click.diet-health-food.com/?t=c&ids=NTE1NzY2MzQ5__MTQ0OTY=__NDkyODA5NTk=__NjMw__830&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGdXpvZA==
301 Moved Permanently 356 B URL HTTP/1.1 click.diet-health-food.com/?t=c&ids=NTE1NzY2MzQ5__MTQ0OTY=__NDkyODA5NTk=__NjMw__830&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGdXpvZA==
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 45d663036311705ce026fab3b0b20bcd
50eb3a3004d8f56e81a54b846f07ff8725ea3f71
c805a9327f1bf48335a48f7328e11f8f938e88b55815a64411325db800f75634
GET /?t=c&ids=NTE1NzY2MzQ5__MTQ0OTY=__NDkyODA5NTk=__NjMw__830&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGdXpvZA== HTTP/1.1
Host: click.diet-health-food.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 17 Jan 2023 11:35:35 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 356
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: upgrade-insecure-requests
Location: https://click.diet-health-food.com/?t=c&ids=NTE1NzY2MzQ5__MTQ0OTY=__NDkyODA5NTk=__NjMw__830&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGdXpvZA==
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4b8b051d555b46b1e9e64faebf91b4ab
bdab7f1f4146f0e7c16665692e4f1edd83c10a24
e069730519f658e767ec8edb57edd8e2b1ccb18d4f0ade0920654eac18f83456
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E069730519F658E767EC8EDB57EDD8E2B1CCB18D4F0ADE0920654EAC18F83456"
Last-Modified: Tue, 17 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14648
Expires: Tue, 17 Jan 2023 15:39:43 GMT
Date: Tue, 17 Jan 2023 11:35:35 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bb0c8d0984a1f09a012961a54cda03c6
1a8ad450a0241554ee4fc7d02fac7b83529e60f6
eee3ca879a67cc25ea89cb83de9521eea1b82845705c3e82169d4787ecb7dd3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE3CA879A67CC25EA89CB83DE9521EEA1B82845705C3E82169D4787ECB7DD3A"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3621
Expires: Tue, 17 Jan 2023 12:35:56 GMT
Date: Tue, 17 Jan 2023 11:35:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 17 Jan 2023 10:49:14 GMT
content-type: application/json
age: 2781
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10853
Expires: Tue, 17 Jan 2023 14:36:28 GMT
Date: Tue, 17 Jan 2023 11:35:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8Ha/3tFQC1o1vMYL28mzyx8D+e+gfFKBJaAdLKu+Tc67J+Hmw92eiv/WvmkfoYwze8+e1AtyddKrPSiBMJeeDw==
x-amz-request-id: Z68NDWZYJJJ1VRN3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 17 Jan 2023 10:44:58 GMT
age: 3037
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 11:35:35 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash eead6aeb09ef225311b46c2e154ed3f5
ef7ebd855d87677de4e2de1605199ec027c0d73b
ce9714153397ce28d78675b57c53256846cccab80ed95faf3f0cc2c86e068d07
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE9714153397CE28D78675B57C53256846CCCAB80ED95FAF3F0CC2C86E068D07"
Last-Modified: Mon, 16 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 17 Jan 2023 17:35:35 GMT
Date: Tue, 17 Jan 2023 11:35:35 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 8720730dce33d0026a1a354ac93d4a7d
ed5f086bc646a4d93d2344b19ff7821c96e44f7c
b2892fda88242fbc4d58dd1f3bb159ca02cbf98b77c57dde66fba98d183c0136
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1865
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:36 GMT
Last-Modified: Tue, 17 Jan 2023 11:04:31 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b3c12a7bd2bbb72f166a440be6e6c4dd
1fc3e0df2736e17b0ea2a6c2f82d79d507a8ce63
134c9e3d1149d4e97d1a620f7c353901c56ec9b24232ceef1539905817c57766
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "134C9E3D1149D4E97D1A620F7C353901C56EC9B24232CEEF1539905817C57766"
Last-Modified: Mon, 16 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=795
Expires: Tue, 17 Jan 2023 11:48:51 GMT
Date: Tue, 17 Jan 2023 11:35:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 17 Jan 2023 11:17:25 GMT
age: 1091
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kIZK/80r1atTrIoC0zHGaA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QRzhOBvj2Lr0UaHgZAg0QmWclTw=
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css
200 OK 18 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css
IP
File type ASCII text, with very long lines (65326)
Hash fdb6e9f0aa2a1f504c5100bfd3f158f7
db187483f667bf064b0009bbfa428be0fe27751b
e81b8a4c9a7f47d61c661b4e9dc0c501541a5dec5e5cf97f1fd1fb03db4aef64
GET /ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:36 GMT
content-type: text/css; charset=utf-8
content-length: 17550
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f2c377f-2722e"
last-modified: Thu, 06 Aug 2020 17:01:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4040453
expires: Sun, 07 Jan 2024 11:35:36 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzRcAjLKAS%2FuHd6hIso7j2Tmw2LDJkgHQ2Eh9TpsQ5GPZf8VzpEIwdC%2FtNwpHfQbrvPrcdZqzQKNyk%2B%2F6XepJRuzFECjlZfT9Ma4xzznqN2H4z1qGfjSIfufRPij4kYqgIetGoql"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78aec9d62d58b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/E-v1.js
200 OK 117 kB URL HTTP/2 fast.wistia.com/assets/external/E-v1.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 117 kB (116712 bytes)
Hash 282001e895db748189013995ebcf6ef2
3b9b9e5ce07b3425512d6c43ad31a8619025749c
c514db3807351371a4b2c248c90da5a0546db8126539b2269b3850385cf6bd9f
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "63c01565-1c7e8"
last-modified: Thu, 12 Jan 2023 14:12:53 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 17 Jan 2023 11:35:36 GMT
age: 1912
x-served-by: cache-iad-kiad7000159-IAD, cache-bma1652-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 147
x-timer: S1673955337.720641,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 116712
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/44xtnk0cns.jsonp
200 OK 1.6 kB URL HTTP/2 fast.wistia.com/embed/medias/44xtnk0cns.jsonp
IP
File type ASCII text, with very long lines (5308)
Hash c0f50b74c1c8377cbc8e2794876fcd22
ae38c8bbc134aaadeeb76922350b1f64153e2858
8a3fb205e8dedd91c9ef25c29025b1afd5ca5381e4c72bafd78a0a03a47ebb0c
GET /embed/medias/44xtnk0cns.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: application/javascript; charset=utf-8
etag: W/"d17119ac8553315d48a80b22018079ca"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 99ad8081a4679eb21ec581ffa6a4ee49
x-runtime: 0.043559
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 17 Jan 2023 11:35:36 GMT
age: 42930
x-served-by: cache-iad-kjyo7100176-IAD, cache-bma1652-BMA
x-cache: HIT, HIT
x-cache-hits: 93, 1
x-timer: S1673955337.719932,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1608
X-Firefox-Spdy: h2
glucofreeze.com/1xm.jpg
200 OK 52 kB IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1235x856, components 3\012- data
Hash abb1f352e36e641d8de412e2db998635
cee730a3943918000f1f056587788c0c71210d5a
87df8954cd5c773139b9414746afc8aaffc6d3869ab9a9a569e9028e5421766c
GET /1xm.jpg HTTP/1.1
Host: glucofreeze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:36 GMT
content-type: image/jpeg
content-length: 51483
last-modified: Thu, 15 Sep 2022 22:38:56 GMT
etag: "6323a980-c91b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 1fb53037297c7cd01a2ec0599e65c3b4
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
glucofreeze.com/6xm.jpg
200 OK 106 kB IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1235x856, components 3\012- data
Size 106 kB (105509 bytes)
Hash fb05bb444763c902c2014aff945ca95a
5134047312232725c7c6dd06a006486689a86c84
a147940e0cd44e5aad2a120f869e6abd149db7333858da628b8a3dd6fed41885
GET /6xm.jpg HTTP/1.1
Host: glucofreeze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:36 GMT
content-type: image/jpeg
content-length: 105509
last-modified: Thu, 15 Sep 2022 22:38:56 GMT
etag: "6323a980-19c25"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 708467f12e65fca5e334a969fd3fa4ab
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
glucofreeze.com/3xm.jpg
200 OK 90 kB IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1235x856, components 3\012- data
Hash 386d80644c75e0fbf7e33de50d16a487
fc6650090ffcd347e7b5a5026346a4f75fe9c038
151fa72a88a3a27fc12dd368665b9043a7f373236d749826b7323b5eb5fd5b3b
GET /3xm.jpg HTTP/1.1
Host: glucofreeze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:36 GMT
content-type: image/jpeg
content-length: 89702
last-modified: Thu, 15 Sep 2022 22:38:56 GMT
etag: "6323a980-15e66"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 95632ec0e98833d04db8606b89dc8ad8
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1b2e51abfd12507b00ebd8b7afda6308
4d3d5fa49e007714dd37da7da25d9d490d05bd0a
85a04d4cf987fcc2d087ab815a8d373e164a2adf2bf478e7a5c1fae3e109ba26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1b2e51abfd12507b00ebd8b7afda6308
4d3d5fa49e007714dd37da7da25d9d490d05bd0a
85a04d4cf987fcc2d087ab815a8d373e164a2adf2bf478e7a5c1fae3e109ba26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1b2e51abfd12507b00ebd8b7afda6308
4d3d5fa49e007714dd37da7da25d9d490d05bd0a
85a04d4cf987fcc2d087ab815a8d373e164a2adf2bf478e7a5c1fae3e109ba26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1b2e51abfd12507b00ebd8b7afda6308
4d3d5fa49e007714dd37da7da25d9d490d05bd0a
85a04d4cf987fcc2d087ab815a8d373e164a2adf2bf478e7a5c1fae3e109ba26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 00:07:51 GMT
expires: Tue, 16 Jan 2024 00:07:51 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 127665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1b2e51abfd12507b00ebd8b7afda6308
4d3d5fa49e007714dd37da7da25d9d490d05bd0a
85a04d4cf987fcc2d087ab815a8d373e164a2adf2bf478e7a5c1fae3e109ba26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Sacramento
200 OK 811 B URL HTTP/2 fonts.googleapis.com/css2?family=Sacramento
IP
Hash 8f884e689f06ac17548c846f1b5f0c32
35a3f94c089a17bf033eb53adfb3219ce2fcb566
2613fe1e554c9c606963220f6303025a253c4fb05ea9cf59323b5cc53de34651
GET /css2?family=Sacramento HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 17 Jan 2023 11:35:36 GMT
date: Tue, 17 Jan 2023 11:35:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
glucofreezetoday.com/special-announcement/assets/js/main.js
200 OK 0 B URL HTTP/2 glucofreezetoday.com/special-announcement/assets/js/main.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /special-announcement/assets/js/main.js HTTP/1.1
Host: glucofreezetoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/special-announcement/index.html?aff_id=28098&subid=mw1giaop0117glucofreeze
Cookie: uid=wKhaAWPGiAggigA8A4RrAg==; cnid=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:37 GMT
content-type: application/javascript
content-length: 0
last-modified: Mon, 31 Jan 2022 17:20:59 GMT
etag: "61f81a7b-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
accept-ranges: bytes
x-dis-request-id: 5b198148223fd4194c17581b739543aa
server: DOSarrest
X-Firefox-Spdy: h2
glucofreeze.com/xkm(1).jpg
200 OK 34 kB URL HTTP/2 glucofreeze.com/xkm(1).jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1100x527, components 3\012- data
Hash 9d5760f9946d6556a7ff2623b177800c
6fca3c35cb7ce23d55d46fa9a0ad3e7a16ba9ea8
98b8581981e293666aae1977953931103c850844e9a564b088c383cf7e060f33
GET /xkm(1).jpg HTTP/1.1
Host: glucofreeze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:37 GMT
content-type: image/jpeg
content-length: 34327
last-modified: Sat, 04 Sep 2021 09:35:29 GMT
etag: "61333de1-8617"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, private
pragma: public
vary: Accept-Encoding
accept-ranges: bytes
set-cookie: uid=wKhaAmPGiAm70gBFBKI3Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=1; path=/
x-dis-request-id: 6824734aac9e82d604f6fb4be0652856
server: DOSarrest
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8b4c80fca9a7bc1b84369cdb60024668
91427b4fd16fa613fb83f053b271f00396b36e90
07bb6c4b267a5f46a15cca9ad9644ca38af67daa1448ad67f583f58e3c8dfcc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://glucofreezetoday.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 07:08:09 GMT
expires: Sat, 13 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 361648
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/wistia-mux.js
200 OK 31 kB URL HTTP/2 fast.wistia.com/assets/external/wistia-mux.js
IP
File type ASCII text, with very long lines (65468)
Hash 8a29917cdab22034ddc991b8874779de
4e78cef388140792f1ee9c1385c3228d5fa2b055
a82bbe30476f6ecfa0dca9c16a08627476893048c39bbacb3a99d1078daaaab6
GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "63c01565-7a8f"
last-modified: Thu, 12 Jan 2023 14:12:53 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 17 Jan 2023 11:35:37 GMT
age: 1913
x-served-by: cache-iad-kcgs7200128-IAD, cache-bma1652-BMA
x-cache: HIT, HIT
x-cache-hits: 12, 88
x-timer: S1673955338.520433,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 31375
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8b4c80fca9a7bc1b84369cdb60024668
91427b4fd16fa613fb83f053b271f00396b36e90
07bb6c4b267a5f46a15cca9ad9644ca38af67daa1448ad67f583f58e3c8dfcc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fast.wistia.com/assets/external/engines/hls_video.js
200 OK 114 kB URL HTTP/2 fast.wistia.com/assets/external/engines/hls_video.js
IP
File type ASCII text, with very long lines (65469)
Size 114 kB (114437 bytes)
Hash a153cc2c4d710553162fc463ca76a635
68630475007202394df418533d898a07a69c609e
47d961b0982c0518de7ef3b80e15f9ded3917c0e2e9b46bbd105c8c0b3062731
GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "63c01565-1bf05"
last-modified: Thu, 12 Jan 2023 14:12:53 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 17 Jan 2023 11:35:37 GMT
age: 1047
x-served-by: cache-iad-kiad7000086-IAD, cache-bma1652-BMA
x-cache: HIT, HIT
x-cache-hits: 14, 45
x-timer: S1673955338.694145,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 114437
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2725
Expires: Tue, 17 Jan 2023 12:21:02 GMT
Date: Tue, 17 Jan 2023 11:35:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2725
Expires: Tue, 17 Jan 2023 12:21:02 GMT
Date: Tue, 17 Jan 2023 11:35:37 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 314 B IP
Hash 40b1b669fe14d598995f8eb510d56e52
420e5433e55a2ca1efb45f09cb191c4b2fc67569
b57a8bcfd40000075e36e617de9ba7106c0213c22b043e6d8a0ae0a22823a82c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6408
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:37 GMT
Last-Modified: Tue, 17 Jan 2023 09:48:49 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad210f0ba6ce6930724549cbba76e83d
e4badc3fbca9913bc11d968dac5cad1f900ff492
ad5f754d5dbe870feabfe090a46838614e96d72e78b9a2a8010ab339c67130be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9529
x-amzn-requestid: 56f2b9a5-91c6-421a-ad84-165376e23dcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tm6Fm-oAMFrDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c2f8-67a0c1fe6aad6e6b71e50463;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mzmFGVDfMuZte5CJUmchEQIVAuDUKdGfUpm7PRTUqnsP44IcDmbl8A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
etag: "e4badc3fbca9913bc11d968dac5cad1f900ff492"
content-type: image/jpeg
age: 49762
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04b94725-ff4a-4bda-82a9-4efa8d9c4276.jpeg
200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04b94725-ff4a-4bda-82a9-4efa8d9c4276.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fefb1f12a78ad92ed309da2c54984a3c
caf58bf6276e226a20a0d0cf6fc3d422f922eb28
baf6596c635254885f32e423cbc5667694754243f01109cbdbeb54c337b16bc2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04b94725-ff4a-4bda-82a9-4efa8d9c4276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14703
x-amzn-requestid: bdc14ffc-297a-4046-9a4f-26d454f6f9be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2trpGZkoAMFhZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c317-58908dd71980be98200e8f6c;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oqw0_4rVitBtqGh0oigqr5VmH0oVghH9SQiW1bRvMGsIX6fb8iRR0Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
etag: "caf58bf6276e226a20a0d0cf6fc3d422f922eb28"
content-type: image/jpeg
age: 49762
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1490db-aa8a-4724-a608-8c0c03f98b35.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1490db-aa8a-4724-a608-8c0c03f98b35.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805a998e9a6fc452c152ab9542b6d0cd
0bd57ea7809abfa4136506f565ac8ba45c936406
b24e0b322cacda63e43582e713cb38d80914f6b82c735307188a2ddd9829338f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1490db-aa8a-4724-a608-8c0c03f98b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10736
x-amzn-requestid: 78c83dbb-f641-4ece-bd8d-ce9d524f100d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tm5FLvoAMFn1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c2f8-73b261b87d3eb7b709161fdf;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hUS-ajMYSYKXI2jsZJApvgUgr0lnbrm02BXZ6rsPS5h0daBcIRtgEw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
age: 49762
etag: "0bd57ea7809abfa4136506f565ac8ba45c936406"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a588566-7d22-4b47-96ce-ee6bb56e4898.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a588566-7d22-4b47-96ce-ee6bb56e4898.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57828b7affae7633b38d0fb6057b894d
db4cd956ba7e1e6b43174c250b7d4f1193277be9
26d83d511af9583a8f0a9ef1bd2ce3deab3ca42fa2c2ae141b61cd123afa9625
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a588566-7d22-4b47-96ce-ee6bb56e4898.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: eac845c9-b10c-4fce-b2ff-01b4111b506e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2OjhHp_IAMFeyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c59149-0058376c385a7bf91e07a395;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 18:02:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FtmoLO8c5S2uN0aj1HxWjVMg31vndNF2iKRJoJXmow1Hbb0NIHm9Cw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 18:16:36 GMT
age: 62341
etag: "db4cd956ba7e1e6b43174c250b7d4f1193277be9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93fda3d0-f25d-4038-bce9-349d25d63a74.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93fda3d0-f25d-4038-bce9-349d25d63a74.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd54f560a77956e0ffb9645ba786c193
0a67ed30b7b9c66a6ccd2a72cd0de27b0fd38509
359fd1bdac8f7106b2d1dc71136ddca2bb70e95fab441af114e24d04fa69afe7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93fda3d0-f25d-4038-bce9-349d25d63a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7847
