1zfJVij92OYQCsusedMEZoA==
age: 1083
X-Firefox-Spdy: h2

glucofreezenow.com/favicon.ico

69.172.200.220

200 OK

0 B

URL HTTP/2
glucofreezenow.com/favicon.ico
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: glucofreezenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba
Cookie: uid=wKhaAmQfdhGQcAA6AwTeAg==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:42 GMT
content-type: image/x-icon
last-modified: Sun, 06 Mar 2022 14:43:46 GMT
etag: W/"6224c8a2-1b76"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: e95cae87bc35f12ea0a61537f9fb1529
server: DOSarrest
X-Firefox-Spdy: h2

criteo-partners.tremorhub.com/sync?UICR=k-lAN2utjqvabkv62-5n_2wj76isdgFhb8KRYY8g

3.212.185.15

200 OK

0 B

URL HTTP/2
criteo-partners.tremorhub.com/sync?UICR=k-lAN2utjqvabkv62-5n_2wj76isdgFhb8KRYY8g
IP
3.212.185.15:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?UICR=k-lAN2utjqvabkv62-5n_2wj76isdgFhb8KRYY8g HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:44 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
set-cookie: tvid=60f36ba5c310465b8fe5c45e395a9576; Domain=.tremorhub.com; Expires=Mon, 25-Mar-2024 04:19:04 GMT; Path=/; Secure; SameSite=None
tv_UICR=k-lAN2utjqvabkv62-5n_2wj76isdgFhb8KRYY8g; Domain=.tremorhub.com; Expires=Mon, 24-Apr-2023 22:30:44 GMT; Path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0

178.250.0.163

200 OK

0 B

URL HTTP/2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP
178.250.0.163:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:44 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 529680
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

tracking.buygoods.com/track/?a=6808&firstcookie=0&tracking_redirect=&referrer=https%3A%2F%2Ffitleanhealth.com%2F&sessid2=&product=gluco_freeze,gluco_freeze_3,gluco_freeze_6&caller_url=https%3A%2F%2Fglucofreezenow.com%2Fstill-broadcast%2Findex.html%3Faff_id%3D7990%26subid%3Dmw25ckd_032523_leads%26subid5%3D0e4b01eab09c497fbaf64fc163f697ba

172.66.43.22

200 OK

0 B

URL HTTP/2
tracking.buygoods.com/track/?a=6808&firstcookie=0&tracking_redirect=&referrer=https%3A%2F%2Ffitleanhealth.com%2F&sessid2=&product=gluco_freeze,gluco_freeze_3,gluco_freeze_6&caller_url=https%3A%2F%2Fglucofreezenow.com%2Fstill-broadcast%2Findex.html%3Faff_id%3D7990%26subid%3Dmw25ckd_032523_leads%26subid5%3D0e4b01eab09c497fbaf64fc163f697ba
IP
172.66.43.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /track/?a=6808&firstcookie=0&tracking_redirect=&referrer=https%3A%2F%2Ffitleanhealth.com%2F&sessid2=&product=gluco_freeze,gluco_freeze_3,gluco_freeze_6&caller_url=https%3A%2F%2Fglucofreezenow.com%2Fstill-broadcast%2Findex.html%3Faff_id%3D7990%26subid%3Dmw25ckd_032523_leads%26subid5%3D0e4b01eab09c497fbaf64fc163f697ba HTTP/1.1
Host: tracking.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:42 GMT
content-type: application/javascript
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Tue, Jan 12 1999 01:01:01 GMT
set-cookie: spiaffid_6808=7990; expires=Fri, 23-Jun-2023 22:30:42 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisubid_6808=mw25ckd_032523_leads; expires=Fri, 23-Jun-2023 22:30:42 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spicampaign_id_6808=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_6808=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_6808=91.90.42.154:fitleanhealth.com:glucofreezenow.com%2Fstill-broadcast; expires=Fri, 23-Jun-2023 22:30:42 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisessid2_6808=sessid20230325223021436; expires=Fri, 23-Jun-2023 22:30:42 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spi_funnel_codename_6808=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ada99938f74b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

settings.luckyorange.net/?u=https%3A%2F%2Fglucofreezenow.com%2Fstill-broadcast%2Findex.html%3Faff_id%3D7990%26subid%3Dmw25ckd_032523_leads%26subid5%3D0e4b01eab09c497fbaf64fc163f697ba&s=322491