x-amzn-requestid: 15cc6d5b-0805-4828-9bdc-5067a2d542d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: evbCYETXoAMFVqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c2d875-5ff79c917007ccbd40957aa3;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 16:29:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t-PsjfY-xNvUhLRlVmRuNtL_kJHAYTN479nHFgJUcYKLqkZlbSxwqg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 06:41:41 GMT
age: 17636
etag: "0a67ed30b7b9c66a6ccd2a72cd0de27b0fd38509"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec0e283376914297c3fb2464ed15a31b
acd84e057b6c618fd3b31915983998c00fe21dc4
3d02b82d8f6a00703de7594f5b34baf0010294c1a7023818344ca341e4ac203c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10660
x-amzn-requestid: ac5d6edc-5228-4318-a99f-c08d3265aa87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3HXpH4PoAMF78Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5ec30-044bf7c40e44de637c0c2dba;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 00:30:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6wALvrvX2EOL6xe6U3Vf2Xmcx_Nmh0mHXveaX1mZL1yUzOLdKg8f_A==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 00:45:05 GMT
age: 39032
etag: "acd84e057b6c618fd3b31915983998c00fe21dc4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/44xtnk0cns.m3u8
200 OK 915 B URL HTTP/2 fast.wistia.com/embed/medias/44xtnk0cns.m3u8
IP
Hash 8bac179e6d7693e1c6d5ccbc8ec9a5f0
a722004c91bf9440d65c53c96231ebc59ea36b11
9804e5fcf426b9c0ddd9a4a82530bf69594b45c211c1ef8cabb2b7601fafde7a
GET /embed/medias/44xtnk0cns.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezetoday.com
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-type: application/x-mpegURL
etag: W/"9804e5fcf426b9c0ddd9a4a82530bf69"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: aeb8f29291c3181a68eec00cd5571f82
x-runtime: 0.024531
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 17 Jan 2023 11:35:37 GMT
age: 25
x-served-by: cache-iad-kjyo7100105-IAD, cache-bma1652-BMA
x-cache: HIT, HIT
x-cache-hits: 437, 1
x-timer: S1673955338.881660,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 915
X-Firefox-Spdy: h2
fast.wistia.com/assets/images/blank.gif
200 OK 1.2 kB URL HTTP/2 fast.wistia.com/assets/images/blank.gif
IP
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "63c1d4c6-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 13 Jan 2023 22:01:42 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 17 Jan 2023 11:35:37 GMT
age: 307917
x-served-by: cache-iad-kiad7000052-IAD, cache-bma1652-BMA
x-cache: HIT, HIT
x-cache-hits: 86, 5044
x-timer: S1673955338.888325,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1214
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/30ce033c3cc27af9521f5f64a7d90da910d97e22.m3u8
200 OK 3.2 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/30ce033c3cc27af9521f5f64a7d90da910d97e22.m3u8
IP
Hash 39cbd5a2813ea830ca8add61bd46d1dd
c43bafdb1f7759b72d13bb06fbcebb5a5bb5cc3f
e621d89314ec4d9e805a11dc917ce8a06d2fcd01089986dac5d98940959b566b
GET /deliveries/30ce033c3cc27af9521f5f64a7d90da910d97e22.m3u8 HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezetoday.com
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
expires: Fri, 29 Dec 2023 20:20:09 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 30ce033c3cc27af9521f5f64a7d90da910d97e22-hls-segment 575be076c6a7044102ef1f308349eab3ff93cb5d
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 17 Jan 2023 11:35:37 GMT
age: 1610129
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kiad7000038-IAD, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 1165, 1
x-timer: S1673955338.981167,VS0,VE1
vary: Accept-Encoding
content-length: 3249
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/30ce033c3cc27af9521f5f64a7d90da910d97e22.m3u8/seg-1-v1-a1.ts
200 OK 328 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/30ce033c3cc27af9521f5f64a7d90da910d97e22.m3u8/seg-1-v1-a1.ts
IP
File type MPEG transport stream data\012- data
Size 328 kB (328248 bytes)
Hash 5c074e556997d1ef47c74cdbab88ab26
7dba8ba56b3ff8f6b9b3429e0d3c711fae30d732
9915f45d50bfc93201d0b44b0f796a80bc4631705e000a21f58a1796c9433fa1
GET /deliveries/30ce033c3cc27af9521f5f64a7d90da910d97e22.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezetoday.com
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
expires: Sat, 30 Dec 2023 09:53:32 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 30ce033c3cc27af9521f5f64a7d90da910d97e22-hls-segment 575be076c6a7044102ef1f308349eab3ff93cb5d
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 17 Jan 2023 11:35:38 GMT
age: 1561325
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kiad7000099-IAD, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 1025, 1
x-timer: S1673955338.015273,VS0,VE1
content-length: 328248
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/a2c9724d2837a786894a2826cac86344ce5d571e.m3u8
200 OK 3.3 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/a2c9724d2837a786894a2826cac86344ce5d571e.m3u8
IP
Hash 746e044cecd2a6782d4e81f61ca73329
72ff7c88d2eaf79443d9dd518db201435d9ba55d
405918cc9ff2684a05ab78af3492599ee5fe84d03859d7573c58d86228281c29
GET /deliveries/a2c9724d2837a786894a2826cac86344ce5d571e.m3u8 HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezetoday.com
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
expires: Sat, 30 Dec 2023 20:30:33 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: a2c9724d2837a786894a2826cac86344ce5d571e-hls-segment 575be076c6a7044102ef1f308349eab3ff93cb5d
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 17 Jan 2023 11:35:38 GMT
age: 1523105
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kiad7000159-IAD, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 560, 1
x-timer: S1673955338.157391,VS0,VE1
vary: Accept-Encoding
content-length: 3261
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/a2c9724d2837a786894a2826cac86344ce5d571e.m3u8/seg-1-v1-a1.ts
200 OK 157 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/a2c9724d2837a786894a2826cac86344ce5d571e.m3u8/seg-1-v1-a1.ts
IP
File type MPEG transport stream data\012- data
Size 157 kB (156792 bytes)
Hash 04f4ce5faf28af580c5b433ec8948491
957c2dbf8105bd7fff268c0514caba6b6532772f
2f9a8244021a0e64eb68e3a9d2e58f90bff2966af1ab46f6140397e1f49416a4
GET /deliveries/a2c9724d2837a786894a2826cac86344ce5d571e.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezetoday.com
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
expires: Tue, 16 Jan 2024 17:51:58 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: a2c9724d2837a786894a2826cac86344ce5d571e-hls-segment 575be076c6a7044102ef1f308349eab3ff93cb5d
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 17 Jan 2023 11:35:38 GMT
age: 63820
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kiad7000167-IAD, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 6, 1
x-timer: S1673955338.191191,VS0,VE1
content-length: 156792
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash ca0ca58124ade84d59423fd3a68f3598
f0e6cefb1c59573433e0f943549eaefb02011b27
03c53563d0ebf3131f0b45ca09816e48f54dca540dbba544ceaa1bdc03acc9e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6386
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:38 GMT
Last-Modified: Tue, 17 Jan 2023 09:49:12 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
embed-ssl.wistia.com/deliveries/26fa4d76d2c0dab2f8ad43889661b231b96ae145.webp?image_crop_resized=1280x720
200 OK 49 kB URL HTTP/2 embed-ssl.wistia.com/deliveries/26fa4d76d2c0dab2f8ad43889661b231b96ae145.webp?image_crop_resized=1280x720
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e6db9bc92369f4cca85ad35cfafef705
5b093d521d0a968a3745bc381ecea47913ad12b8
f4e8accbcaca8f05292866cf80d876ef2cf5d3923810eb060ad15f1b9491e88e
GET /deliveries/26fa4d76d2c0dab2f8ad43889661b231b96ae145.webp?image_crop_resized=1280x720 HTTP/1.1
Host: embed-ssl.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: max-age=31536000
content-disposition: inline
edge-cache-tag: 26fa4d76d2c0dab2f8ad43889661b231b96ae145
last-modified: Mon, 27 Dec 2021 16:25:14 UTC
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 17 Jan 2023 11:35:38 GMT
age: 554382
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kjyo7100068-IAD, cache-bma1656-BMA
x-cache: HIT, HIT
x-cache-hits: 77, 1
x-timer: S1673955338.218478,VS0,VE1
content-length: 48562
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=glucofreezetoday.com&origin=onetag
200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=glucofreezetoday.com&origin=onetag
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 8d26d6c91213327bb2944f15e23b2a47
00e32a31c5e78ce4e2f60c6ce747d447abfae6cb
02dd55d8a72b73a6cd66f7c7dd3554cdf89a1e31b576f869015673cdad28154a
GET /syncframe?topUrl=glucofreezetoday.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:37 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=baf1a391-5623-4905-a915-7363a0620bb3; expires=Sun, 11 Feb 2024 11:35:37 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 951707
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4e21061ffff89b916b206dd6ae0760b0
5d3d2c364981f353f267e2ff141b28185b9e890f
174d3b230b34633a37f39bd3c49e080e5da74189c4703e0bedf7c913ba235a24
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 17 Jan 2023 11:35:38 GMT
Last-Modified: Tue, 17 Jan 2023 10:11:48 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: As3zwjuHYyaZmuY919qQqXUcSjo94WskXzv265endiYmGlFfudGr8Q==
Age: 5030
ocsp.digicert.com/
200 OK 314 B IP
Hash 5ef5c34beb8f9b366fc6e889c49d1338
4d0bcf4b36915f317f3573ceab30b75d847b79c7
98f705a793afaae5221e00224208e6f4cd7ae37856a8399febd16a2eb9ebb9c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5838
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:38 GMT
Last-Modified: Tue, 17 Jan 2023 09:58:20 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314
glucofreezetoday.com/controlScript.js
404 Not Found 6.0 kB URL HTTP/2 glucofreezetoday.com/controlScript.js
IP
Hash 85e9f25acd1ae5e68f9760de7f846cfe
06b8e909a2e7eb72af1e5cc288b265e4fcd8ce0a
a1e12f6997e3a50728939ce5d31e72b7cb7f2b752f781297fee1d312335faaab
GET /controlScript.js HTTP/1.1
Host: glucofreezetoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/special-announcement/index.html?aff_id=28098&subid=mw1giaop0117glucofreeze
Cookie: uid=wKhaAWPGiAggigA8A4RrAg==; cnid=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 17 Jan 2023 11:35:37 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: persistedParams=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
persistedParams.sig=qQIP2OdsTFa87s1ohgL1NB6ingI; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
content-encoding: gzip
x-dis-request-id: 58f6064f1801552040d66caf793e9547
server: DOSarrest
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 35 kB URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
Hash 3aca6feb5827a4addf5d93e0481fe912
d88502a2ac19b06d2e46bb1092f00c826c4ba0d5
853d4d06c228c220e5db0c06107bb907d9493a9ac855160d8fec9b1e71f886c1
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:37 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 68411
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 036766876511e8e1647a73a65d0e72df
003dd4333ce9996e462a4cad778b0edfa5e4ca38
0c0f0e1e5766977d9ac39600b2bd683c77e6799ba6f3b1593772d548867a811d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164849
Date: Tue, 17 Jan 2023 11:35:38 GMT
Etag: "63c65f7f-1d7"
Expires: Thu, 19 Jan 2023 09:23:07 GMT
Last-Modified: Tue, 17 Jan 2023 08:42:39 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3OiveuvM17NnBODIHXAYBthIOUrcZT9bpV4_iO9DX8CZfnh2aJVWjg==
Age: 2428
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 036766876511e8e1647a73a65d0e72df
003dd4333ce9996e462a4cad778b0edfa5e4ca38
0c0f0e1e5766977d9ac39600b2bd683c77e6799ba6f3b1593772d548867a811d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164864
Date: Tue, 17 Jan 2023 11:35:38 GMT
Etag: "63c65f7f-1d7"
Expires: Thu, 19 Jan 2023 09:23:22 GMT
Last-Modified: Tue, 17 Jan 2023 08:42:39 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XKTCFEaEZtNNfsFS4cepOH82Yv0OrXupSHgHToZ_92mHGF5GDh8isA==
Age: 2443
distillery.wistia.com/x
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1668
Origin: https://glucofreezetoday.com
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 17 Jan 2023 11:35:38 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=glucofreezetoday.com&sn=FirefoxSyncframe&so=0&topUrl=glucofreezetoday.com&info=M0FQmF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhoQUhzZjdZSGlXdmpNRDUxQmhnNkpBMlpSMEp4eE9KcWt4bDNKS1NBWTI&idsd=-103910117,567194643&cw=1&lsw=1
200 OK 315 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=glucofreezetoday.com&sn=FirefoxSyncframe&so=0&topUrl=glucofreezetoday.com&info=M0FQmF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhoQUhzZjdZSGlXdmpNRDUxQmhnNkpBMlpSMEp4eE9KcWt4bDNKS1NBWTI&idsd=-103910117,567194643&cw=1&lsw=1
IP
Hash 70e7188505b25555d275ab7839a4b76d
89e263a431953e323a249d41c8c7e19e28d5c831
c810f3f5bdbd23b9f6724a5852447954708c9b16e20703291746d673c46aacb4
GET /sid/json?origin=onetag&domain=glucofreezetoday.com&sn=FirefoxSyncframe&so=0&topUrl=glucofreezetoday.com&info=M0FQmF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhoQUhzZjdZSGlXdmpNRDUxQmhnNkpBMlpSMEp4eE9KcWt4bDNKS1NBWTI&idsd=-103910117,567194643&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=glucofreezetoday.com&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:37 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1412095
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
302 Found 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=35426EEE9EDB4D3680158FA9A611DBA4&RedC=c.clarity.ms&MXFR=2E72A8F2A0546E5610EABA6EA45460DE
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=2E72A8F2A0546E5610EABA6EA45460DE; domain=.clarity.ms; expires=Sun, 11-Feb-2024 11:35:39 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Tue, 17 Jan 2023 11:35:39 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=35426EEE9EDB4D3680158FA9A611DBA4&RedC=c.clarity.ms&MXFR=2E72A8F2A0546E5610EABA6EA45460DE
302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=35426EEE9EDB4D3680158FA9A611DBA4&RedC=c.clarity.ms&MXFR=2E72A8F2A0546E5610EABA6EA45460DE
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=35426EEE9EDB4D3680158FA9A611DBA4&RedC=c.clarity.ms&MXFR=2E72A8F2A0546E5610EABA6EA45460DE HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezetoday.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=35426EEE9EDB4D3680158FA9A611DBA4&MUID=1D3C309267C1664D3474220E66966723
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=1D3C309267C1664D3474220E66966723; domain=c.bing.com; expires=Sun, 11-Feb-2024 11:35:39 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F03DAF71531B4503936B3F135B825ADF Ref B: OSL30EDGE0417 Ref C: 2023-01-17T11:35:39Z
date: Tue, 17 Jan 2023 11:35:39 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=35426EEE9EDB4D3680158FA9A611DBA4&MUID=1D3C309267C1664D3474220E66966723
200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=35426EEE9EDB4D3680158FA9A611DBA4&MUID=1D3C309267C1664D3474220E66966723
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=35426EEE9EDB4D3680158FA9A611DBA4&MUID=1D3C309267C1664D3474220E66966723 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezetoday.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 05 Jan 2023 17:40:42 GMT
accept-ranges: bytes
etag: "d59a6ed52c21d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Tue, 17-Jan-2023 11:45:39 GMT; path=/; SameSite=None; Secure;
date: Tue, 17 Jan 2023 11:35:39 GMT
content-length: 42
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b5e62650519dd89cec0c0950b563c96d
95062135838a0d93ea573bd8f08171b856fdabd0
507f88315fee614f0890cbcbc15479d895de46d3ac115acee3861a7346b1b6a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "507F88315FEE614F0890CBCBC15479D895DE46D3AC115ACEE3861A7346B1B6A2"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2680
Expires: Tue, 17 Jan 2023 12:20:19 GMT
Date: Tue, 17 Jan 2023 11:35:39 GMT
Connection: keep-alive
matching.ivitrack.com/sync?realm=criteo&uid=k-SOZDvGIuo4o9mBB4LUn8UIn250pJTtRwbkfcWg
200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-SOZDvGIuo4o9mBB4LUn8UIn250pJTtRwbkfcWg
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-SOZDvGIuo4o9mBB4LUn8UIn250pJTtRwbkfcWg HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Tue, 17 Jan 2023 11:35:38 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 17 Jan 2023 11:35:38 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 847616
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-I94dCGIuo4o9mBB4LUn8UIn250qvQiUnK2Go_A
200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-I94dCGIuo4o9mBB4LUn8UIn250qvQiUnK2Go_A
IP
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-I94dCGIuo4o9mBB4LUn8UIn250qvQiUnK2Go_A HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3169569393580286000V10; Expires=Wed, 17 Jan 2024 11:35:39 GMT; domain=.media.net; Path=/;
data-c-ts=1673955339;Expires=Thu, 16 Feb 2023 11:35:39 GMT;path=/;domain=.media.net;
data-c=k-I94dCGIuo4o9mBB4LUn8UIn250qvQiUnK2Go_A~~3;Expires=Thu, 16 Feb 2023 11:35:39 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Tue, 17 Jan 2023 11:35:39 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 17 Jan 2023 11:35:39 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1071
Origin: https://glucofreezetoday.com
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://glucofreezetoday.com
access-control-allow-credentials: true
date: Tue, 17 Jan 2023 11:35:39 GMT
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-F7wWWmIuo4o9mBB4LUn8UIn250p5_0f2DiZWbg
200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-F7wWWmIuo4o9mBB4LUn8UIn250p5_0f2DiZWbg
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-F7wWWmIuo4o9mBB4LUn8UIn250p5_0f2DiZWbg HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Tue, 17 Jan 2023 11:35:39 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 17 Jan 2023 11:35:39 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 17 Jan 2023 11:35:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: de895974-af71-4052-882a-68ebb6416f50
Set-Cookie: uuid2=1197163800526748948; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 17-Apr-2023 11:35:39 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sectigo.com/
200 OK 471 B IP
Hash e0504df44312ac2e4362e0d13517da52
12c7681b0fb82f0e1556750ad314d0454e524197
88611ff21e1a897eff69af874fdf97593bfba8c8a9957ba738654e1b950fb778
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 11:35:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 01:56:50 GMT
Expires: Sat, 21 Jan 2023 01:56:49 GMT
Etag: "12c7681b0fb82f0e1556750ad314d0454e524197"
Cache-Control: max-age=310269,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78aec9e85fa3b529-OSL
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ef2e8bfc049a83fdf4d1f1a0bffd8352
c4e23959ee7edda4113f41b401ef955465f7dc5e
23aec5edafb2bdb84abca0d0850cddb2cd1fa4d52951ad33681b48e73538604c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154949
Date: Tue, 17 Jan 2023 11:35:39 GMT
Etag: "63c62fa3-1d7"
Expires: Thu, 19 Jan 2023 06:38:08 GMT
Last-Modified: Tue, 17 Jan 2023 05:18:27 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7rJlCA2lr2IytdhT2XL6ANP3KANFoXQmunWz18D7L7SmscCwpbvTDA==
Age: 4781
x.bidswitch.net/sync?dsp_id=46&user_id=k-3zFEdGIuo4o9mBB4LUn8UIn250rRLlcbIv5Seg&expires=30
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-3zFEdGIuo4o9mBB4LUn8UIn250rRLlcbIv5Seg&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-3zFEdGIuo4o9mBB4LUn8UIn250rRLlcbIv5Seg&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 17 Jan 2023 11:35:39 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-3zFEdGIuo4o9mBB4LUn8UIn250rRLlcbIv5Seg&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=c58c6b57-1403-46fc-b97d-5e2740dcd83e; path=/; expires=Wed, 17-Jan-2024 11:35:39 GMT; domain=.bidswitch.net; samesite=none; secure
c=1673955339; path=/; expires=Wed, 17-Jan-2024 11:35:39 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1673955339; path=/; expires=Wed, 17-Jan-2024 11:35:39 GMT; domain=.bidswitch.net; samesite=none; secure
c=1673955339; path=/; expires=Wed, 17-Jan-2024 11:35:39 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 3ad18e24e1bf396ec7dc2fb2e289b441
3ebc2a4161e175947a334853b87bf77182b0d490
2026fa5cbc68d43b09b84bd75380b8356b46cd0549ccafab654615dcbbc5f467
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5421
Cache-Control: max-age=107361
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:39 GMT
Etag: "63c5733f-139"
Expires: Wed, 18 Jan 2023 17:25:00 GMT
Last-Modified: Mon, 16 Jan 2023 15:54:39 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-3zFEdGIuo4o9mBB4LUn8UIn250rRLlcbIv5Seg&expires=30
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-3zFEdGIuo4o9mBB4LUn8UIn250rRLlcbIv5Seg&expires=30
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-3zFEdGIuo4o9mBB4LUn8UIn250rRLlcbIv5Seg&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:39 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0cd18c4a19cce4db4c1ee660e9a0a967
a60b429532788a57a53e8674de365ddd84fcf3e4
878401e98ec0ea4de88dad035d00618a4d3f382329f326711f3916b4325aab88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 47a37b80adea922a980a570763495dee
7c5eba0e339bb41ae30ac921aee9a59b2c6c6e4d
7050ba8978a856e82c9a0ff337d8e8b377b2a5d91201afb249317f9b489d8e70
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6410
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:39 GMT
Last-Modified: Tue, 17 Jan 2023 09:48:49 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-7pqzAmIuo4o9mBB4LUn8UIn250rd8XSHItgQWw
200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-7pqzAmIuo4o9mBB4LUn8UIn250rd8XSHItgQWw
IP
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-7pqzAmIuo4o9mBB4LUn8UIn250rd8XSHItgQWw HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Tue, 17 Jan 2023 11:35:39 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=7439626927590193070; expires=Sat, 17 Feb 2024 11:35:39 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 17 Feb 2024 11:35:39 GMT; domain=smartadserver.com; path=/
csync=79:k-7pqzAmIuo4o9mBB4LUn8UIn250rd8XSHItgQWw; expires=Wed, 17 Jan 2024 11:35:39 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-q_-wAWIuo4o9mBB4LUn8UIn250qnI9WzlA6xUA&expires=30
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-q_-wAWIuo4o9mBB4LUn8UIn250qnI9WzlA6xUA&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-q_-wAWIuo4o9mBB4LUn8UIn250qnI9WzlA6xUA&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 693f17ec94b6fd0c82d03268b1ba23d6
Content-Type: image/gif
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-SHCG52Iuo4o9mBB4LUn8UIn250qh8gNCpqR3vw&google_cm&google_hm=ay1TSENHNTJJdW80bzltQkI0TFVuOFVJbjI1MHFoOGdOQ3BxUjN2dw
302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-SHCG52Iuo4o9mBB4LUn8UIn250qh8gNCpqR3vw&google_cm&google_hm=ay1TSENHNTJJdW80bzltQkI0TFVuOFVJbjI1MHFoOGdOQ3BxUjN2dw
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4cc50fcd50f1df99e4fd28008bb6c6ec
45c10fa481e454a371a40fcc8d39ea2b5a336f9f
d967a793040a469b1c4cfbb10f3da172a2fbd7c25a6d61453afa9b184f504462
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-SHCG52Iuo4o9mBB4LUn8UIn250qh8gNCpqR3vw&google_cm&google_hm=ay1TSENHNTJJdW80bzltQkI0TFVuOFVJbjI1MHFoOGdOQ3BxUjN2dw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-SHCG52Iuo4o9mBB4LUn8UIn250qh8gNCpqR3vw&google_cm=&google_hm=ay1TSENHNTJJdW80bzltQkI0TFVuOFVJbjI1MHFoOGdOQ3BxUjN2dw&google_tc=
date: Tue, 17 Jan 2023 11:35:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 17-Jan-2023 11:50:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b5e62650519dd89cec0c0950b563c96d
95062135838a0d93ea573bd8f08171b856fdabd0
507f88315fee614f0890cbcbc15479d895de46d3ac115acee3861a7346b1b6a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "507F88315FEE614F0890CBCBC15479D895DE46D3AC115ACEE3861A7346B1B6A2"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2680
Expires: Tue, 17 Jan 2023 12:20:19 GMT
Date: Tue, 17 Jan 2023 11:35:39 GMT
Connection: keep-alive
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Tue, 17 Jan 2023 11:35:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 142bad0f-9e74-4505-8872-01b2fc7bef36
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
200 OK 471 B IP
Hash a169af7d3b115f6abe52211e1091bf43
6b37f901041be03bdc08fcb3f1e13fa557881c6e
3789d8005032a1223176c700729e3e0c1b812d2eb3e8da32b5f64270ddaee8df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2618
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:39 GMT
Last-Modified: Tue, 17 Jan 2023 10:52:01 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-SHCG52Iuo4o9mBB4LUn8UIn250qh8gNCpqR3vw&google_cm=&google_hm=ay1TSENHNTJJdW80bzltQkI0TFVuOFVJbjI1MHFoOGdOQ3BxUjN2dw&google_tc=
302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-SHCG52Iuo4o9mBB4LUn8UIn250qh8gNCpqR3vw&google_cm=&google_hm=ay1TSENHNTJJdW80bzltQkI0TFVuOFVJbjI1MHFoOGdOQ3BxUjN2dw&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 864669037e2f178b7c64d83043d77aba
7478ccf1182597f74f20da44bffe2292c87da620
a5b8d8c7a6b79965dd99fbae386948054ff7ceeff8f61f5233eb4345f927d9da
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-SHCG52Iuo4o9mBB4LUn8UIn250qh8gNCpqR3vw&google_cm=&google_hm=ay1TSENHNTJJdW80bzltQkI0TFVuOFVJbjI1MHFoOGdOQ3BxUjN2dw&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-SHCG52Iuo4o9mBB4LUn8UIn250qh8gNCpqR3vw&google_error=3
date: Tue, 17 Jan 2023 11:35:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 3a7cd8b9b78a839994a57ebea7bd4986
121eec1ba4d30a54a5013de86901cc8654a238c4
25abf597a69f9bef2c3cf42535657e9356191c663edf6c229642195651fbeb71
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93130
Date: Tue, 17 Jan 2023 11:35:39 GMT
Etag: "63c54a9f-1d7"
Expires: Wed, 18 Jan 2023 13:27:49 GMT
Last-Modified: Mon, 16 Jan 2023 13:01:19 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: klU26vLPgKBEnAgkETze8VromQNejSB9LqQJdkiskK4ZApokHI5bGA==
Age: 1590
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7382d29bce95b7990e9131a2c2aa04d4
7482bb9c9df8409793de4178474216eebd9aab84
2dc76f3e07849b0c9761371b4e0b0c1d8c10534ec8d91025e60372cb6ea4a738
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 17 Jan 2023 11:35:39 GMT
Last-Modified: Tue, 17 Jan 2023 10:13:41 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hoU865uGQKXvgDLa37E3c1W6gxhkmRxtx521fphJb2vw4uufanEEbg==
Age: 4919
ocsp.digicert.com/
200 OK 471 B IP
Hash ee0dac4fce282759d9046cd66522a158
60b1c47215924cacbb10cece0e0af86973e8d32a
e1f53de112e4ab59486805a6df629042ea2c6b2de19da8b318fe21fa9837b97b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5167
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:39 GMT
Last-Modified: Tue, 17 Jan 2023 10:09:32 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
eb2.3lift.com/xuid?mid=2711&xuid=k-QEtqwGIuo4o9mBB4LUn8UIn250r2IzEjR3kBiA&dongle=013b
200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-QEtqwGIuo4o9mBB4LUn8UIn250r2IzEjR3kBiA&dongle=013b
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-QEtqwGIuo4o9mBB4LUn8UIn250r2IzEjR3kBiA&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:39 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 36f24c32d7a112d15d3e1f756ac46b34
f01d05d1313d7a08b11607b79350f734e0ef1e22
cd1ebd7b9fc185f5110a0c2d64d5f94f04abd5dddbf7215e4bc41453068a47c0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 17 Jan 2023 11:35:39 GMT
Last-Modified: Tue, 17 Jan 2023 11:05:04 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: y9wP23KOTycdWRCuRCL7F91vPY60dhMPC6gYzUE7qXr5RNKndLlVHw==
Age: 1835
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k--3FC4WIuo4o9mBB4LUn8UIn250qS4Nn6Axy1jg
302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k--3FC4WIuo4o9mBB4LUn8UIn250qS4Nn6Axy1jg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k--3FC4WIuo4o9mBB4LUn8UIn250qS4Nn6Axy1jg HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 17 Jan 2023 11:35:39 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k--3FC4WIuo4o9mBB4LUn8UIn250qS4Nn6Axy1jg&C=1
cf-ray: 78aec9e9cf39b505-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y8aIC7Wx6HRVpiXiGi93CQAA; Path=/; Domain=casalemedia.com; Expires=Wed, 17 Jan 2024 11:35:39 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1831; Path=/; Domain=casalemedia.com; Expires=Mon, 17 Apr 2023 11:35:39 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1831; Path=/; Domain=casalemedia.com; Expires=Mon, 17 Apr 2023 11:35:39 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Xweu0jjfHhpKyhnlkyVns3CxzU%2BFUOhBSKpL1b%2F0hRgiqMlVl8AiTmXFOyNsY1aStT0DZE1O9H%2B%2B6E4F3APB6IywtJn9zWjXj8Q3LZT%2Fnq3dqAmT%2FOAOdrqvcdLzJCuz30R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-C0K0vWIuo4o9mBB4LUn8UIn250rG9OdO3a1Oeg
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-C0K0vWIuo4o9mBB4LUn8UIn250rG9OdO3a1Oeg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-C0K0vWIuo4o9mBB4LUn8UIn250rG9OdO3a1Oeg HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 17 Jan 2023 11:35:39 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-C0K0vWIuo4o9mBB4LUn8UIn250rG9OdO3a1Oeg&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBAuIxmMCELS6EDekoujkbRFAQngmlCIFEgEBAQHZx2PQYwAAAAAA_eMAAA&S=AQAAAvq-nqHyBsUvkhl0n_7pNes; Expires=Wed, 17 Jan 2024 17:35:39 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ajZWhGIuo4o9mBB4LUn8UIn250oM88oOII7DLA
302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-ajZWhGIuo4o9mBB4LUn8UIn250oM88oOII7DLA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-ajZWhGIuo4o9mBB4LUn8UIn250oM88oOII7DLA HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 17 Jan 2023 11:35:39 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ajZWhGIuo4o9mBB4LUn8UIn250oM88oOII7DLA
set-cookie: tuuid=e4ab8d79-ae68-4d1e-9611-59aeb380c04b; Expires=Mon, 17 Apr 2023 11:35:39 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1673955339; Expires=Mon, 17 Apr 2023 11:35:39 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
cm.adform.net/pixel?adform_pid=15&adform_pc=k-2U-ekGIuo4o9mBB4LUn8UIn250rTFDWKOh7B4g
200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-2U-ekGIuo4o9mBB4LUn8UIn250rTFDWKOh7B4g
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-2U-ekGIuo4o9mBB4LUn8UIn250rTFDWKOh7B4g HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 11:35:39 GMT
content-type: image/gif
content-length: 43
last-modified: Fri, 07 Feb 2020 08:03:24 GMT
etag: "5e3d19cc-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 120190
Origin: https://glucofreezetoday.com
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://glucofreezetoday.com
access-control-allow-credentials: true
date: Tue, 17 Jan 2023 11:35:39 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-ffVJAGIuo4o9mBB4LUn8UIn250rhi5OmdggLuQ
204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-ffVJAGIuo4o9mBB4LUn8UIn250rhi5OmdggLuQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-ffVJAGIuo4o9mBB4LUn8UIn250rhi5OmdggLuQ HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 17 Jan 2023 11:35:39 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7a9838814165327a2f404c6e15fe84d2
e1d3859acd1fb534636f0be8431ddf3e12f3a6ae
4d38a33ee6da9d509735727e9e38e93ba9b119c44a3a57275be8cff9b3e8f256
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D38A33EE6DA9D509735727E9E38E93BA9B119C44A3A57275BE8CFF9B3E8F256"
Last-Modified: Mon, 16 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19133
Expires: Tue, 17 Jan 2023 16:54:32 GMT
Date: Tue, 17 Jan 2023 11:35:39 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash b4b0dc3a46fdaf1022d211ae7cc4c8e4
a145bacf63d72b1da861a2de96798f8dada0b142
a022d523feee656a0029ecce843ad71280811f471bca09b699adb3b9f30c43d3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 11:35:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 15:11:57 GMT
Expires: Sat, 21 Jan 2023 15:11:56 GMT
Etag: "a145bacf63d72b1da861a2de96798f8dada0b142"
Cache-Control: max-age=357976,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78aec9e9faa9b529-OSL
ad.yieldlab.net/m?dt_id=8664&ext_id=k-Q3KilGIuo4o9mBB4LUn8UIn250o7O2WkpTe0ug
204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-Q3KilGIuo4o9mBB4LUn8UIn250o7O2WkpTe0ug
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-Q3KilGIuo4o9mBB4LUn8UIn250o7O2WkpTe0ug HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Mon, 16 Jan 2023 11:35:39 GMT
Date: Tue, 17 Jan 2023 11:35:39 GMT
Connection: keep-alive
Set-Cookie: id=5847bf20-6389-4caa-abd4-09c9dde69d70; Path=/; Domain=prod.svc.y6b.de; Expires=Wed, 17-Jan-2024 11:35:39 GMT; Max-Age=31536000; Secure; SameSite=None
status.thawte.com/
200 OK 471 B IP
Hash 2a533714c2898d639866c3d29b0ddf07
296f45fec6d8560a2268562d497f2aae4b839762
3685b264235fbb187ec12a1fe6634c3daba86dd0e5a2d6b12d61c76eac56cf61
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3035
Cache-Control: max-age=124085
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:39 GMT
Etag: "63c5bde5-1d7"
Expires: Wed, 18 Jan 2023 22:03:44 GMT
Last-Modified: Mon, 16 Jan 2023 21:13:09 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 293f45d73b83d93c7fa3c36e1202ba1b
d98618928612ebb9bc26240637c3593c91481f66
483fb179fa74faee694975da4f4251711403c6f9b53fac3672f13798023222c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5831
Cache-Control: max-age=171485
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:39 GMT
Etag: "63c66c21-1d7"
Expires: Thu, 19 Jan 2023 11:13:44 GMT
Last-Modified: Tue, 17 Jan 2023 09:36:33 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ajZWhGIuo4o9mBB4LUn8UIn250oM88oOII7DLA
200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-ajZWhGIuo4o9mBB4LUn8UIn250oM88oOII7DLA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-ajZWhGIuo4o9mBB4LUn8UIn250oM88oOII7DLA HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:39 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-C0K0vWIuo4o9mBB4LUn8UIn250rG9OdO3a1Oeg&verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-C0K0vWIuo4o9mBB4LUn8UIn250rG9OdO3a1Oeg&verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-C0K0vWIuo4o9mBB4LUn8UIn250rG9OdO3a1Oeg&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 17 Jan 2023 11:35:39 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBAuIxmMCEIYLWVmeHX5k3kFXKaHM1rQFEgEBAQHZx2PQYwAAAAAA_eMAAA&S=AQAAAn-XmijFfgWB5O5HAdWO3WU; Expires=Wed, 17 Jan 2024 17:35:39 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k--3FC4WIuo4o9mBB4LUn8UIn250qS4Nn6Axy1jg&C=1
200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k--3FC4WIuo4o9mBB4LUn8UIn250qS4Nn6Axy1jg&C=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k--3FC4WIuo4o9mBB4LUn8UIn250qS4Nn6Axy1jg&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:39 GMT
content-type: image/gif
content-length: 43
cf-ray: 78aec9ea2f9eb505-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtS3ocrApfhsQmBUZtalzaqBbei5dq%2B5tPNlPdnqaNLRAyklJRkDxP7x7xlot7ohA%2BDgfcO0c8vcqOKCn8XJ9g70Om%2FK%2FcG3SsN7x3zLvWwwkjW1vLMGxOfNCnzLf7U7%2BwOd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
id5-sync.com/s/966/9.gif?puid=k-5P8y12Iuo4o9mBB4LUn8UIn250qhhQGencF7xg
200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-5P8y12Iuo4o9mBB4LUn8UIn250qhhQGencF7xg
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-5P8y12Iuo4o9mBB4LUn8UIn250qhhQGencF7xg HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Tue, 17-Jan-2023 11:40:39 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Tue, 17-Jan-2023 11:40:39 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Tue, 17-Jan-2023 11:40:39 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Tue, 17-Jan-2023 11:40:39 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Tue, 17-Jan-2023 11:40:39 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Tue, 17-Jan-2023 11:40:39 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Tue, 17 Jan 2023 11:35:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash b462f951f0b40d54724d2c4a3ea6b0ff
6fdf6957c90462ec5686565f481936602119ae13
a223d47ea17c171ebe6a0b79465f25f08313ef7b568d1f8a4cc87f7782353062
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 17 Jan 2023 11:35:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 16 Jan 2023 20:57:40 GMT
Expires: Tue, 17 Jan 2023 20:57:40 GMT
ETag: "6fdf6957c90462ec5686565f481936602119ae13"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
200 OK 471 B IP
Hash 15fd928efbf872e2e0942e5ce5594897
0f3c5d42eed0e3e8b15772665520cfa1fa56f583
04c7c43e5c12e8751684223d1864dc81fba0177a8ab40f331a8429a71e85379e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1287
Cache-Control: max-age=154361
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:39 GMT
Etag: "63c63afe-1d7"
Expires: Thu, 19 Jan 2023 06:28:20 GMT
Last-Modified: Tue, 17 Jan 2023 06:06:54 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-jCxvIGIuo4o9mBB4LUn8UIn250oA52S81Bc2mA
200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-jCxvIGIuo4o9mBB4LUn8UIn250oA52S81Bc2mA
IP
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-jCxvIGIuo4o9mBB4LUn8UIn250oA52S81Bc2mA HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=a8d39c739464ad73d990c56e33c6848c; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Tue, 17 Jan 2023 11:35:39 GMT
content-length: 49
x-envoy-upstream-service-time: 5
server: ayl-lb-fra02
X-Firefox-Spdy: h2
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-031p5GIuo4o9mBB4LUn8UIn250oKrz4cG54E-w
200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-031p5GIuo4o9mBB4LUn8UIn250oKrz4cG54E-w
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-031p5GIuo4o9mBB4LUn8UIn250oKrz4cG54E-w HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 11:35:39 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-031p5GIuo4o9mBB4LUn8UIn250oKrz4cG54E-w&KRTB&23144-uid:k-031p5GIuo4o9mBB4LUn8UIn250oKrz4cG54E-w&KRTB&23286-uid:k-031p5GIuo4o9mBB4LUn8UIn250oKrz4cG54E-w&KRTB&23287-uid:k-031p5GIuo4o9mBB4LUn8UIn250oKrz4cG54E-w; domain=pubmatic.com; secure; expires=Thu, 16-Feb-2023 11:35:39 GMT; path=/
PugT=1673955339; domain=pubmatic.com; secure; expires=Thu, 16-Feb-2023 11:35:39 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
e1.emxdgt.com/put?d=d53&uid=k-jrxpG2Iuo4o9mBB4LUn8UIn250qaAUgma1SjhGLmvDoKrVxg
204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-jrxpG2Iuo4o9mBB4LUn8UIn250qaAUgma1SjhGLmvDoKrVxg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-jrxpG2Iuo4o9mBB4LUn8UIn250qaAUgma1SjhGLmvDoKrVxg HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Tue, 17 Jan 2023 11:35:39 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0cd18c4a19cce4db4c1ee660e9a0a967
a60b429532788a57a53e8674de365ddd84fcf3e4
878401e98ec0ea4de88dad035d00618a4d3f382329f326711f3916b4325aab88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dpm.demdex.net/ibs:dpid=28645&dpuuid=
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-085e2ce89.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=07723533776866030362001315986780188457; Max-Age=15552000; Expires=Sun, 16 Jul 2023 11:35:39 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: BvYXhmmZQHw=
Content-Length: 0
Connection: keep-alive
sync.outbrain.com/cookie-sync?p=criteo&uid=k-OJaOIGIuo4o9mBB4LUn8UIn250q2VtKYkB4p0Q
200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-OJaOIGIuo4o9mBB4LUn8UIn250q2VtKYkB4p0Q
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-OJaOIGIuo4o9mBB4LUn8UIn250q2VtKYkB4p0Q HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 11:35:39 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: cc9add82425a6e4d705da147dbc24d25
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 6b9fece2a7c65d93cd48f35d116d9151
6748e8a19c21eecbb968b9862446ca8127d22955
c9f22fdb6271fad5792a5066f8f9fa65d08dcf4fd6170abfcfd13cefae1de972
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 17 Jan 2023 11:35:39 GMT
Last-Modified: Tue, 17 Jan 2023 10:22:25 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yty-O3lIq8jdnH53EANT6oKEEWjTwg4OVFxtNGJUBO6FCNpJuHVWEg==
Age: 4394
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0b398da67.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: hCeD1SP/TeA=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 63373c229657bb7dd33a513cf3364ee9
eb08978dd87eda9e967ccda9bcf47ed650db5531
3436685c602c0169928943885fb88efa90ec548095fa46a8446c3170f1ec8065
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 17 Jan 2023 11:35:39 GMT
Last-Modified: Tue, 17 Jan 2023 11:08:41 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: o8c69Lh1HSvFtbOBaDLXOXeOmKM37u2VHI5mDf2TrZNXiPSwGEx4ng==
Age: 1618
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 17 Jan 2023 11:35:39 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 837748
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync-criteo.ads.yieldmo.com/sync?id=k-dPurdGIuo4o9mBB4LUn8UIn250rro-o1DN7XDA&pn_id=criteo&ext=1
200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-dPurdGIuo4o9mBB4LUn8UIn250rro-o1DN7XDA&pn_id=criteo&ext=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-dPurdGIuo4o9mBB4LUn8UIn250rro-o1DN7XDA&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:40 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g1f6eaaf57235f9bbc4c%7C1673955340028%7C0%7C; Domain=.yieldmo.com; Expires=Wed, 17-Jan-2024 11:35:40 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-dPurdGIuo4o9mBB4LUn8UIn250rro-o1DN7XDA; Domain=ads.yieldmo.com; Expires=Wed, 17-Jan-2024 11:35:40 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 702a6480e53d0eba0c957656bb12d574
683ea4a3e74265c35e53178e8b539302366d1217
0569223eb62f286e8db0b431cd46755fbafe54c806bfeac10c37c6c7bf3af16b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5995
Cache-Control: max-age=93917
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:35:40 GMT
Etag: "63c53c7e-1d7"
Expires: Wed, 18 Jan 2023 13:40:57 GMT
Last-Modified: Mon, 16 Jan 2023 12:01:02 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 17 Jan 2023 11:35:40 GMT
set-cookie: _kuid_=PUu-3WQ-; Expires=Sun, 16-Jul-23 11:35:40 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n001-dub-prod.krxd.net
x-request-time: D=29 t=1673955340
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 17 Jan 2023 11:35:39 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 521819
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 4d98857e7bf47b50a6e202086c7ca5f1
2e4df709095450ebde586e44c547fe15203702ba
fb9f246be549f2fa3246312a45d7ee28f3de8ae5cabd3e29184e368a92a53fa7
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "FB9F246BE549F2FA3246312A45D7EE28F3DE8AE5CABD3E29184E368A92A53FA7"
Last-Modified: Tue, 17 Jan 2023 08:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3332
Expires: Tue, 17 Jan 2023 12:31:12 GMT
Date: Tue, 17 Jan 2023 11:35:40 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:40 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: 1206a890-965b-11ed-a589-0000ac170193
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2276
Origin: https://glucofreezetoday.com
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://glucofreezetoday.com
access-control-allow-credentials: true
date: Tue, 17 Jan 2023 11:35:40 GMT
X-Firefox-Spdy: h2
click.diet-health-food.com/?t=c&ids=NTE1NzY2MzQ5__MTQ0OTY=__NDkyODA5NTk=__NjMw__830&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGdXpvZA==
200 OK 0 B URL HTTP/2 click.diet-health-food.com/?t=c&ids=NTE1NzY2MzQ5__MTQ0OTY=__NDkyODA5NTk=__NjMw__830&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGdXpvZA==
IP
GET /?t=c&ids=NTE1NzY2MzQ5__MTQ0OTY=__NDkyODA5NTk=__NjMw__830&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGdXpvZA== HTTP/1.1
Host: click.diet-health-food.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 11:35:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
glucofreezetoday.com/special-announcement/index.html?aff_id=28098&subid=mw1giaop0117glucofreeze
200 OK 0 B URL HTTP/2 glucofreezetoday.com/special-announcement/index.html?aff_id=28098&subid=mw1giaop0117glucofreeze
IP
GET /special-announcement/index.html?aff_id=28098&subid=mw1giaop0117glucofreeze HTTP/1.1
Host: glucofreezetoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emdlvr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:36 GMT
content-type: text/html
last-modified: Wed, 11 Jan 2023 09:45:05 GMT
etag: W/"63be8521-1c948"
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
set-cookie: uid=wKhaAWPGiAggigA8A4RrAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=0; path=/
cache-control: public, private
x-dis-request-id: 287a695457d0f8e79607a5c98d73f0c7
server: DOSarrest
X-Firefox-Spdy: h2
glucofreezetoday.com/special-announcement/assets/css/styles.min.css
200 OK 0 B URL HTTP/2 glucofreezetoday.com/special-announcement/assets/css/styles.min.css
IP
GET /special-announcement/assets/css/styles.min.css HTTP/1.1
Host: glucofreezetoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/special-announcement/index.html?aff_id=28098&subid=mw1giaop0117glucofreeze
Cookie: uid=wKhaAWPGiAggigA8A4RrAg==; cnid=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:37 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 17:20:59 GMT
etag: W/"61f81a7b-563"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: 906e87c52a2697f5c539dbbd1f1f0193
server: DOSarrest
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700;800
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700;800
IP
GET /css2?family=Oswald:wght@400;500;600;700;800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 17 Jan 2023 11:35:36 GMT
date: Tue, 17 Jan 2023 11:35:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
glucofreezetoday.com/controlScript.css
200 OK 0 B URL HTTP/2 glucofreezetoday.com/controlScript.css
IP
GET /controlScript.css HTTP/1.1
Host: glucofreezetoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/special-announcement/index.html?aff_id=28098&subid=mw1giaop0117glucofreeze
Cookie: uid=wKhaAWPGiAggigA8A4RrAg==; cnid=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:37 GMT
content-type: text/css
last-modified: Wed, 11 Jan 2023 09:44:14 GMT
etag: W/"63be84ee-1f3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: 16cead6ad4508bde3ecf915ca5e59e00
server: DOSarrest
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-44M8mWIuo4o9mBB4LUn8UIn250ol8TDzxzP_zQ
200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-44M8mWIuo4o9mBB4LUn8UIn250ol8TDzxzP_zQ
IP
GET /sync?UICR=k-44M8mWIuo4o9mBB4LUn8UIn250ol8TDzxzP_zQ HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:40 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=0yEIPl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhoQUhzZjdZSGlXdmpNRDUxQmhnNkpmdHdnM1F4MWthSlR0VThuWHRmbVI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:37 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=M0FQmF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhoQUhzZjdZSGlXdmpNRDUxQmhnNkpBMlpSMEp4eE9KcWt4bDNKS1NBWTI; expires=Sun, 11 Feb 2024 11:35:38 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 393134
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900
IP
GET /css2?family=Montserrat:wght@400;500;600;700;900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 17 Jan 2023 11:35:36 GMT
date: Tue, 17 Jan 2023 11:35:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.clarity.ms/tag/7u0gjnakkh
200 OK 0 B URL HTTP/2 www.clarity.ms/tag/7u0gjnakkh
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/7u0gjnakkh HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=0e2f42719ab143e98fb0439041154be7.20230117.20240117; expires=Wed, 17 Jan 2024 11:35:37 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
x-cache: CONFIG_NOCACHE
x-azure-ref: 0CYjGYwAAAACEJ+j/6rxMQLG2M4auXOvyQ1BIMzBFREdFMDQwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 17 Jan 2023 11:35:37 GMT
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-SHCG52Iuo4o9mBB4LUn8UIn250qh8gNCpqR3vw&google_error=3
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-SHCG52Iuo4o9mBB4LUn8UIn250qh8gNCpqR3vw&google_error=3
IP
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-SHCG52Iuo4o9mBB4LUn8UIn250qh8gNCpqR3vw&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:39 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 283696
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:39 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 654821
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
emdlvr.com/uzod
200 OK 0 B IP
Analyzer Verdict Alert fortinet Phishing
GET /uzod HTTP/1.1
Host: emdlvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:35 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Executive 3.2.6 http://prettylink.com
set-cookie: prli_click_121=uzod; expires=Thu, 16-Feb-2023 11:35:35 GMT; Max-Age=2592000; path=/
prli_visitor=63c68807cfa33; expires=Wed, 17-Jan-2024 11:35:35 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtI0RBgXKdaK6HxtxRbBag4eirxt%2BuOYh4lyVxLtIvPKQu5ZXeO3xjPkzabc9DFWcvQhCVzMwvb0FuMJUT7WqxsrforKFmBPDTt%2BLI9LXdl%2BDk5S8FL%2BSIw9p0Si"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78aec9d0b9790b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
glucofreeze.com/favicon.ico
200 OK 0 B URL HTTP/2 glucofreeze.com/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: glucofreeze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:38 GMT
content-type: image/x-icon
last-modified: Wed, 26 May 2021 20:42:04 GMT
etag: W/"60aeb29c-1b76"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, private
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
set-cookie: uid=wKhaA2PGiAqirgAxBKHTAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=2; path=/
x-dis-request-id: 5d2732860b4319d4240d65ced8fc9756
server: DOSarrest
X-Firefox-Spdy: h2
settings.luckyorange.net/?u=https%3A%2F%2Fglucofreezetoday.com%2Fspecial-announcement%2Findex.html%3Faff_id%3D28098%26subid%3Dmw1giaop0117glucofreeze&s=322491
200 OK 0 B URL HTTP/2 settings.luckyorange.net/?u=https%3A%2F%2Fglucofreezetoday.com%2Fspecial-announcement%2Findex.html%3Faff_id%3D28098%26subid%3Dmw1giaop0117glucofreeze&s=322491
IP
GET /?u=https%3A%2F%2Fglucofreezetoday.com%2Fspecial-announcement%2Findex.html%3Faff_id%3D28098%26subid%3Dmw1giaop0117glucofreeze&s=322491 HTTP/1.1
Host: settings.luckyorange.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezetoday.com/
Origin: https://glucofreezetoday.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:38 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://glucofreezetoday.com
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItlX8b%2FCPFMSH5L73X5DNpDwAlp1kXR95MGIz0QdfO1cLRdpaqaCBGPoGhZMgJv%2F5Hha6oVkNboZTfpYwRjhnEBevP7l8hYDMja%2FihALuAGS%2BtHuE2xKrlWpC1EzWwHlKxLYs2aEUmynsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78aec9dd7f27b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
d10lpsik1i8c69.cloudfront.net/w.js
200 OK 0 B URL HTTP/2 d10lpsik1i8c69.cloudfront.net/w.js
IP
GET /w.js HTTP/1.1
Host: d10lpsik1i8c69.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 17 Jan 2023 10:41:05 GMT
cache-control: max-age=3600
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: o7FkfpXGTXaWAbyBBiHMVJCaNBirtn6Z8Abxeh8W1Sghby-tJQA_2Q==
age: 3273
X-Firefox-Spdy: h2
display.buygoods.com/v1/disclaimer?id=disclaimer-bg&account_id=6808&background=white
200 OK 0 B URL HTTP/2 display.buygoods.com/v1/disclaimer?id=disclaimer-bg&account_id=6808&background=white
IP
GET /v1/disclaimer?id=disclaimer-bg&account_id=6808&background=white HTTP/1.1
Host: display.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:37 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78aec9d6ba241bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dynamic.criteo.com/js/ld/ld.js?a=89824
200 OK 0 B URL HTTP/2 dynamic.criteo.com/js/ld/ld.js?a=89824
IP
GET /js/ld/ld.js?a=89824 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:37 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:37 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 100723
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
sslwidget.criteo.com/event?a=89824&v=5.12.3&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523%26ref%3Dhttps%253A%252F%252Femdlvr.com&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=uSiCzV91UUVUREhZbWE2RzA3WFk5c0p1TTJXbDh5WEQxSzVsUlBuWmpYZGk4anNoQjhVTzdIajI3SWtxa0RBJTJCcnNnTm93bGhwYUtlNFk2ZDZna2FxajdEbFh3TjBrVnZZMzQwcDBoa3VZb041M3RBeldTY0QzMXBkaTB6d0JxMXBUeCUyRlpUazRUS3ElMkJwUFFMYTJTUXEwM1VCMXclM0QlM0Q&tld=glucofreezetoday.com&dy=1&fu=https%253A%252F%252Fglucofreezetoday.com%252Fspecial-announcement%252Findex.html%253Faff_id%253D28098%2526subid%253Dmw1giaop0117glucofreeze&pu=https%253A%252F%252Femdlvr.com%252F&dtycbr=41924
200 OK 0 B URL HTTP/2 sslwidget.criteo.com/event?a=89824&v=5.12.3&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523%26ref%3Dhttps%253A%252F%252Femdlvr.com&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=uSiCzV91UUVUREhZbWE2RzA3WFk5c0p1TTJXbDh5WEQxSzVsUlBuWmpYZGk4anNoQjhVTzdIajI3SWtxa0RBJTJCcnNnTm93bGhwYUtlNFk2ZDZna2FxajdEbFh3TjBrVnZZMzQwcDBoa3VZb041M3RBeldTY0QzMXBkaTB6d0JxMXBUeCUyRlpUazRUS3ElMkJwUFFMYTJTUXEwM1VCMXclM0QlM0Q&tld=glucofreezetoday.com&dy=1&fu=https%253A%252F%252Fglucofreezetoday.com%252Fspecial-announcement%252Findex.html%253Faff_id%253D28098%2526subid%253Dmw1giaop0117glucofreeze&pu=https%253A%252F%252Femdlvr.com%252F&dtycbr=41924
IP
GET /event?a=89824&v=5.12.3&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523%26ref%3Dhttps%253A%252F%252Femdlvr.com&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=uSiCzV91UUVUREhZbWE2RzA3WFk5c0p1TTJXbDh5WEQxSzVsUlBuWmpYZGk4anNoQjhVTzdIajI3SWtxa0RBJTJCcnNnTm93bGhwYUtlNFk2ZDZna2FxajdEbFh3TjBrVnZZMzQwcDBoa3VZb041M3RBeldTY0QzMXBkaTB6d0JxMXBUeCUyRlpUazRUS3ElMkJwUFFMYTJTUXEwM1VCMXclM0QlM0Q&tld=glucofreezetoday.com&dy=1&fu=https%253A%252F%252Fglucofreezetoday.com%252Fspecial-announcement%252Findex.html%253Faff_id%253D28098%2526subid%253Dmw1giaop0117glucofreeze&pu=https%253A%252F%252Femdlvr.com%252F&dtycbr=41924 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofreezetoday.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:38 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 20063837
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-bFbPT2Iuo4o9mBB4LUn8UIn250pC_EyBfwCpFw
200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-bFbPT2Iuo4o9mBB4LUn8UIn250pC_EyBfwCpFw
IP
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-bFbPT2Iuo4o9mBB4LUn8UIn250pC_EyBfwCpFw HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 11:35:39 GMT
x-fastly-to-nlb-rtt: 21952
access-control-allow-credentials: true
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-iG8G12Iuo4o9mBB4LUn8UIn250qGpVU_FUSUnTBcEDY1Cauq
200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-iG8G12Iuo4o9mBB4LUn8UIn250qGpVU_FUSUnTBcEDY1Cauq
IP
GET /usersync/push?partner=criteo&partnerId=k-iG8G12Iuo4o9mBB4LUn8UIn250qGpVU_FUSUnTBcEDY1Cauq HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:35:39 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%22116b52f0-965b-11ed-bbe2-d507f6318840%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Tue, 31 Jan 2023 11:35:39 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%22116b52f0-965b-11ed-bbe2-d507f6318840%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Tue, 31 Jan 2023 11:35:39 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%22116b52f0-965b-11ed-bbe2-d507f6318840%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Tue, 31 Jan 2023 11:35:39 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%22116b52f0-965b-11ed-bbe2-d507f6318840%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Tue, 31 Jan 2023 11:35:39 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-iG8G12Iuo4o9mBB4LUn8UIn250qGpVU_FUSUnTBcEDY1Cauq%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Tue, 31 Jan 2023 11:35:39 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
170.187.185.18
34.117.237.239
213.19.162.80
34.249.28.111
185.86.139.57
23.195.255.234
104.18.32.68
23.13.245.180
141.226.228.48
69.172.200.220
37.157.3.30