172.67.75.100

200 OK

0 B

URL HTTP/2
settings.luckyorange.net/?u=https%3A%2F%2Fglucofreezenow.com%2Fstill-broadcast%2Findex.html%3Faff_id%3D7990%26subid%3Dmw25ckd_032523_leads%26subid5%3D0e4b01eab09c497fbaf64fc163f697ba&s=322491
IP
172.67.75.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?u=https%3A%2F%2Fglucofreezenow.com%2Fstill-broadcast%2Findex.html%3Faff_id%3D7990%26subid%3Dmw25ckd_032523_leads%26subid5%3D0e4b01eab09c497fbaf64fc163f697ba&s=322491 HTTP/1.1
Host: settings.luckyorange.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezenow.com/
Origin: https://glucofreezenow.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:43 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://glucofreezenow.com
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcBfEHnVn4DbO7KDk552ssLQQkvpNDLgy%2FE6sBUSFpWWy42EAQ2KQ9ALRbCOWRCTgUbRcjwSm2IIebwSjGPjO8lseBK54F5EkqcxqNbTLUYn8vY%2BK6ht%2Bni%2BxxttOBZ5go6AHizsIrBpZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ada9995df81b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

glucofreezenow.com/controlScript.css

69.172.200.220

200 OK

0 B

URL HTTP/2
glucofreezenow.com/controlScript.css
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /controlScript.css HTTP/1.1
Host: glucofreezenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba
Cookie: uid=wKhaAmQfdhGQcAA6AwTeAg==; cnid=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:42 GMT
content-type: text/css
last-modified: Wed, 11 Jan 2023 09:49:05 GMT
etag: W/"63be8611-1f3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: 54da57489171d449b4ad22f13fd8cd97
server: DOSarrest
X-Firefox-Spdy: h2

gem.gbc.criteo.com/newidsd

185.235.84.3

200 OK

0 B

URL HTTP/2
gem.gbc.criteo.com/newidsd
IP
185.235.84.3:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:43 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 98983
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

dnacdn.net/dna

178.250.0.157

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=4rMOyF80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQiUyRkxoSnZhZnlCTUxyZVFaTHg5NnlxcWxvbzVMS3FNZFIySktaS2czMjBJ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:43 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=qyHLJF80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQiUyRkxoSnZhZnlCTUxyZVFaTHg5NnlvSzhrUFRCSEZUaVRqWjBGYjZaZVN4; expires=Thu, 18 Apr 2024 22:30:43 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 396953
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tfW0vdjqvabkv62-5n_2wj76isc2EYufhY5GCg&google_error=3

178.250.0.163

200 OK

0 B

URL HTTP/2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tfW0vdjqvabkv62-5n_2wj76isc2EYufhY5GCg&google_error=3
IP
178.250.0.163:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tfW0vdjqvabkv62-5n_2wj76isc2EYufhY5GCg&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:44 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 157193
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

glucofreezenow.com/still-broadcast/assets/css/styles.min.css

69.172.200.220

200 OK

0 B

URL HTTP/2
glucofreezenow.com/still-broadcast/assets/css/styles.min.css
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /still-broadcast/assets/css/styles.min.css HTTP/1.1
Host: glucofreezenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/still-broadcast/index.html?aff_id=7990&subid=mw25ckd_032523_leads&subid5=0e4b01eab09c497fbaf64fc163f697ba
Cookie: uid=wKhaAmQfdhGQcAA6AwTeAg==; cnid=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 22:30:42 GMT
content-type: text/css
last-modified: Sun, 06 Mar 2022 14:43:43 GMT
etag: W/"6224c89f-563"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: b1d3fe317ea5f5ae59d42c80e27df672
server: DOSarrest
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700;800

172.217.21.170

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700;800
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Oswald:wght@400;500;600;700;800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezenow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 25 Mar 2023 22:30:41 GMT
date: Sat, 25 Mar 2023 22:30:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML