Overview

URL cloud.bitclouthost.com/ga/click/2-311088380-1591-14056-27455-25328-1829f46003-pec7f29c9c
IP149.102.139.201
ASNCOGENT-174
Location United States
Report completed2022-09-11 07:47:35 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-11 2 mwebnice.com/6738/186/2/?subid=reeedmm7 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (50)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-11 05:07:45 UTC 172.64.155.188
mnemonic passive DNS assets.mantisadnetwork.com (1) 155106 2018-11-22 04:54:21 UTC 2022-09-10 23:48:54 UTC 143.204.55.129
mnemonic passive DNS cdn01.basis.net (1) 6554 2017-07-10 04:43:26 UTC 2022-09-10 23:48:54 UTC 178.79.212.177
mnemonic passive DNS pixel.sitescout.com (2) 3280 2012-05-21 13:21:02 UTC 2022-09-11 03:36:33 UTC 66.155.71.25
mnemonic passive DNS gum.criteo.com (2) 381 2015-01-22 10:58:57 UTC 2022-09-11 04:55:08 UTC 178.250.0.157
mnemonic passive DNS licensing.bitmovin.com (2) 19299 2017-01-30 06:23:56 UTC 2022-09-10 23:53:12 UTC 35.227.229.24
mnemonic passive DNS analytics-ingress-global.bitmovin.com (7) 47119 2017-08-18 05:30:44 UTC 2022-09-11 06:07:47 UTC 35.190.27.197
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-10 04:47:01 UTC 142.251.1.154
mnemonic passive DNS www.clickfunnels.com (1) 51002 2014-10-08 20:01:35 UTC 2022-09-11 01:54:08 UTC 104.16.14.194
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-09-11 05:33:53 UTC 142.250.74.3
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-11 04:57:20 UTC 34.120.237.76
mnemonic passive DNS fonts.gstatic.com (5) 0 2014-08-29 13:43:22 UTC 2022-09-10 04:46:45 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-10 05:14:59 UTC 104.18.21.226
mnemonic passive DNS www.rtb123.com (1) 18626 2017-06-03 19:59:06 UTC 2022-09-10 23:48:54 UTC 67.225.220.126
mnemonic passive DNS ocsp.godaddy.com (2) 698 2012-05-20 19:28:57 UTC 2022-09-11 04:57:30 UTC 192.124.249.24
mnemonic passive DNS widget.us.criteo.com (1) 19445 2015-08-23 19:59:38 UTC 2022-09-11 04:59:08 UTC 74.119.119.150
mnemonic passive DNS renewyourknees.com (16) 0 2021-06-07 08:45:56 UTC 2022-09-11 00:55:27 UTC 104.16.12.194 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (15) 175 2017-06-14 07:23:31 UTC 2022-09-10 04:46:29 UTC 142.250.74.3
mnemonic passive DNS amplify.outbrain.com (1) 2255 2017-04-12 07:58:35 UTC 2022-09-11 05:16:51 UTC 2.18.72.171
mnemonic passive DNS status.thawte.com (2) 5123 2017-11-27 12:33:51 UTC 2022-09-10 05:46:48 UTC 93.184.220.29
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-11 03:25:17 UTC 216.239.36.178
mnemonic passive DNS dnacdn.net (1) 3760 2019-09-02 15:07:45 UTC 2022-09-11 05:54:08 UTC 178.250.0.157
mnemonic passive DNS static.getclicky.com (1) 11697 2012-05-22 03:28:28 UTC 2022-09-11 00:29:14 UTC 104.16.221.29
mnemonic passive DNS mwebnice.com (1) 0 2022-02-18 00:05:35 UTC 2022-09-10 11:22:24 UTC 104.21.10.231 Unknown ranking
mnemonic passive DNS cloud.bitclouthost.com (1) 0 2022-06-25 08:07:47 UTC 2022-09-10 16:08:30 UTC 149.102.139.201 Unknown ranking
mnemonic passive DNS era.eramyhome.com (1) 0 2022-07-22 15:13:31 UTC 2022-09-10 14:50:04 UTC 139.64.132.126 Unknown ranking
mnemonic passive DNS ocsp.sca1b.amazontrust.com (3) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.88
mnemonic passive DNS cdn1.lockerdomecdn.com (1) 13402 2017-05-19 01:45:29 UTC 2022-09-10 23:48:54 UTC 54.230.111.26
mnemonic passive DNS static.criteo.net (1) 652 2015-06-24 06:04:54 UTC 2022-09-10 06:26:06 UTC 178.250.2.130
mnemonic passive DNS gem.gbc.criteo.com (1) 6039 2019-02-06 06:21:41 UTC 2022-09-10 16:11:01 UTC 178.250.6.250
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-11 04:30:20 UTC 23.33.119.27
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-11 04:40:13 UTC 143.204.55.49
mnemonic passive DNS ocsp.digicert.com (10) 86 2012-05-21 07:02:23 UTC 2022-09-11 05:39:15 UTC 93.184.220.29
mnemonic passive DNS quick.vidalytics.com (7) 193746 2018-05-11 09:57:53 UTC 2022-09-10 23:53:12 UTC 151.139.128.11
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-11 05:15:46 UTC 143.204.55.35
mnemonic passive DNS s3-us-west-2.amazonaws.com (1) 0 2017-01-30 05:44:25 UTC 2022-09-11 06:12:07 UTC 52.218.133.32 Unknown ranking
mnemonic passive DNS www.prosperwellness.co (1) 0 2019-03-28 20:31:23 UTC 2022-09-10 23:48:55 UTC 172.67.144.251 Unknown ranking
mnemonic passive DNS ag.gbc.criteo.com (1) 5925 2018-12-17 13:17:41 UTC 2022-09-11 04:59:07 UTC 185.235.84.120
mnemonic passive DNS sslwidget.criteo.com (1) 1723 2012-05-31 02:43:28 UTC 2022-09-11 06:04:24 UTC 178.250.2.151
mnemonic passive DNS stats.vidalytics.com (3) 153185 2017-02-08 02:49:35 UTC 2022-09-11 06:07:47 UTC 34.107.158.93
mnemonic passive DNS fonts.googleapis.com (3) 8877 2014-07-21 13:19:55 UTC 2022-09-11 00:21:41 UTC 142.250.74.10
mnemonic passive DNS use.fontawesome.com (2) 942 2017-01-30 04:43:25 UTC 2022-09-11 06:02:14 UTC 172.67.169.247
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-11 04:55:37 UTC 52.27.12.161
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-10 04:57:55 UTC 142.250.74.72
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-09-11 04:57:01 UTC 157.240.200.14
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-10 04:50:29 UTC 157.240.200.35
mnemonic passive DNS in.getclicky.com (1) 9776 2012-05-21 07:08:50 UTC 2022-09-11 00:26:03 UTC 198.145.13.13
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-11 04:58:07 UTC 34.117.237.239
mnemonic passive DNS app.clickfunnels.com (1) 34727 2015-03-12 08:40:23 UTC 2022-09-10 19:06:38 UTC 104.16.14.194
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-10 11:27:12 UTC 142.250.74.164


Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 149.102.139.201

Date UQ / IDS / BL URL IP
2022-09-11 07:47:35 +0000
0 - 0 - 1 cloud.bitclouthost.com/ga/click/2-311088380-1 (...) 149.102.139.201
2022-09-06 18:49:22 +0000
0 - 0 - 1 cloud.bitclouthost.com/ga/click/2-230952758-1 (...) 149.102.139.201
2022-08-29 01:43:54 +0000
0 - 0 - 1 cloud.bitclouthost.com/ga/click/2-230517650-1 (...) 149.102.139.201
2022-08-28 20:12:13 +0000
0 - 0 - 1 cloud.bitclouthost.com/ga/click/2-231252400-1 (...) 149.102.139.201

Last 5 reports on ASN: COGENT-174

Date UQ / IDS / BL URL IP
2022-12-09 16:31:09 +0000
0 - 0 - 2 ycej.htobl.cn/ 38.162.65.80
2022-12-09 15:44:50 +0000
0 - 0 - 1 flybyu.com/c/1289/1-32499969/1/ 149.5.175.168
2022-12-09 15:18:20 +0000
0 - 0 - 1 soft.studystatisticssoftware.com/ga/click/2-3 (...) 154.12.255.128
2022-12-09 15:11:23 +0000
0 - 0 - 57 kshemalayam.com/ 154.12.246.55
2022-12-09 14:27:27 +0000
0 - 0 - 14 www.dzpress.com.cn/zxdtlist1.aspx 38.238.85.34

Last 4 reports on domain: bitclouthost.com

Date UQ / IDS / BL URL IP
2022-09-11 07:47:35 +0000
0 - 0 - 1 cloud.bitclouthost.com/ga/click/2-311088380-1 (...) 149.102.139.201
2022-09-06 18:49:22 +0000
0 - 0 - 1 cloud.bitclouthost.com/ga/click/2-230952758-1 (...) 149.102.139.201
2022-08-29 01:43:54 +0000
0 - 0 - 1 cloud.bitclouthost.com/ga/click/2-230517650-1 (...) 149.102.139.201
2022-08-28 20:12:13 +0000
0 - 0 - 1 cloud.bitclouthost.com/ga/click/2-231252400-1 (...) 149.102.139.201

No other reports with similar screenshot



JavaScript

Executed Scripts (52)


Executed Evals (3)

#1 JavaScript::Eval (size: 655, repeated: 1) - SHA256: 97c33bf4252fe957777ccb6e04ecfac3e1c00526256426b1d71244206aab457a

                                        (function(v, i, d, a, l, y, t, c, s) {
    y = '_' + d.toLowerCase();
    if (!v[y]) {
        v[y] = {}
    }
    if (!v[y].embeds) {
        v[y].embeds = {}
    }
    t = function() {
        if (v[d] && v[d].Embed) {
            var ve = v[d].Embed;
            c = new ve();
            c.run(a);
            c.loadCss();
        } else {
            setTimeout(t, 1000)
        }
    };
    s = new XMLHttpRequest();
    s.open("GET", l + '?ac=' + (new Date()).getTime(), true);
    s.onreadystatechange = function() {
        if (s.readyState == 4) {
            if ((s.status == 200 || s.status == 304)) {
                var sd = JSON.parse(s.responseText);
                v[y].embeds[a] = {
                    type: "video",
                    options: sd
                };
                t();
            }
        }
    };
    s.send();
})(window, document, 'Vidalytics', 'G6i2TCj8FIK2j19d', 'https://quick.vidalytics.com/embeds/Gzq_USs6/G6i2TCj8FIK2j19d/player.settings.json');
                                    

#2 JavaScript::Eval (size: 20304, repeated: 1) - SHA256: 9c1ea695852f01d2fc6027d572b126b740a9c4634540fb0d39ea3656377eef77

                                        function $d(d) {
    return document.getElementById(d)
}
var proc = location.protocol;
if (proc != 'https:') {
    proc = 'http:'
}
var _image_path = proc + '//addthisevent.com/gfx/icon-calendar-t1.png';
var _ate_license = '';
var _ate_mouse = false;
var _ate_css = 'true';
var _ate_callback = '';
var _ate_dropdown = '';
var _ate_lbl_outlook = 'Outlook Calendar';
var _ate_lbl_google = 'Google Calendar';
var _ate_lbl_yahoo = 'Yahoo Calendar';
var _ate_lbl_hotmail = 'Hotmail Calendar';
var _ate_lbl_ical = 'iCal Calendar';
var _ate_lbl_fb_event = 'Facebook Event';
var _ate_show_outlook = true;
var _ate_show_google = true;
var _ate_show_yahoo = true;
var _ate_show_hotmail = true;
var _ate_show_ical = true;
var _ate_show_facebook = true;
var _d_rd = false;
var _ate_btn_found = false;
var _ate_btn_expo = false;
var addthisevent = function() {
    var D = false,
        dropzcx = 1,
        olddrop = '',
        dropmousetim, css1 = false,
        css2 = false;
    return {
        generate: function() {
            try {
                _image_path = _image_path
            } catch (e) {
                _image_path = proc + '//addthisevent.com/gfx/icon-calendar-t1.png'
            }
            try {
                _ate_license = _license
            } catch (e) {}
            try {
                _ate_mouse = _mouse
            } catch (e) {}
            try {
                _ate_css = _css
            } catch (e) {}
            var b = addthisevent.glicense(_ate_license);
            var c = document.getElementsByTagName('*');
            for (var d = 0; d < c.length; d += 1) {
                var f = '',
                    fbevent = false,
                    str = c[d].className,
                    htmx = '';
                if (addthisevent.hasclass(c[d], 'addthisevent')) {
                    var g = c[d].getElementsByTagName('span');
                    for (var m = 0; m < g.length; m += 1) {
                        if (addthisevent.hasclass(g[m], '_url')) {
                            g[m].style.display = 'none'
                        }
                        if (addthisevent.hasclass(g[m], '_start')) {
                            g[m].style.display = 'none';
                            f += '&dstart=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_end')) {
                            g[m].style.display = 'none';
                            f += '&dend=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_zonecode')) {
                            g[m].style.display = 'none';
                            f += '&dzone=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_summary')) {
                            g[m].style.display = 'none';
                            f += '&dsum=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_description')) {
                            g[m].style.display = 'none';
                            f += '&ddesc=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_location')) {
                            g[m].style.display = 'none';
                            f += '&dloca=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_organizer')) {
                            g[m].style.display = 'none';
                            f += '&dorga=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_organizer_email')) {
                            g[m].style.display = 'none';
                            f += '&dorgaem=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_attendees')) {
                            g[m].style.display = 'none';
                            f += '&datte=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_all_day_event')) {
                            g[m].style.display = 'none';
                            f += '&dallday=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_date_format')) {
                            g[m].style.display = 'none';
                            f += '&dateformat=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_alarm_reminder')) {
                            g[m].style.display = 'none';
                            f += '&alarm=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_recurring')) {
                            g[m].style.display = 'none';
                            f += '&drule=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_uid')) {
                            g[m].style.display = 'none';
                            f += '&uid=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_facebook_event')) {
                            if (g[m].innerHTML != '') {
                                g[m].style.display = 'none';
                                var h = g[m].innerHTML.replace(/ /gi, "");
                                f += '&fbevent=' + encodeURIComponent(h);
                                fbevent = true
                            }
                        }
                    }
                    if (b) {
                        f += '&credits=false'
                    }
                    f = f.replace(/'/gi, "�");
                    if (_ate_dropdown != '') {
                        _ate_dropdown = _ate_dropdown + ',';
                        _ate_dropdown = _ate_dropdown.replace(/ /gi, '');
                        var i = _ate_dropdown.split(',');
                        for (var a = 0; a < i.length; a += 1) {
                            if (_ate_show_outlook && i[a] == 'outlook') {
                                htmx += '<span class="ateoutlook" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'outlook\',\'' + f + '\');">' + _ate_lbl_outlook + '</span>'
                            }
                            if (_ate_show_google && i[a] == 'google') {
                                htmx += '<span class="ategoogle" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'google\',\'' + f + '\');">' + _ate_lbl_google + '</span>'
                            }
                            if (_ate_show_yahoo && i[a] == 'yahoo') {
                                htmx += '<span class="ateyahoo" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'yahoo\',\'' + f + '\');">' + _ate_lbl_yahoo + '</span>'
                            }
                            if (_ate_show_hotmail && i[a] == 'hotmail') {
                                htmx += '<span class="atehotmail" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'hotmail\',\'' + f + '\');">' + _ate_lbl_hotmail + '</span>'
                            }
                            if (_ate_show_ical && i[a] == 'ical') {
                                htmx += '<span class="ateical" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'ical\',\'' + f + '\');">' + _ate_lbl_ical + '</span>'
                            }
                            if (fbevent && i[a] == 'facebook') {
                                if (_ate_show_facebook && i[a] == 'facebook') {
                                    htmx += '<span class="atefacebook" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'facebook\',\'' + f + '\');">' + _ate_lbl_fb_event + '</span>'
                                }
                            }
                        }
                    } else {
                        if (_ate_show_outlook) {
                            htmx += '<span class="ateoutlook" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'outlook\',\'' + f + '\');">' + _ate_lbl_outlook + '</span>'
                        }
                        if (_ate_show_google) {
                            htmx += '<span class="ategoogle" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'google\',\'' + f + '\');">' + _ate_lbl_google + '</span>'
                        }
                        if (_ate_show_yahoo) {
                            htmx += '<span class="ateyahoo" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'yahoo\',\'' + f + '\');">' + _ate_lbl_yahoo + '</span>'
                        }
                        if (_ate_show_hotmail) {
                            htmx += '<span class="atehotmail" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'hotmail\',\'' + f + '\');">' + _ate_lbl_hotmail + '</span>'
                        }
                        if (_ate_show_ical) {
                            htmx += '<span class="ateical" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'ical\',\'' + f + '\');">' + _ate_lbl_ical + '</span>'
                        }
                        if (fbevent) {
                            if (_ate_show_facebook) {
                                htmx += '<span data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'facebook\',\'' + f + '\');">' + _ate_lbl_fb_event + '</span>'
                            }
                        }
                    }
                    if (!b) {
                        htmx += '<em class="copyx"><em class="brx"></em><em class="frs" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'home\');">AddThisEvent</em></em>'
                    }
                    c[d].id = 'atedrop' + dropzcx;
                    c[d].className = c[d].className.replace(/addthisevent/gi, '');
                    c[d].className = c[d].className + ' addthisevent-drop';
                    c[d].title = '';
                    var j = c[d].getAttribute('data-direct');
                    if (j) {
                        c[d].setAttribute('data-url', f);
                        c[d].setAttribute('data-ref', dropzcx);
                        c[d].onclick = function() {
                            addthisevent.direct(this);
                            return false
                        }
                    } else {
                        if (_ate_mouse) {
                            c[d].onmouseover = function() {
                                clearTimeout(dropmousetim);
                                addthisevent.show(this, 'auto', 'auto', true)
                            };
                            c[d].onmouseout = function() {
                                dropmousetim = setTimeout("addthisevent.out();", 200)
                            };
                            c[d].onclick = function() {
                                return false
                            }
                        } else {
                            c[d].onclick = function() {
                                addthisevent.show(this, 'auto', 'auto');
                                return false
                            }
                        }
                    }
                    var k = c[d];
                    var l = document.createElement('span');
                    l.id = 'atedrop' + dropzcx + '-drop';
                    l.className = 'addthisevent_dropdown';
                    l.innerHTML = htmx;
                    k.appendChild(l);
                    dropzcx++;
                    _ate_btn_found = true
                }
            }
            if (_ate_css == 'false') {
                addthisevent.trycss()
            } else {
                addthisevent.applycss(b)
            }
            if (_ate_btn_found && !_ate_btn_expo) {
                _ate_btn_expo = true;
                addthisevent.track({
                    typ: 'exposure',
                    cal: ''
                })
            }
        },
        direct: function(f) {
            var a = f.getAttribute('data-url');
            var b = f.getAttribute('data-direct');
            addthisevent.cli(f, b, a)
        },
        cli: function(f, a, b) {
            var c = '',
                ref = location.href,
                nw = true,
                now = new Date();
            if (a == 'outlook') {
                c = proc + '//addthisevent.com/create/?service=OUTLOOK' + b + '&reference=' + ref;
                nw = false
            }
            if (a == 'google') {
                c = proc + '//addthisevent.com/create/?service=GOOGLE' + b + '&reference=' + ref
            }
            if (a == 'yahoo') {
                c = proc + '//addthisevent.com/create/?service=YAHOO' + b + '&reference=' + ref
            }
            if (a == 'hotmail') {
                c = proc + '//addthisevent.com/create/?service=HOTMAIL' + b + '&reference=' + ref
            }
            if (a == 'ical') {
                c = proc + '//addthisevent.com/create/?service=ICAL' + b + '&reference=' + ref;
                nw = false
            }
            if (a == 'facebook') {
                c = proc + '//addthisevent.com/create/?service=FACEBOOK' + b + '&reference=' + ref
            }
            if (a == 'home') {
                c = proc + '//addthisevent.com/'
            }
            if (c != '') {
                if (a != 'home') {
                    var d = f.getAttribute('data-ref');
                    var g = $d('atedrop' + d);
                    if (g) {
                        var h = g.getAttribute('data-track');
                        if (h != null) {
                            h = h.replace(/ate-calendar/gi, a);
                            try {
                                eval(h)
                            } catch (e) {}
                        }
                    }
                }
                if (!$d('atecllink')) {
                    var j = document.createElement("a");
                    j.id = 'atecllink';
                    j.rel = 'external';
                    j.innerHTML = '{addthisevent-ghost-link}';
                    j.style.display = 'none';
                    document.body.appendChild(j)
                }
                var k = $d('atecllink');
                if (nw) {
                    k.target = '_blank'
                } else {
                    k.target = '_self'
                }
                k.href = c;
                addthisevent.eclick('atecllink')
            }
            addthisevent.track({
                typ: 'click',
                cal: a
            });
            if (_ate_callback) {
                for (var i = 0; i < _ate_callback.length; i++) {
                    try {
                        eval(_ate_callback[i])
                    } catch (e) {
                        alert(e.description)
                    }
                }
            }
        },
        applycss: function(a) {
            if (!css2) {
                var b;
                b = '.addthisevent-drop {display:inline-block;position:relative;font-family:arial;color:#333!important;background:#f4f4f4 url(' + _image_path + ') no-repeat 9px 50%;text-decoration:none!important;border:1px solid #d9d9d9;color:#555;font-weight:bold;font-size:14px;text-decoration:none;padding:9px 12px 8px 35px;-moz-border-radius:2px;-webkit-border-radius:2px;-webkit-touch-callout:none;-webkit-user-select:none;-khtml-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none;}';
                b += '.addthisevent-drop:hover {border:1px solid #aab9d4;color:#555;font-weight:bold;font-size:14px;text-decoration:none!important;}';
                b += '.addthisevent-drop:active {top:1px;}';
                b += '.addthisevent-selected {background-color:#f7f7f7;}';
                if (a) {
                    b += '.addthisevent_dropdown {width:200px;position:absolute;z-index:99999;padding:0px 0px 0px 0px;background:#fff;text-align:left;display:none;margin-top:-2px;margin-left:-1px;border-top:1px solid #c8c8c8;border-right:1px solid #bebebe;border-bottom:1px solid #a8a8a8;border-left:1px solid #bebebe;-moz-border-radius:2px;-webkit-border-radius:2px;-webkit-box-shadow:1px 3px 6px rgba(0,0,0,0.15);-moz-box-shadow:1px 3px 6px rgba(0,0,0,0.15);box-shadow:1px 3px 6px rgba(0,0,0,0.15);}'
                } else {
                    b += '.addthisevent_dropdown {width:200px;position:absolute;z-index:99999;padding:6px 0px 0px 0px;background:#fff;text-align:left;display:none;margin-top:-2px;margin-left:-1px;border-top:1px solid #c8c8c8;border-right:1px solid #bebebe;border-bottom:1px solid #a8a8a8;border-left:1px solid #bebebe;-moz-border-radius:2px;-webkit-border-radius:2px;-webkit-box-shadow:1px 3px 6px rgba(0,0,0,0.15);-moz-box-shadow:1px 3px 6px rgba(0,0,0,0.15);box-shadow:1px 3px 6px rgba(0,0,0,0.15);}'
                }
                b += '.addthisevent_dropdown span {display:block;cursor:pointer;line-height:110%;background:#fff;text-decoration:none;font-size:12px;color:#6d84b4;padding:8px 10px 9px 15px;}';
                b += '.addthisevent_dropdown span:hover {background:#f4f4f4;color:#6d84b4;text-decoration:none;font-size:12px;}';
                b += '.addthisevent span {display:none!important;}';
                b += '.addthisevent-drop ._url,.addthisevent-drop ._start,.addthisevent-drop ._end,.addthisevent-drop ._zonecode,.addthisevent-drop ._summary,.addthisevent-drop ._description,.addthisevent-drop ._location,.addthisevent-drop ._organizer,.addthisevent-drop ._organizer_email,.addthisevent-drop ._facebook_event,.addthisevent-drop ._all_day_event {display:none!important;}';
                b += '.addthisevent_dropdown .copyx {width:200px;height:21px;display:block;position:relative;cursor:default;}';
                b += '.addthisevent_dropdown .brx {width:180px;height:1px;overflow:hidden;background:#e0e0e0;position:absolute;z-index:100;left:10px;top:9px;}';
                b += '.addthisevent_dropdown .frs {position:absolute;top:5px;cursor:pointer;right:10px;padding-left:10px;font-style:normal;font-weight:normal;text-align:right;z-index:101;line-height:110%;background:#fff;text-decoration:none;font-size:9px;color:#cacaca;}';
                b += '.addthisevent_dropdown .frs:hover {color:#999!important;}';
                var c = document.createElement("style");
                c.type = "text/css";
                c.id = "ate_css";
                if (c.styleSheet) {
                    c.styleSheet.cssText = b
                } else {
                    c.appendChild(document.createTextNode(b))
                }
                document.getElementsByTagName("head")[0].appendChild(c);
                css2 = true
            }
        },
        trycss: function() {
            if (!css1) {
                try {
                    var a = '.addthisevent {visibility:hidden;}';
                    a += '.addthisevent-drop ._url,.addthisevent-drop ._start,.addthisevent-drop ._end,.addthisevent-drop ._zonecode,.addthisevent-drop ._summary,.addthisevent-drop ._description,.addthisevent-drop ._location,.addthisevent-drop ._organizer,.addthisevent-drop ._organizer_email,.addthisevent-drop ._attendees,.addthisevent-drop ._facebook_event,.addthisevent-drop ._all_day_event {display:none!important;}';
                    var b = document.createElement("style");
                    b.type = "text/css";
                    if (b.styleSheet) {
                        b.styleSheet.cssText = a
                    } else {
                        b.appendChild(document.createTextNode(a))
                    }
                    document.getElementsByTagName("head")[0].appendChild(b)
                } catch (e) {}
                css1 = true;
                addthisevent.track({
                    typ: 'jsinit',
                    cal: ''
                })
            }
        },
        removecss: function() {
            try {
                return (hdx = $d('ate_css')) ? hdx.parentNode.removeChild(hdx) : false
            } catch (e) {}
        },
        show: function(f, o, a, b) {
            var c = f.id;
            var d = $d(c);
            var g = $d(c + '-drop');
            if (d && g) {
                if (olddrop != c) {
                    addthisevent.hide(olddrop)
                }
                var h = addthisevent.getstyle(g, 'display');
                try {
                    f.blur()
                } catch (e) {};
                if (h == 'block') {
                    if (b) {} else {
                        addthisevent.hide(c)
                    }
                } else {
                    olddrop = c;
                    d.className = d.className + ' addthisevent-selected';
                    d.style.zIndex = addthisevent.topzindex();
                    g.style.left = '0px';
                    g.style.top = '0px';
                    g.style.display = 'block';
                    setTimeout("addthisevent.tim();", 350);
                    D = false;
                    var i = parseInt(d.offsetHeight);
                    var j = parseInt(d.offsetWidth);
                    var k = parseInt(g.offsetHeight);
                    var l = parseInt(g.offsetWidth);
                    var m = addthisevent.viewport();
                    var n = m.split('/');
                    var p = parseInt(n[0]);
                    var q = parseInt(n[1]);
                    var r = parseInt(n[2]);
                    var s = parseInt(n[3]);
                    var t = addthisevent.elementposition(g);
                    var u = t.split('/');
                    var v = parseInt(u[0]);
                    var w = parseInt(u[1]);
                    var x = w + k;
                    var y = q + s;
                    var z = v + l;
                    var A = p + r;
                    var B = 0,
                        dropy = 0;
                    if (o == 'down' && a == 'left') {
                        B = '0px';
                        dropy = i + 'px'
                    } else if (o == 'up' && a == 'left') {
                        B = '0px';
                        dropy = -k + 'px'
                    } else if (o == 'down' && a == 'right') {
                        B = -(l - j) + 'px';
                        dropy = i + 'px'
                    } else if (o == 'up' && a == 'right') {
                        B = -(l - j) + 'px';
                        dropy = -k + 'px'
                    } else if (o == 'auto' && a == 'left') {
                        B = '0px';
                        if (x > y) {
                            dropy = -k + 'px'
                        } else {
                            dropy = i + 'px'
                        }
                    } else if (o == 'auto' && a == 'right') {
                        B = -(l - j) + 'px';
                        if (x > y) {
                            dropy = -k + 'px'
                        } else {
                            dropy = i + 'px'
                        }
                    } else {
                        if (x > y) {
                            dropy = -k + 'px'
                        } else {
                            dropy = i + 'px'
                        }
                        if (z > A) {
                            B = -(l - j) + 'px'
                        } else {
                            B = '0px'
                        }
                    }
                    g.style.left = B;
                    g.style.top = dropy;
                    var C = 'ontouchstart' in document.documentElement ? 'touchstart' : 'click';
                    if (document.addEventListener) {
                        document.addEventListener(C, function() {
                            if (D) {
                                setTimeout(function() {
                                    addthisevent.force(c)
                                }, 300)
                            }
                        }, false)
                    } else if (document.attachEvent) {
                        document.attachEvent("on" + C, function() {
                            if (D) {
                                setTimeout(function() {
                                    addthisevent.force(c)
                                }, 300)
                            }
                        })
                    } else {
                        document.onclick = function() {
                            addthisevent.force(c)
                        }
                    }
                }
            }
        },
        force: function(f) {
            var a = $d(f);
            var b = $d(f + '-drop');
            if (a && b) {
                if (D && b.style.display == 'block') {
                    setTimeout("addthisevent.hide('" + f + "');", 350)
                }
            }
        },
        out: function() {
            addthisevent.force(olddrop)
        },
        hide: function(f) {
            var a = $d(f);
            var b = $d(f + '-drop');
            if (a && b) {
                a.className = a.className.replace(/addthisevent-selected/gi, '');
                b.style.display = 'none';
                b.style.zIndex = ''
            }
        },
        tim: function() {
            D = true
        },
        topzindex: function() {
            var a = 99999;
            var b = document.getElementsByTagName('*');
            for (var d = 0; d < b.length; d += 1) {
                if (addthisevent.hasclass(b[d], 'addthisevent-drop') || addthisevent.hasclass(b[d], 'addeventstc-drop')) {
                    var c = addthisevent.getstyle(b[d], 'z-index');
                    if (!isNaN(parseFloat(c)) && isFinite(c)) {
                        c = parseInt(c);
                        if (c > a) {
                            a = c
                        }
                    }
                }
            }
            a++;
            return a
        },
        viewport: function() {
            var w = 0,
                h = 0,
                y = 0,
                x = 0;
            if (typeof(window.innerWidth) == 'number') {
                w = window.innerWidth;
                h = window.innerHeight
            } else if (document.documentElement && (document.documentElement.clientWidth || document.documentElement.clientHeight)) {
                w = document.documentElement.clientWidth;
                h = document.documentElement.clientHeight
            } else if (document.body && (document.body.clientWidth || document.body.clientHeight)) {
                w = document.body.clientWidth;
                h = document.body.clientHeight
            }
            if (document.all) {
                x = (document.documentElement.scrollLeft) ? document.documentElement.scrollLeft : document.body.scrollLeft;
                y = (document.documentElement.scrollTop) ? document.documentElement.scrollTop : document.body.scrollTop
            } else {
                x = window.pageXOffset;
                y = window.pageYOffset
            }
            return w + '/' + h + '/' + x + '/' + y
        },
        elementposition: function(a) {
            var x = 0,
                y = 0;
            if (a.offsetParent) {
                x = a.offsetLeft;
                y = a.offsetTop;
                while (a = a.offsetParent) {
                    x += a.offsetLeft;
                    y += a.offsetTop
                }
            }
            return x + '/' + y
        },
        getstyle: function(a, b) {
            var x = a;
            var y;
            if (x.currentStyle) {
                y = x.currentStyle[b]
            } else if (window.getComputedStyle) {
                y = document.defaultView.getComputedStyle(x, null).getPropertyValue(b)
            }
            return y
        },
        glicense: function(f) {
            var b = location.href;
            var c = true;
            var d = f;
            var e = d.length;
            if (e == 20) {
                var a = d.substring(0, 1);
                var z = d.substring(9, 10);
                var m = d.substring(17, 18);
                if (a != 'a') {
                    c = false
                }
                if (z != 'z') {
                    c = false
                }
                if (m != 'm') {
                    c = false
                }
            } else {
                c = false
            }
            if (b.indexOf('addthisevent.com') == -1 && d == 'aao8iuet5zp9iqw5sm9z') {
                c = false
            }
            return c
        },
        refresh: function() {
            var a = document.getElementsByTagName('*');
            for (var d = 0; d < a.length; d += 1) {
                if (addthisevent.hasclass(a[d], 'addthisevent-drop')) {
                    a[d].className = a[d].className.replace(/addthisevent-drop/gi, '');
                    a[d].className = a[d].className.replace(/addthisevent/gi, '');
                    a[d].className = a[d].className + ' addthisevent'
                }
            }
            _ate_btn_expo = false;
            addthisevent.generate()
        },
        callcack: function(f) {
            _ate_callback = f
        },
        setlabel: function(l, t) {
            var x = l.toLowerCase();
            if (x == 'outlook') {
                _ate_lbl_outlook = t
            }
            if (x == 'google') {
                _ate_lbl_google = t
            }
            if (x == 'yahoo') {
                _ate_lbl_yahoo = t
            }
            if (x == 'ical') {
                _ate_lbl_ical = t
            }
            if (x == 'facebookevent') {
                _ate_lbl_fb_event = t
            }
        },
        settings: function(c) {
            if (c.license != undefined) {
                _ate_license = c.license
            }
            if (c.css != undefined) {
                if (c.css) {
                    _ate_css = 'true'
                } else {
                    _ate_css = 'false';
                    addthisevent.removecss()
                }
            }
            if (c.mouse != undefined) {
                _ate_mouse = c.mouse
            }
            if (c.outlook != undefined) {
                if (c.outlook.show != undefined) {
                    _ate_show_outlook = c.outlook.show
                }
            }
            if (c.google != undefined) {
                if (c.google.show != undefined) {
                    _ate_show_google = c.google.show
                }
            }
            if (c.yahoo != undefined) {
                if (c.yahoo.show != undefined) {
                    _ate_show_yahoo = c.yahoo.show
                }
            }
            if (c.hotmail != undefined) {
                if (c.hotmail.show != undefined) {
                    _ate_show_hotmail = c.hotmail.show
                }
            }
            if (c.ical != undefined) {
                if (c.ical.show != undefined) {
                    _ate_show_ical = c.ical.show
                }
            }
            if (c.facebook != undefined) {
                if (c.facebook.show != undefined) {
                    _ate_show_facebook = c.facebook.show
                }
            }
            if (c.outlook != undefined) {
                if (c.outlook.text != undefined) {
                    _ate_lbl_outlook = c.outlook.text
                }
            }
            if (c.google != undefined) {
                if (c.google.text != undefined) {
                    _ate_lbl_google = c.google.text
                }
            }
            if (c.yahoo != undefined) {
                if (c.yahoo.text != undefined) {
                    _ate_lbl_yahoo = c.yahoo.text
                }
            }
            if (c.hotmail != undefined) {
                if (c.hotmail.text != undefined) {
                    _ate_lbl_hotmail = c.hotmail.text
                }
            }
            if (c.ical != undefined) {
                if (c.ical.text != undefined) {
                    _ate_lbl_ical = c.ical.text
                }
            }
            if (c.facebook != undefined) {
                if (c.facebook.text != undefined) {
                    _ate_lbl_fb_event = c.facebook.text
                }
            }
            if (c.dropdown != undefined) {
                if (c.dropdown.order != undefined) {
                    _ate_dropdown = c.dropdown.order
                }
            }
            if (c.callback != undefined) {
                _ate_callback = c.callback
            }
        },
        hasclass: function(e, c) {
            return new RegExp('(\\s|^)' + c + '(\\s|$)').test(e.className)
        },
        htmlencode: function(a) {
            var b = a.replace(/<br\s*[\/]?>/gi, "\n");
            b = b.replace(/<(?:.|\n)*?>/gm, '');
            b = b.replace(/(^\s+|\s+$)/g, '');
            var c = document.createElement("div");
            var d = document.createTextNode(b);
            c.appendChild(d);
            return c.innerHTML
        },
        eclick: function(a) {
            var b = document.getElementById(a);
            if (b.click) {
                b.click()
            } else if (document.createEvent) {
                var c = document.createEvent('MouseEvents');
                c.initEvent('click', true, true);
                b.dispatchEvent(c)
            }
        },
        track: function(a) {
            var b = new Image(1, 1);
            var d = new Date();
            var c = d.getTime();
            var e = encodeURIComponent(window.location.href);
            b.src = proc + '//track.addevent.com/atc/?trktyp=' + a.typ + '&trkcal=' + a.cal + '&guid=' + addthisevent.getguid() + '&url=' + e + '&cache=' + c
        },
        getguid: function() {
            var a = "addevent_track_cookie=",
                coov = '';
            var b = document.cookie.split(';');
            for (var i = 0; i < b.length; i++) {
                var c = b[i];
                while (c.charAt(0) == ' ') {
                    c = c.substring(1, c.length)
                }
                if (c.indexOf(a) == 0) {
                    coov = c.substring(a.length, c.length)
                }
            }
            if (coov == '') {
                var d = (addthisevent.s4() + addthisevent.s4() + "-" + addthisevent.s4() + "-4" + addthisevent.s4().substr(0, 3) + "-" + addthisevent.s4() + "-" + addthisevent.s4() + addthisevent.s4() + addthisevent.s4()).toLowerCase();
                var e = new Date();
                e.setTime(e.getTime() + (365 * 24 * 60 * 60 * 1000));
                var f = "expires=" + e.toUTCString();
                document.cookie = "addevent_track_cookie=" + d + "; " + f;
                coov = d
            }
            return coov
        },
        s4: function() {
            return (((1 + Math.random()) * 0x10000) | 0).toString(16).substring(1)
        }
    }
}();
if (window.addEventListener) {
    window.addEventListener("DOMContentLoaded", function() {
        _d_rd = true;
        addthisevent.trycss();
        addthisevent.generate()
    }, false);
    window.addEventListener("load", function() {
        addthisevent.generate()
    }, false)
} else if (window.attachEvent) {
    window.attachEvent("onreadystatechange", function() {
        _d_rd = true;
        addthisevent.trycss();
        addthisevent.generate()
    });
    window.attachEvent("onload", function() {
        addthisevent.generate()
    })
} else {
    window.onload = function() {
        addthisevent.generate()
    }
}
if (!_d_rd) {
    setTimeout("addthisevent.trycss();addthisevent.generate();", 20)
}
                                    

#3 JavaScript::Eval (size: 918, repeated: 1) - SHA256: 8a35882658815a06c43bdfe3ab9dde3442c5d7269fa840dd35afe2b5eb10cc1f

                                        (function(v, i, d, a, l, y, t, c, s) {
    y = '_' + d.toLowerCase();
    c = d + 'L';
    if (!v[d]) {
        v[d] = {};
    }
    if (!v[c]) {
        v[c] = {};
    }
    if (!v[y]) {
        v[y] = {};
    }
    var vl = 'Loader',
        vli = v[y][vl],
        vsl = v[c][vl + 'Script'],
        vlf = v[c][vl + 'Loaded'],
        ve = 'Embed';
    if (!vsl) {
        vsl = function(u, cb) {
            if (t) {
                cb();
                return;
            }
            s = i.createElement("script");
            s.type = "text/javascript";
            s.async = 1;
            s.src = u;
            if (s.readyState) {
                s.onreadystatechange = function() {
                    if (s.readyState === "loaded" || s.readyState == "complete") {
                        s.onreadystatechange = null;
                        vlf = 1;
                        cb();
                    }
                };
            } else {
                s.onload = function() {
                    vlf = 1;
                    cb();
                };
            }
            i.getElementsByTagName("head")[0].appendChild(s);
        };
    }
    vsl(l + 'loader.min.js', function() {
        if (!vli) {
            var vlc = v[c][vl];
            vli = new vlc();
        }
        vli.loadScript(l + 'player.min.js', function() {
            var vec = v[d][ve];
            t = new vec();
            t.run(a);
        });
    });
})(window, document, 'Vidalytics', 'vidalytics_embed_pBrrlABfvNSTASm0', 'https://quick.vidalytics.com/embeds/Gzq_USs6/pBrrlABfvNSTASm0/');
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 85, repeated: 1) - SHA256: fa5fd8280fc9153c19154bd89659f2439774dd29204ecdd07f7f81c15ba14ad0

                                        < body onload = "window.location.href='https://pixel.sitescout.com/dmp/asyncPixelSync'" >
                                    


HTTP Transactions (127)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11528
Expires: Sun, 11 Sep 2022 10:59:32 GMT
Date: Sun, 11 Sep 2022 07:47:24 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 07:07:24 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8mvh8_oJNrvKKr00rd45VZZIgu75Llzct1N95SPbwxpBmvYP18zPWQ==
Age: 2400


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZX3IrPL33QR8oQHVVdmR9XyhkSkjuOLOSzAbQl7a7FXbrFcPlHVTiw==
age: 1812
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /ga/click/2-311088380-1591-14056-27455-25328-1829f46003-pec7f29c9c HTTP/1.1 
Host: cloud.bitclouthost.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         149.102.139.201
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Date: Sun, 11 Sep 2022 07:47:01 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.29
Status: 302 Found
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
X-Request-Id: e77dad73dfa2b5ae91121905e9c136cd
Location: http://era.eramyhome.com/vcfxdcgvhbjhgfcghj-hgfdxcghjhgfcdxgh-gfdxsfghjhgfcdxgh-hgfdxfghjgfdxghj-gfdxfghj7654345678654356786543567
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.019199
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.9
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with no line terminators
Size:   196
Md5:    45477574eca1d2833b52d942d1d565f6
Sha1:   0522664a4141bfae32494004a40348da7ec34ffa
Sha256: 058327c53139aaa6b5c92373bf520b7c6a9350e76b67ecd7cace93c4642c27b8
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 11 Sep 2022 07:47:24 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 11 Sep 2022 06:56:07 GMT
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 07:05:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SnGmr6t_w6NV3mYB088sRSFGQRTL8dvOqOTlL1YnA5hxFH8rtz-FlA==
Age: 3077


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 646
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 07:47:24 GMT
Last-Modified: Sun, 11 Sep 2022 07:36:38 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /vcfxdcgvhbjhgfcghj-hgfdxcghjhgfcdxgh-gfdxsfghjhgfcdxgh-hgfdxfghjgfdxghj-gfdxfghj7654345678654356786543567 HTTP/1.1 
Host: era.eramyhome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         139.64.132.126
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 11 Sep 2022 07:47:24 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: https://mwebnice.com/6738/186/2/?subid=reeedmm7
Content-Length: 1
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    68b329da9893e34099c7d8ad5cb9c940
Sha1:   adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
Sha256: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hxI1llbM4U01Uj5Zft5VYg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.27.12.161
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iyk8+rH8Y/OEYsTKejckXZMIEmA=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8808
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 07:47:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8808
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 07:47:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8808
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 07:47:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8808
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 07:47:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8808
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 07:47:26 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5752
x-amzn-requestid: 622ffff0-1bd5-4eb4-a9ff-eb54c5ae44a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBrqiFiToAMF0tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f310-49efdcc572b4fad3543f857d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VKsU4S6tKOso216JLUWn7b1bKDyfruIVukt98JooNCjwaXDT9bkPYQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:44:02 GMT
age: 36204
etag: "c4d17e3ea44ef6dee9819c1586424e5f056f149c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5752
Md5:    12666d69f9af3ceb23fdfc2100bd3226
Sha1:   c4d17e3ea44ef6dee9819c1586424e5f056f149c
Sha256: 054236a4d1f88a486f48b8f3a8ac01d21ec2179d5b1f3fc9791d0982d07a88a2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 22:14:30 GMT
age: 34376
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8485
Md5:    e407da4d97d497925b1ab523fd416787
Sha1:   166741631fb93d109b18dde6d316b3fa3276aa8f
Sha256: 707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7635
x-amzn-requestid: dbd07cc7-d0f6-4500-83c6-b19fa9fa2e3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xt5xDEfUIAMFYXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f09a0-3771b23118f3711e5caca699;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 07:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ILut4hEDJbs6jNr3wpPST1HgAYMabIT7cdZebRFETn8lL_QfS92KBA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:34 GMT
age: 36412
etag: "ad1d9eee90556a359547dc7cbb6758aee2c804cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7635
Md5:    4ec2646c56c4c522f0744768ad20342b
Sha1:   ad1d9eee90556a359547dc7cbb6758aee2c804cd
Sha256: 0bf9eaa4420bf6290535fd23895c6c723c7de6b849995ba83774532862cfe8b4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13568
x-amzn-requestid: a2fadcbe-350b-4a06-9f9c-ee2da40bb285
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEESeHA_oAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317e742-4740aa3f4ebd479e7a4886ed;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 00:35:14 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jbF2ZaJUhIoJV-o4f6iviFyUnoDW4R0KHTfC5NySmITnsLbD5iJrPQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:11 GMT
age: 36435
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13568
Md5:    8625e0707046e7a3715a8dbb40b1cae2
Sha1:   0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
Sha256: abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f019c6-c6f0-4468-b319-ffe5379d4a42.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10611
x-amzn-requestid: 1492333f-e0ed-4061-8c16-a62e0687b95e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLgc-EBkIAMF27A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ae11f-555b67794d0bdfd3384ebde8;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 06:45:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: gz4lq1qR5Erx6Gfh8Qh4C2RGT4-GLRLZZcMZLAvVztYBgYenM9LIhA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:18 GMT
etag: "22e386713ccb95ca1cf9aa367a5ad02bd1664954"
age: 36428
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10611
Md5:    b290c3f75a769f5cb0f36b5c84436c9b
Sha1:   22e386713ccb95ca1cf9aa367a5ad02bd1664954
Sha256: e311757ae3bc5b821a9c1d4d654250b1ac936228eb4a600aa1e5b391d25adaaf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1ZoYLM2Mj7teQm-1Dz80IZxKGqzuzAoEiT85R3RldbJwO6iJR-JJA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:44:01 GMT
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
age: 36205
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6109
Md5:    8c35b7f5f8e1b0b24570a41b7d18533a
Sha1:   c5b82c9d77851820b8d206573d5c03cd36d27a20
Sha256: bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
                                        
                                            GET /hosted/images/10/56a652960b4e47a2fcd84cd77bd3d1/Group-6890.png HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b
Cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 11 Sep 2022 07:47:26 GMT
content-length: 22343
cf-ray: 748ecb9d4d6d0b45-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "4cddd1a405fcfe2a5b5eeeb50ac6fcff"
last-modified: Tue, 27 Oct 2020 13:36:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=22865
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 350 x 58, 8-bit/color RGBA, non-interlaced\012- data
Size:   22343
Md5:    371b09a6308c1cf5c90fdc625f894471
Sha1:   4326d9e8ab4f0cc68350044d070c4c9f03eebf66
Sha256: 0d8e069d00f8da07dbf10221a46db459be4c7e8edae88446728fe1cf8811b767
                                        
                                            GET /hosted/images/80/33a6d622c245f0be7ce955e69f8b94/jointrestore-gummies.png HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b
Cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 11 Sep 2022 07:47:26 GMT
content-length: 78418
cf-ray: 748ecb9d4d6a0b45-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "391f6e1eb952adcfdd76231a4c0fb0e1"
last-modified: Thu, 12 Nov 2020 06:12:49 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=78566
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 275 x 339, 8-bit/color RGBA, non-interlaced\012- data
Size:   78418
Md5:    6ac43691fbbef0a73508aca781e38145
Sha1:   41b3c98f446e95430fcc62da38cdc7b92409c231
Sha256: 71da7fea00c24cdff5371bdda93015e107a55700efba4cef98d28ee413566824
                                        
                                            GET /hosted/images/0f/dc7ebd7889437e93b4d189b856a842/Screen-Shot-2021-05-19-at-7.50.12-AM.png HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b
Cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 11 Sep 2022 07:47:26 GMT
content-length: 246109
cf-ray: 748ecb9d5d780b45-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "bfce0f070b1cb993f2fac933823896c0"
last-modified: Wed, 19 May 2021 13:50:46 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=249933
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1322 x 1522, 8-bit/color RGB, non-interlaced\012- data
Size:   246109
Md5:    8048cc0d6dbd055f000dce6d9d0d0657
Sha1:   f9a8acff4f374b3aaf19166a6f98ac34c158de7f
Sha256: ad0619a0f61a25a4a8fffd18bc38112fa5a47ac2e73ce618523c336ae2761bd1
                                        
                                            GET /hosted/images/a8/7722bc4d3b48b19638ac52da9e58a9/design-f5b0667e-6ab9-478a-8460-8d665f99455c-1.png HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b
Cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 11 Sep 2022 07:47:26 GMT
content-length: 60796
cf-ray: 748ecb9d4d6e0b45-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "f62bc6fe8d98125d91b9b7aef151a1f8"
last-modified: Mon, 28 Mar 2022 20:03:49 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=61050
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 350 x 447, 8-bit colormap, non-interlaced\012- data
Size:   60796
Md5:    3ba9bbf8b96770b459429940d92d7a79
Sha1:   00acbaaa9078346c74da3cf94d09e2b692bff5ef
Sha256: b1ee42c7737ae65389682b1879a8d2e14b8a1c3574aae0a923ebe1f33c1773ac
                                        
                                            GET /hosted/images/38/1f4ea064214882ad58073240f9cdb6/Screen-Shot-2022-03-22-at-10.16.08-AM.png HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b
Cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 11 Sep 2022 07:47:26 GMT
content-length: 674934
cf-ray: 748ecb9d4d6f0b45-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "b17091089aa100beb2adf1cb4b57087a"
last-modified: Tue, 22 Mar 2022 16:16:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=679821
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 968 x 848, 8-bit/color RGB, non-interlaced\012- data
Size:   674934
Md5:    83fc6873518fe469af1fd3e13bf992c4
Sha1:   a08e1e3a49bf9df824db3ae7f62dc4aece355b93
Sha256: 6b47b4323d80411f07887e2af731d53764f1f86c46a633532463ce735d3edf36
                                        
                                            GET /hosted/images/ed/8afffddd394e8d8023a2236d06f56b/joint-restore-gummies-6-pack.png HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b
Cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 11 Sep 2022 07:47:26 GMT
content-length: 341245
cf-ray: 748ecb9d4d690b45-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "ccd66439e790bb40a687ea93e7563a63"
last-modified: Wed, 11 Nov 2020 12:28:09 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=341393
x-amz-cf-pop: OSL50-C1
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=cTrR44xGiyy5H4YNhmjtLZL42Tr4eRHV4nw6ubBFjiw-1662882446-0-AYUFwagQMD6ap4s6E-w5DC3giqBqj6JIXTCfdqU0sdBD27Pakhk32BuXwfuDa3mkMjJPbjPcQPZug2gawVVXv8IP6LoRErlfKfKmhIY7fMD9"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=cTrR44xGiyy5H4YNhmjtLZL42Tr4eRHV4nw6ubBFjiw-1662882446-0-AYUFwagQMD6ap4s6E-w5DC3giqBqj6JIXTCfdqU0sdBD27Pakhk32BuXwfuDa3mkMjJPbjPcQPZug2gawVVXv8IP6LoRErlfKfKmhIY7fMD9; report-to cf-csp-endpoint
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1018 x 564, 8-bit/color RGBA, non-interlaced\012- data
Size:   341245
Md5:    a2e34c3ae57383e15887e5680d0badff
Sha1:   6e2913e84cd0a3549e044c545b93524550e1f170
Sha256: 6ef63fae9358d66f9130a085044c84f1ec67ede5a7efe5fa32a36894912f92fd
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2802
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 07:47:27 GMT
Last-Modified: Sun, 11 Sep 2022 07:00:46 GMT
Server: ECS (amb/6BBD)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5421
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 07:47:27 GMT
Last-Modified: Sun, 11 Sep 2022 06:17:06 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/up.js?um=1 HTTP/1.1 
Host: cdn01.basis.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.79.212.177
HTTP/2 200 OK
content-type: application/javascript
                                        
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
server: AC1.1
x-llid: 9c4bf4a040d787b76af37f00d11203ac
age: 431259
date: Sun, 11 Sep 2022 07:47:27 GMT
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
content-length: 1550
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3275)
Size:   1550
Md5:    745340d954663bbef59f3e65c8aa728b
Sha1:   0af5bfef26b3eeec2000086014638c4d11821220
Sha256: 71bfd4fead77b57be5c1ffa6a3c49e4c5defba58cbcabf255a1757a4579c53e6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 07:47:27 GMT
Last-Modified: Sun, 11 Sep 2022 07:42:58 GMT
Server: ECS (dcb/7F80)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9ZPWZ116DvP_xkolFjd26DROse6HnXfw4arHSvWDj9P0WM0iTxgeeA==
Age: 269

                                        
                                            GET /tracking/prosperwellness_lander.js HTTP/1.1 
Host: cdn1.lockerdomecdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.26
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 733
last-modified: Fri, 21 May 2021 18:48:24 GMT
x-amz-version-id: IXK4sDg7IhH.._0LH9j...5boykFnEd9
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 17:15:09 GMT
etag: "ded6fc3d3fa4c08bd8c3184513a12513"
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KfP4GAPlU48FAQx-IYWg4pos79zk18VuyG0Nx3V_Or9DqnyEZ4-fVQ==
age: 52339
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   733
Md5:    ded6fc3d3fa4c08bd8c3184513a12513
Sha1:   aac0d0a584bef69586142ff02496d06bc641494f
Sha256: aba9ceb251ecd2af35adf37daa0a2d64760fd399c91c2c332cc30f7d315c3650
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /hosted/images/b6/4851f3c59f469bb592ce71c9c00b4c/hero-background.jpg HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b
Cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 11 Sep 2022 07:47:27 GMT
content-length: 17918
cf-ray: 748ecb9f2f190b45-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "2607b786029ba4eeec16a43b4bf8ea3c"
last-modified: Tue, 10 Nov 2020 07:02:09 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x816, components 3\012- data
Size:   17918
Md5:    2607b786029ba4eeec16a43b4bf8ea3c
Sha1:   eb2cb30099d29811b1f03ee9959a8f025a1a82a6
Sha256: e3430fb01b0a96fa0c9a1a3619135ed8666f60eb36da4d70bd212717d72b163d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /hosted/images/55/7d443214c54c46999cd7600e665dac/top-header-bg.jpg HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b
Cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 11 Sep 2022 07:47:27 GMT
content-length: 2747
cf-ray: 748ecb9f1f130b45-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "d016079a401645969522294fd89712cf"
last-modified: Tue, 10 Nov 2020 05:45:25 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x108, components 1\012- data
Size:   2747
Md5:    d016079a401645969522294fd89712cf
Sha1:   6a8ff7bf7514b355d7aafd404987018c218416e1
Sha256: 536dd1c2b04b2009bf25904cfb7725c846ff4f85328d09d8a77f24f350e330fd
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtm.js?id=GTM-M7VBKSB HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 11 Sep 2022 07:47:27 GMT
expires: Sun, 11 Sep 2022 07:47:27 GMT
cache-control: private, max-age=900
last-modified: Sun, 11 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37051
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1615)
Size:   37051
Md5:    9198935cefadf810926fb1b090429473
Sha1:   5950a3e842fdb5ccfa8ae6784e3130d3d47ee4b4
Sha256: e4a59ccc04a874d1e126dd5369356f44879046c3fbf7b25a61ebc7f84ef2f966
                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:10:21 GMT
expires: Wed, 06 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 398226
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 303199
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 07:47:27 GMT
Server: ECS (dcb/7EA7)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 31VOZzecnIfdDJ8XckvLwjcDliXtTtz7bY2pituqM8_-OkxnCxsJmQ==

                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 22:17:40 GMT
expires: Wed, 06 Sep 2023 22:17:40 GMT
cache-control: public, max-age=31536000
age: 379787
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Size:   15660
Md5:    d7b0b953a50fddaa88089b5b787cf719
Sha1:   2f85bc568b27659a3d6452f58f9fd7678450326d
Sha256: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
                                        
                                            GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 16:04:44 GMT
expires: Sat, 09 Sep 2023 16:04:44 GMT
cache-control: public, max-age=31536000
age: 142963
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Size:   15700
Md5:    3d7f7413fca69bff4d231ebdc50aaab0
Sha1:   cb18e7943b6a8a0e3672d7242197c19a226b92e8
Sha256: 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 303199
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /assets/pushcrew.js HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b
Cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Sun, 11 Sep 2022 07:47:26 GMT
cf-ray: 748ecb9d6d880b45-OSL
access-control-allow-origin: *
age: 833
cache-control: public, max-age=1200
etag: W/"630e9cfb-27d"
expires: Sun, 11 Sep 2022 08:07:26 GMT
last-modified: Tue, 30 Aug 2022 23:27:55 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (637), with no line terminators
Size:   819
Md5:    d57fce0bffe579c9d154bbbb7c83634c
Sha1:   ca0d7ab85df880628be5229cbdcdcd4a3814be7e
Sha256: bb71ea47c40603b7320e7a3d2572ea6add492cfcf806fe6cf73f4954a63580da
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:27 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 15 Sep 2022 05:44:04 GMT
ETag: "6bc3035db4640d3166459b6e537d06a5026cca23"
Last-Modified: Sun, 11 Sep 2022 05:44:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3288
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748ecba0ff67fac4-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    254ba212e49ca5653cb19db1d312e1dd
Sha1:   6bc3035db4640d3166459b6e537d06a5026cca23
Sha256: e55dc86a77a8b9e3e99cce58d14fd1c893b1d6ecebb51d0861332455c0df85e0
                                        
                                            GET /tags/7D22114E-F0D5-FF42-AC61-EED931FFF4E1/btp.js HTTP/1.1 
Host: www.rtb123.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         67.225.220.126
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
last-modified: Thu, 01 Aug 2019 19:17:17 GMT
accept-ranges: bytes
etag: "bd3d9ebb9d48d51:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
access-control-allow-origin: *
date: Sun, 11 Sep 2022 07:47:26 GMT
content-length: 60
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   60
Md5:    d7ccb5dc7f9d9fcf48ca4602cc089ea9
Sha1:   4ee87a669ab38ab3cab7bbd7384527ed7c769c8d
Sha256: ca07fa3313b5e3a483c08d111fdb61b9d2f9bb49203ca8d865d3d20beaba10ca
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 07:47:28 GMT
Last-Modified: Sun, 11 Sep 2022 06:05:32 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9gDYSSpzh8NfIoQUEhs6KZtD8CNlmjjGPaI9hhONA2m1ZPYzblKMOw==
Age: 6116

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5729
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 07:47:28 GMT
Last-Modified: Sun, 11 Sep 2022 06:11:59 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /jsstore/a/150HK5G/ge.js HTTP/1.1 
Host: s3-us-west-2.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.218.133.32
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: BWgQw5lRWd47s0YsY/5NpNIcQh/oAA2+PURe74Fk7pkX1EW8jsyRRHR7bMCZMtGjng/R0P3twOI=
x-amz-request-id: FY1QB7X1GN8S7Y19
Date: Sun, 11 Sep 2022 07:47:29 GMT
Last-Modified: Mon, 08 Nov 2021 15:43:30 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 0

                                        
                                            GET /userevents/?funnel_id=TElkS3JqOEFLK0pQbWE4Y2o2N1VMdz09LS1HeDdWWGhsMENhR3NuV3A0UUJScjB3PT0%3D--25b3f14b59c0a4ebf233df1051e643b099c99064&page_id=OFZLRHN6VThYSTJBL0ljVjJOUFhTQT09LS1vNXBod29IYXJMVUtORjlWOUZnL29BPT0%3D--473d908eadcd5754b7b0a7346a64d6ae0d7230a2&funnel_step_id=eHhxRmlHbktIdE9LaytNMmUxMkNMZz09LS1sNC93VS9jTmlseXZ4T3BBSFZmSk93PT0%3D--60f422a8b59d367481a02f0964fd9f75f0d8e846&user_id=bEdlbmtISUdFRHlsOEJrbkI5YUdvQT09LS05b09Fd1pLMXRMc0RzSnpFejgzMTh3PT0%3D--6c49863247a307d87ae8850451c8fd226e3337cc&account_id=QUFmR1RUR3lHR3hpckNyOVFiczJ2QT09LS1NUnVXdXFWeHRBdHVyOHQ1QTlWTkJBPT0%3D--3271da99afa4133fa808d61fc908121e9621d131&page_code=NTQ0NDAwNDc%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=102273687711152a844ec99801119b&aff_sub3=&aff_sub=1143&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=c285b4b2-b0da-4f55-bf42-d7c8aee1b149&url=https%3A%2F%2Frenewyourknees.com%2Fvsl1651652599068bb%3Faff_sub%3D1143%26aff_sub2%3D102273687711152a844ec99801119b%26affiliate_id%3D%26click_id%3D6738_sessid20220911074721711%26cookiepreview%3Dfalse%26fix%3D186%26ho_aff_id%3D1143%26noautoplay%3Dfalse%26nopopup%3Dfalse%26trans_id%3D102273687711152a844ec99801119b HTTP/1.1 
Host: app.clickfunnels.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.14.194
HTTP/2 202 Accepted
content-type: text/html
                                        
date: Sun, 11 Sep 2022 07:47:27 GMT
cf-ray: 748ecba1fd05b518-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 178cf10ed6a1811dc9629fa62707a3c7
x-runtime: 0.034289
set-cookie: __cf_bm=UFyq0H211WcHvwVJerASS9KFYOPvHMyCeaDFMVadtKM-1662882447-0-AYdOIZHmvaylaSsHUojJRjbAyjg/Bl+LzCP2FnWboo+hL1DkWKqvsm4O5ue5PUTamjJXXXXxFYDIXt7J5eZHd8Iu5aEL3K1SzfBnz6hmaAy4; path=/; expires=Sun, 11-Sep-22 08:17:27 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

                                        
                                            GET /dmp/asyncPixelSync?cookieQ=1 HTTP/1.1 
Host: pixel.sitescout.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://renewyourknees.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         66.155.71.25
HTTP/2 204 No Content
                                        
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Sun, 11 Sep 2022 07:47:28 GMT
server: AC1.1
X-Firefox-Spdy: h2

                                        
                                            GET /up/48a921ade243f6f2?cntr_url=https%3A%2F%2Frenewyourknees.com%2Fvsl1651652599068bb%3Faff_sub%3D1143%26aff_sub2%3D102273687711152a844ec99801119b%26affiliate_id%3D%26click_id%3D6738_sessid20220911074721711%26cookiepreview%3Dfalse%26fix%3D186%26ho_aff_id%3D1143%26noautoplay%3Dfalse%26nopopup%3Dfalse%26trans_id%3D102273687711152a844ec99801119b HTTP/1.1 
Host: pixel.sitescout.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         66.155.71.25
HTTP/2 302 Found
                                        
set-cookie: ssi=0e0c2aab-85dd-4fa6-b554-6164f292e006#1662882448540; Domain=.sitescout.com; Expires=Mon, 11-Sep-2023 07:47:28 GMT; Path=/; Secure; SameSite=None
location: https://pixel.sitescout.com/up/48a921ade243f6f2?cookieQ=1&cntr_url=https%3A%2F%2Frenewyourknees.com%2Fvsl1651652599068bb%3Faff_sub%3D1143%26aff_sub2%3D102273687711152a844ec99801119b%26affiliate_id%3D%26click_id%3D6738_sessid20220911074721711%26cookiepreview%3Dfalse%26fix%3D186%26ho_aff_id%3D1143%26noautoplay%3Dfalse%26nopopup%3Dfalse%26trans_id%3D102273687711152a844ec99801119b
content-length: 0
date: Sun, 11 Sep 2022 07:47:27 GMT
server: AC1.1
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6348
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 07:47:28 GMT
Last-Modified: Sun, 11 Sep 2022 06:01:40 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /cp/obtp.js HTTP/1.1 
Host: amplify.outbrain.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         2.18.72.171
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Accept-Ranges: bytes
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sun, 11 Sep 2022 08:07:28 GMT
Date: Sun, 11 Sep 2022 07:47:28 GMT
Content-Length: 3249
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (8072), with no line terminators
Size:   3249
Md5:    9b19340ef7db3cbb26aa923adb8dbe6e
Sha1:   082e699bca6e80ca6c72a43f2894f4a32e785e26
Sha256: c042b8b199b2c08fa66f90753998544860e3f64c3a1f47754a66970b3b8c5b2a
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.239.36.178
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sun, 11 Sep 2022 06:41:12 GMT
expires: Sun, 11 Sep 2022 08:41:12 GMT
cache-control: public, max-age=7200
age: 3976
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4324
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 07:47:28 GMT
Last-Modified: Sun, 11 Sep 2022 06:35:24 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: LA2+oG+n6+4j8n43lYfjz/MseQ+qzoWJmtOvlk0j6SfYnhZj82kkYSqfQRkcVrjFrFG7w6CX3F89CqNXIQ4AmA==
priority: u=3,i
content-length: 26737
x-fb-trip-id: 1679558926
date: Sun, 11 Sep 2022 07:47:28 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26737
Md5:    8e7e24fb3539746aa8b869558f589615
Sha1:   d8086d86bbd5cfacc3b6a5ef14aa917830e137dd
Sha256: 7304497ee417a664bdea67d7307ca36a36013556b927c3ea5bca6c04b66236ef
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6348
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 07:47:28 GMT
Last-Modified: Sun, 11 Sep 2022 06:01:40 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/uploads/2018/06/2018-06-08_0911.png HTTP/1.1 
Host: www.prosperwellness.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.144.251
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 11 Sep 2022 07:47:28 GMT
content-length: 88111
last-modified: Fri, 08 Jun 2018 15:12:16 GMT
etag: "1582f-56e22d345470a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1ROUQ7rxIuOGopVw667Xc6VL%2B5byVsNRcT62eIs7k6n%2F0et2AKkjZSL45OM%2Fb1nijLVjwWqJm1jjIhj7MC3o74AB%2BKO4hyjVm%2B%2FvgnWmzWvvWpkGrdC56gmgrxD3nWkczRjZ4OQk6M5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ecba799b0b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1518 x 1496, 8-bit/color RGBA, non-interlaced\012- data
Size:   88111
Md5:    e57817426681b6646dcfe95823f7f8c6
Sha1:   6d396e821718c0aedb62e2cc6ebf0669de500d3b
Sha256: dbe8a2099e602f4f0055133f84e970ef2d01f5ff33428d575aeebc697f27575a
                                        
                                            GET /embeds/Gzq_USs6/pBrrlABfvNSTASm0/loader.min.js HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 11 Sep 2022 07:47:28 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycduk5u183fvFhFAo-NNkh6O0NCyvrvU73Ab_nRALJzXr4xRM_6QUMGBLAmZo9lSpDKjaAz2phZGkKZRse_2CTyMefnmzfglf
cache-control: public, max-age=300, s-maxage=2592000
etag: "4531414b85a3c054437c2c3d1d2d5f5d"
x-goog-generation: 1660889797497485
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 9740
x-goog-hash: crc32c=UGf3Sg==, md5=RTFBS4WjwFRDfCw9HS1fXQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-hw, server
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Fri, 19 Aug 2022 06:16:37 GMT
content-encoding: gzip
x-hw: 1662882447.cds243.sk1.hn,1662882447.cds243.sk1.hc,1662882447.cds207.sk1.sr,1662882448.dop215.la3.r,1662882448.cds247.la3.c,1662882448.cds207.sk1.e,1662882448.cds243.sk1.sl
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   11113
Md5:    ff0abba0a2eb5eff12b0b7f9a842e190
Sha1:   fe698b5bf5da3a8b0cc0708aaef53bad67028480
Sha256: 6f68bc7dae3e56fd9e9e8ffd56919f64b4b0c1395ddec758213a35ef33d2144c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 386
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 07:47:29 GMT
Last-Modified: Sun, 11 Sep 2022 07:41:03 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.0.157
HTTP/2 200 OK
                                        
date: Sun, 11 Sep 2022 07:47:28 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=P80xvV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVpeU9UQ0RXNkhXQmdKVG9UJTJCdXl4b1ByNXlZcm1rSmFJd1NOSHd2enpqbg; expires=Fri, 06 Oct 2023 07:47:29 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 213003
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5139
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 07:47:29 GMT
Last-Modified: Sun, 11 Sep 2022 06:21:50 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5176
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 07:47:29 GMT
Last-Modified: Sun, 11 Sep 2022 06:21:14 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6446
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 07:47:29 GMT
Last-Modified: Sun, 11 Sep 2022 06:00:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3166
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 07:47:29 GMT
Last-Modified: Sun, 11 Sep 2022 06:54:43 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /syncframe?topUrl=renewyourknees.com&origin=onetag HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         178.250.0.157
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Sun, 11 Sep 2022 07:47:28 GMT
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=eaad78e7-5c91-4e75-938b-bd32f202e2c6; expires=Fri, 06 Oct 2023 07:47:28 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 620106
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13316)
Size:   5041
Md5:    3bc20b1892b9e8fa58094c2e5ca3b838
Sha1:   b74ca5dd276cf9a749b1ed14c36aa7fe3455c361
Sha256: 55e71ded9e794b9e3f91752e6ec691b08118cb125f2813baf6b1c9b61a520123
                                        
                                            GET /embeds/Gzq_USs6/pBrrlABfvNSTASm0/player-dash-mse.min.js HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 11 Sep 2022 07:47:28 GMT
last-modified: Fri, 19 Aug 2022 06:16:38 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdskullhLn1JCbC7olTie18OUt0P5S4VRTm__5R9rNirHwn9qSKBeXhyJefp6BQ4YqlDq6vypd4F5-GSA2qWfZNzbpN6suH-
cache-control: public, max-age=300, s-maxage=2592000
etag: "59f046391fc67d18cca2ce7b6a3f30fb"
x-goog-generation: 1660889798096449
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 494001
x-goog-hash: crc32c=B5jxlw==, md5=WfBGOR/GfRjMos57aj8w+w==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-hw, server
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: gzip
x-hw: 1662882448.cds241.sk1.hn,1662882448.cds241.sk1.hc,1662882448.cds226.sk1.c,1662882448.cds241.sk1.sl
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65399)
Size:   574356
Md5:    e55c6f61dbc9746d63f44d7d641a2346
Sha1:   3c9ef394c3330189555dd5e40a0589f5a3d37143
Sha256: 6b5a56cf8d14393d4d2eb10cf3f481f317df5701ce7aaad76dbce913cdde9415
                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/stream.mpd HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: application/dash+xml
                                        
date: Sun, 11 Sep 2022 07:47:29 GMT
last-modified: Mon, 11 Apr 2022 18:52:17 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdsWUbyJLd0upcvP7DWcCN-yNgmVtiOxQvXk9RFwNZNLGA8omrbDn2uZlqd4dOiQPGRqUG1sPMCskkJXPrvmI0_ZtZMAYbNS
cache-control: public, max-age=31104000
etag: "814f641dd619cf540cb27f001ce4bc38"
x-goog-generation: 1649703137121846
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5842
x-goog-hash: crc32c=2Ike4A==, md5=gU9kHdYZz1QMsn8AHOS8OA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-hw, server
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5842
x-hw: 1662882449.cds241.sk1.hn,1662882449.cds241.sk1.hc,1662882449.cds065.sk1.c,1662882449.cds241.sk1.sl
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   91728
Md5:    8fb5b419072cf7953371598edc617a9d
Sha1:   5d368bc0d1edd52c64add989b390859515c16c75
Sha256: d80856def1b06b60547fed681005a5653ebd25e509ac394042167987f81cccbd
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sun, 11 Sep 2022 07:47:29 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 10 Sep 2022 21:19:39 GMT
Expires: Sun, 11 Sep 2022 21:19:39 GMT
ETag: "983e9483ab0c7742b1331a273bf0cdd0ca3d28aa"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    809e1ab973c5e2ab1ac54bdb7f0fc29a
Sha1:   983e9483ab0c7742b1331a273bf0cdd0ca3d28aa
Sha256: 2027808f270e6b3ed39a80afed6f1a89c086cd26067c5dac8bc40b41884bf94e
                                        
                                            POST /licensing HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 105
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.27.197
HTTP/2 200 OK
content-type: application/json
                                        
server: v1.53.0
date: Sun, 11 Sep 2022 07:47:29 GMT
content-length: 117
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   117
Md5:    f90d2c53623621471228392bf3047e2a
Sha1:   b9f0bb5e8fd5fd97cb47a25edb9b6950ad51627e
Sha256: 5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
                                        
                                            POST /licensing HTTP/1.1 
Host: licensing.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 149
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.227.229.24
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
date: Sun, 11 Sep 2022 07:47:29 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   165
Md5:    bad32d07dc1ad9e3d334785067afbf34
Sha1:   653f8f612c6646daae0122b3b27e2c11486f86a4
Sha256: 41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/webm/video/1920x1080_vp9_1500000/init.mp4 HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: video/mp4
                                        
date: Sun, 11 Sep 2022 07:47:29 GMT
last-modified: Mon, 11 Apr 2022 18:42:18 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdvTy-zEfJRjpLOMjzsG7rAH84CHzH8zwEK6tLcXGr_HXREms6a9N6LjM1aKRd9iGYOCirygyoXRTIXhc75sPd0hlcHc4sxo
cache-control: public, max-age=31104000
etag: "a3725d50570be6b4e9e147c686fc217d"
x-goog-generation: 1649702538790434
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 459
x-goog-hash: crc32c=i1gvzQ==, md5=o3JdUFcL5rTp4UfGhvwhfQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-hw, server
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 459
x-hw: 1662882449.cds241.sk1.hn,1662882449.cds241.sk1.hc,1662882449.cds208.sk1.c,1662882449.cds241.sk1.sl
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  WebM\012- EBML file, creator webmB\20\012- data
Size:   459
Md5:    a3725d50570be6b4e9e147c686fc217d
Sha1:   869a8d730a5e1a5fc6238ac603063a744af62107
Sha256: 830343d1d63d4cdd5272bded3870fa1f4f8a2093335f2a295b94b43d3f5e3468
                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1253
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.0
date: Sun, 11 Sep 2022 07:47:29 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sun, 11 Sep 2022 07:47:29 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 10 Sep 2022 21:19:39 GMT
Expires: Sun, 11 Sep 2022 21:19:39 GMT
ETag: "983e9483ab0c7742b1331a273bf0cdd0ca3d28aa"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    809e1ab973c5e2ab1ac54bdb7f0fc29a
Sha1:   983e9483ab0c7742b1331a273bf0cdd0ca3d28aa
Sha256: 2027808f270e6b3ed39a80afed6f1a89c086cd26067c5dac8bc40b41884bf94e
                                        
                                            GET /tr/?id=228562807555133&ev=PageView&dl=https%3A%2F%2Frenewyourknees.com%2Fvsl1651652599068bb%3Faff_sub%3D1143%26aff_sub2%3D102273687711152a844ec99801119b%26affiliate_id%3D%26click_id%3D6738_sessid20220911074721711%26cookiepreview%3Dfalse%26fix%3D186%26ho_aff_id%3D1143%26noautoplay%3Dfalse%26nopopup%3Dfalse%26trans_id%3D102273687711152a844ec99801119b&rl=&if=false&ts=1662882439077&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662882439076.1601202366&it=1662882438049&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 11 Sep 2022 07:47:30 GMT
expires: Sun, 11 Sep 2022 07:47:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   44
Md5:    b798f4ce7359fd815df4bdf76503b295
Sha1:   f8cc6addf1707ad236ad9970b0a48f9733d07da5
Sha256: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
                                        
                                            GET /event?a=68378&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=hK9xxV9UNnVUVHVlQWw1RVJRTXhQN1JEMzY5SW9xJTJCU1dmNGsyVTVQN3NOdUVXOFRpWUtZTm93ayUyQmNieEYwYk1sdHZ3aVpKSTIzYVpsWWlWMUJiUHdHVkRDSnVxeiUyQjdNM2o5OGlodDUyUjZDWEZCcGlGUG45eENLeHhOaGthNFl2Wk1rNUtXbUJNNjgxMEh0bjY0ZE1zbkdPTHclM0QlM0Q&tld=renewyourknees.com&fu=https%253A%252F%252Frenewyourknees.com%252Fvsl1651652599068bb%253Faff_sub%253D1143%2526aff_sub2%253D102273687711152a844ec99801119b%2526affiliate_id%253D%2526click_id%253D6738_sessid20220911074721711%2526cookiepreview%253Dfalse%2526fix%253D186%2526ho_aff_id%253D1143%2526noautoplay%253Dfalse%2526nopopup%253Dfalse%2526trans_id%253D102273687711152a844ec99801119b&dtycbr=72540 HTTP/1.1 
Host: sslwidget.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.2.151
HTTP/2 302 Found
                                        
date: Sun, 11 Sep 2022 07:47:29 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.us.criteo.com/event?a=68378&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=hK9xxV9UNnVUVHVlQWw1RVJRTXhQN1JEMzY5SW9xJTJCU1dmNGsyVTVQN3NOdUVXOFRpWUtZTm93ayUyQmNieEYwYk1sdHZ3aVpKSTIzYVpsWWlWMUJiUHdHVkRDSnVxeiUyQjdNM2o5OGlodDUyUjZDWEZCcGlGUG45eENLeHhOaGthNFl2Wk1rNUtXbUJNNjgxMEh0bjY0ZE1zbkdPTHclM0QlM0Q&tld=renewyourknees.com&fu=https%253A%252F%252Frenewyourknees.com%252Fvsl1651652599068bb%253Faff_sub%253D1143%2526aff_sub2%253D102273687711152a844ec99801119b%2526affiliate_id%253D%2526click_id%253D6738_sessid20220911074721711%2526cookiepreview%253Dfalse%2526fix%253D186%2526ho_aff_id%253D1143%2526noautoplay%253Dfalse%2526nopopup%253Dfalse%2526trans_id%253D102273687711152a844ec99801119b&dtycbr=72540
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 8794304
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            GET /awesome-log?cid=Gzq_USs6 HTTP/1.1 
Host: stats.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.107.158.93
HTTP/2 200 OK
content-type: image/gif
                                        
server: istio-envoy
date: Sun, 11 Sep 2022 07:47:30 GMT
content-length: 43
cache-control: no-cache, public, max-age=2592000
etag: "Gzq_USs6/NEfuDSDDIBKUHBSq"
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
x-envoy-upstream-service-time: 699
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    57f187c7a868faeac558007a8eb6cb2e
Sha1:   11ab10ab109fdb53d91d444ac781101f5a6360c6
Sha256: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:30 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 13:41:36 GMT
Expires: Wed, 14 Sep 2022 13:41:35 GMT
Etag: "31997bc2337ea2ac58e23fb644dc4161b5bb2a3a"
Cache-Control: max-age=279844,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 748ecbb27bd1b51e-OSL

                                        
                                            POST /scribe HTTP/1.1 
Host: stats.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 578
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.107.158.93
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-methods: POST,OPTIONS
date: Sun, 11 Sep 2022 07:47:30 GMT
content-length: 16
x-envoy-upstream-service-time: 4
server: istio-envoy
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   85884
Md5:    672a4f12dd595f716a38c7303eb76a7f
Sha1:   148777515192c9aba7327143bfe4978510b87ab4
Sha256: c4ac651e4009f2596afc97d29be1c150ee69b9a31effde93094dde68b201bbb6
                                        
                                            POST /scribe HTTP/1.1 
Host: stats.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 711
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.107.158.93
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-methods: POST,OPTIONS
date: Sun, 11 Sep 2022 07:47:30 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   16
Md5:    a1cbd35d4488ac8cc6f959d4c633dc37
Sha1:   11844023759429ec785ae1c18e6a9c69803ee2bd
Sha256: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-66238646-1&cid=1890434632.1662882438&jid=1511781681&gjid=1394844882&_gid=342626827.1662882438&_u=IEBAAEAAAAAAAC~&z=782561315 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.251.1.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://renewyourknees.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 11 Sep 2022 07:47:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /newidsd HTTP/1.1 
Host: ag.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         185.235.84.120
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sun, 11 Sep 2022 07:47:28 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 124965
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            GET /images/closemodal.png HTTP/1.1 
Host: www.clickfunnels.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.14.194
HTTP/2 200 OK
content-type: image/webp
                                        
date: Sun, 11 Sep 2022 07:47:27 GMT
cf-ray: 748ecb9e4939b518-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 225999
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "630e9cfc-314"
expires: Wed, 12 Oct 2022 07:47:27 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
set-cookie: __cf_bm=maKJriqEPKjG8v0iwUCI2oiU3VQLeFE49fpginzWefQ-1662882447-0-AYALW+TZYi9rZE8mrJHNWOjBVrWuZCe2mScyQFhYAuA9KPaKByKwEQp4YFhR7z+wV38ittG0oZzNz7dRpacmpVf+m5e/I8n4OJBDJEKIX4XT; path=/; expires=Sun, 11-Sep-22 08:17:27 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   86548
Md5:    2aeff1b12e97c51ed8e1a85e17d4b466
Sha1:   6b3c43cd2a8ea3c6e9b8ba5377ef1d81988290e7
Sha256: 0b821decf0967fbacf2787cd120a99da57c54b14720f67bf54bd346a11fbf65d
                                        
                                            GET /event?a=68378&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=hK9xxV9UNnVUVHVlQWw1RVJRTXhQN1JEMzY5SW9xJTJCU1dmNGsyVTVQN3NOdUVXOFRpWUtZTm93ayUyQmNieEYwYk1sdHZ3aVpKSTIzYVpsWWlWMUJiUHdHVkRDSnVxeiUyQjdNM2o5OGlodDUyUjZDWEZCcGlGUG45eENLeHhOaGthNFl2Wk1rNUtXbUJNNjgxMEh0bjY0ZE1zbkdPTHclM0QlM0Q&tld=renewyourknees.com&fu=https%253A%252F%252Frenewyourknees.com%252Fvsl1651652599068bb%253Faff_sub%253D1143%2526aff_sub2%253D102273687711152a844ec99801119b%2526affiliate_id%253D%2526click_id%253D6738_sessid20220911074721711%2526cookiepreview%253Dfalse%2526fix%253D186%2526ho_aff_id%253D1143%2526noautoplay%253Dfalse%2526nopopup%253Dfalse%2526trans_id%253D102273687711152a844ec99801119b&dtycbr=72540 HTTP/1.1 
Host: widget.us.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://renewyourknees.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         74.119.119.150
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Sun, 11 Sep 2022 07:47:30 GMT
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 15408376
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3737
Md5:    f4e7e92a11a5a84f01ef00e4289b3697
Sha1:   bcf5cdc92dcaf99a69600922b3a858172b243aa8
Sha256: d273034cc2405738715e91563cf59557b8020d9b5fb33588f9aba5db92f05a3b
                                        
                                            GET /css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,400;1,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 07:47:27 GMT
date: Sun, 11 Sep 2022 07:47:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1311
Md5:    c066ac70f299b9bc97757bae804f0d74
Sha1:   3537b607fb9273b51fd34d3ed8d51414a186ecd6
Sha256: 9809c6b53065a83f5820f27d15769d53971e5dadfdbca22cfa02c61fdadf68c1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-66238646-1&cid=1890434632.1662882438&jid=1511781681&_u=IEBAAEAAAAAAAC~&z=818264307 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 07:47:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-66238646-1&cid=1890434632.1662882438&jid=1511781681&_u=IEBAAEAAAAAAAC~&z=818264307 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 07:47:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 07:47:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/webm/video/1920x1080_vp9_1500000/s_0.webm HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: video/mp4
                                        
date: Sun, 11 Sep 2022 07:47:30 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdvFUk3dfLMf5gl5fu9fLpsNt6f7L5PAUlte0qHLw-B1WY5hffK6sMOftZial-7woUFS6NizGiNGLxAz9tzmooxjfw
cache-control: public, max-age=31104000
etag: "3aed4d4dfbfafb94c8b7f604debdde09"
x-goog-generation: 1649702538998897
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 771696
x-goog-hash: crc32c=zg1RTw==, md5=Ou1NTfv6+5TIt/YE3r3eCQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-hw, server
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Mon, 11 Apr 2022 18:42:19 GMT
content-length: 771696
x-hw: 1662882449.cds241.sk1.hn,1662882449.cds241.sk1.hc,1662882449.cds202.sk1.s,1662882450.dop207.la3.r,1662882450.cds232.la3.c,1662882450.cds202.sk1.p,1662882451.cds241.sk1.sl
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   771696
Md5:    3aed4d4dfbfafb94c8b7f604debdde09
Sha1:   7f41a42da1c3ebb56759f73c38e235f1b2f19b14
Sha256: 57c08776588a9bfb1136670e9978ee996989447a0fbacc3cc10082e7d7e6ceaa
                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/webm/video/1920x1080_vp9_1500000/s_1.webm HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: video/mp4
                                        
date: Sun, 11 Sep 2022 07:47:31 GMT
last-modified: Mon, 11 Apr 2022 18:42:16 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycduCc5254e5P9xk-uYYwcB4GVZ5EeO8J9Gug2_yZwyCXl5qgQSIpb4i3POxAYsfuy6OWLM2cKQiz7zri5c8qOiJMsg
cache-control: public, max-age=31104000
etag: "a11558ba4743166ca45739c6e13291e1"
x-goog-generation: 1649702536148023
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 733510
x-goog-hash: crc32c=DJTVMw==, md5=oRVYukdDFmykVznG4TKR4Q==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-hw, server
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 733510
x-hw: 1662882451.cds241.sk1.hn,1662882451.cds241.sk1.hc,1662882451.cds017.sk1.c,1662882451.cds241.sk1.sl
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   733510
Md5:    a11558ba4743166ca45739c6e13291e1
Sha1:   3415369fc1f4b4e37fc12b29edda60035a0ee2c2
Sha256: 20ddfe88b7dbd1bced84e1bfc4d9e88958c903a223765b31ea925fc2b2def7d3
                                        
                                            POST /impression HTTP/1.1 
Host: licensing.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 114
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.227.229.24
HTTP/2 204 No Content
content-type: application/json
                                        
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
date: Sun, 11 Sep 2022 07:47:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/webm/video/1920x1080_vp9_1500000/s_2.webm HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: video/mp4
                                        
date: Sun, 11 Sep 2022 07:47:31 GMT
last-modified: Mon, 11 Apr 2022 18:42:20 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdt9PqWY65ZN-Z8NqmIYm8XjJOCYHFAZF_jS6DVFVGd03DEWwKtGoa8V2MVPSB1A3QWCpA78x79DoeLLH1WGfMAnTC3kzc-7
cache-control: public, max-age=31104000
etag: "a0125b1b78f6514b7b938b75f9798a56"
x-goog-generation: 1649702540391015
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 920865
x-goog-hash: crc32c=91vyJw==, md5=oBJbG3j2UUt7k4t1+XmKVg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-hw, server
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 920865
x-hw: 1662882451.cds241.sk1.hn,1662882451.cds241.sk1.hc,1662882451.cds251.sk1.c,1662882451.cds241.sk1.sl
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   920865
Md5:    a0125b1b78f6514b7b938b75f9798a56
Sha1:   f441aa5eb831ae63b7070849c796c9c319725629
Sha256: 277c7a6fbb661a151cc0f4d93e68d21c25ab0d7a57321ecd3c6c50ab48391204
                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1853
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.0
date: Sun, 11 Sep 2022 07:47:31 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1825
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.0
date: Sun, 11 Sep 2022 07:47:32 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1815
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.0
date: Sun, 11 Sep 2022 07:47:31 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1867
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.0
date: Sun, 11 Sep 2022 07:47:32 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1828
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.0
date: Sun, 11 Sep 2022 07:47:32 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            GET /js/ld/ld.js HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.2.130
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 07:47:28 GMT
last-modified: Wed, 29 Jun 2022 07:49:23 GMT
etag: W/"62bc0403-a792"
expires: Mon, 12 Sep 2022 07:47:28 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /cdn-cgi/rum? HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 430
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b
Cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ; cf:aff_sub2=102273687711152a844ec99801119b; cf:aff_sub3=; cf:aff_sub=1143; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ0NDAwNDc=:visited=true; cf:visitor_id=832ea873-5333-4b13-9568-e8191d2f41ee; aff_sub=1143; aff_sub2=102273687711152a844ec99801119b; affiliate_id=; click_id=6738_sessid20220911074721711; cookiepreview=false; fix=186; ho_aff_id=1143; noautoplay=false; nopopup=false; trans_id=102273687711152a844ec99801119b; addevent_track_cookie=bb09dbb8-a3c0-4eb5-54d7-cadbdd6478bf; _ga=GA1.2.1890434632.1662882438; _gid=GA1.2.342626827.1662882438; _gat=1; bitmovin_analytics_uuid=ac194f20-5f57-49b6-a465-adb5065ce35d; _jsuid=2269054571; _no_tracky_101126271=1; outbrain_cid_fetch=true; _fbp=fb.1.1662882439076.1601202366; cto_bundle=hK9xxV9UNnVUVHVlQWw1RVJRTXhQN1JEMzY5SW9xJTJCU1dmNGsyVTVQN3NOdUVXOFRpWUtZTm93ayUyQmNieEYwYk1sdHZ3aVpKSTIzYVpsWWlWMUJiUHdHVkRDSnVxeiUyQjdNM2o5OGlodDUyUjZDWEZCcGlGUG45eENLeHhOaGthNFl2Wk1rNUtXbUJNNjgxMEh0bjY0ZE1zbkdPTHclM0QlM0Q
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: text/plain
                                        
date: Sun, 11 Sep 2022 07:47:33 GMT
access-control-allow-origin: https://renewyourknees.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 748ecbc34be10b45-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 07:47:27 GMT
date: Sun, 11 Sep 2022 07:47:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sid/json?origin=onetag&domain=renewyourknees.com&sn=FirefoxSyncframe&so=0&topUrl=renewyourknees.com&info=KY-R6V80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVpeU9UQ0RXNkhXQmdKVG9UJTJCdXl4cmRaS1RIJTJGV2VPOGFvZkU4NUU0ZG9q&idsd=63866073,1764778817&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=renewyourknees.com&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sun, 11 Sep 2022 07:47:29 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1330874
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Sun, 11 Sep 2022 07:47:26 GMT
cf-ray: 748ecb996a7d0b45-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Mon, 29 Aug 2022 18:53:39 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 625f777bf4098451c55c1ea9c61979ebd12ec696
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss, store
x-request-id: 07aaaca0cc65c87610000b16ccecb831
x-runtime: 0.352529
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.9.0/css/all.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.169.247
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 11 Sep 2022 07:47:26 GMT
x-amz-id-2: 5R63sGXcq2LptVgWp1Hbu23fLcn6t7yox4MdVDD4fYkPpwwpE0tP8nap3nE7BUsLxb2kn6BawAQ=
x-amz-request-id: FW5J89H89QA35JM6
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 366631
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eK5tx7WSpgq7zL%2BkPB5WPsbttXhYcYiAT%2FLTI0gwhnITbiIK%2FFBea%2BUeZicerlH0aPXfQl06YeyBIrGpnMiATx%2FZleaHO9jDG8O7yfeyvd3BWWpmtvcOhopuwu9Gm2USYILI9LMz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ecb9d5e29b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js HTTP/1.1 
Host: static.getclicky.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.221.29
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Sun, 11 Sep 2022 07:47:27 GMT
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
expires: Tue, 13 Sep 2022 16:55:02 GMT
cache-control: max-age=604800
x-proxy-cache: HIT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 16:55:02 GMT
cf-cache-status: HIT
age: 399135
server: cloudflare
cf-ray: 748ecb9e799cb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /in.php?site_id=101126271&type=pageview&href=%2Fvsl1651652599068bb%3Faff_sub%3D1143%26aff_sub2%3D102273687711152a844ec99801119b%26affiliate_id%3D%26click_id%3D6738_sessid20220911074721711%26cookiepreview%3Dfalse%26fix%3D186%26ho_aff_id%3D1143%26noautoplay%3Dfalse%26nopopup%3Dfalse%26trans_id%3D102273687711152a844ec99801119b&title=JointRestore&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.702579181420478 HTTP/1.1 
Host: in.getclicky.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         198.145.13.13
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Sun, 11 Sep 2022 07:47:29 GMT
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /newidsd HTTP/1.1 
Host: gem.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         178.250.6.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sun, 11 Sep 2022 07:47:28 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 118476
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /copy-of-aff-jointrestore-gummiesd4xy2k0g?affiliate_id=&aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220911074721711&trans_id=102273687711152a844ec99801119b&fix=186 HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.16.12.194
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Sun, 11 Sep 2022 07:47:26 GMT
location: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b
cf-ray: 748ecb97d8f90b45-OSL
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 302 Found
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: f5a50e837724f3f813485e132a4d5e61
x-runtime: 0.094795
set-cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ; path=/; expires=Sun, 11-Sep-22 08:17:26 GMT; domain=.renewyourknees.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.169.247
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 11 Sep 2022 07:47:26 GMT
x-amz-id-2: 29dQf2WVNOHot5Ay8pBeGC9Jp0pul03AFXB61uD4zFysCnT6qW6VHySxi6MC8oLZjApsDY/NPq0=
x-amz-request-id: B6FTANBTWNEFCW5M
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 288205
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iF6eFmvyZiYbeNUenFlfYd%2FKF2fj85yW1I86%2FbXgRJK8ztpCarNpBfND5cCj8PpyADog%2Ba3Wfa%2BVX67xHjxQ4FJRYCFJUyrhVn8JG9LIAmDOqHe94kCe%2Fo6UnSdJhTnj0xqRi0FB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ecb9d6e39b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /vendor.js HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b
Cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 11 Sep 2022 07:47:27 GMT
cf-ray: 748ecba1a9280b45-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: 07380e95ad5bd79f63341849d7a5903e
x-runtime: 0.019901
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /6738/186/2/?subid=reeedmm7 HTTP/1.1 
Host: mwebnice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.21.10.231
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Sun, 11 Sep 2022 07:47:25 GMT
location: https://trk.legendaff.com/aff_c?offer_id=67&aff_id=1143&aff_click_id=6738_sessid20220911074721711&aff_sub=186
cache-control: max-age=3600, private
pragma: no-cache
expires: Sun, 11 Sep 2022 08:47:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 748ecb925fd00b41-OSL
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/lander.css HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b
Cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 11 Sep 2022 07:47:26 GMT
cf-ray: 748ecb9d2d510b45-OSL
access-control-allow-origin: *
age: 833
cache-control: public, max-age=1200
etag: W/"630e9cfc-6a514"
expires: Sun, 11 Sep 2022 08:07:26 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /analytics.min.js HTTP/1.1 
Host: assets.mantisadnetwork.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.129
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 22 Aug 2020 16:12:44 GMT
x-amz-version-id: Ck1Ya2WWYBt8azQIxoUFopCW7mWWtikS
server: AmazonS3
content-encoding: gzip
date: Sun, 11 Sep 2022 07:17:01 GMT
cache-control: max-age=3600
etag: W/"d982d874969783cad1711ce501e9f999"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6yofcjB2r0ffN8i7ALNx-EVYq1VPxzH6KvFmqN9aEhvgmnHumBaoJA==
age: 1827
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/userevents/application.js HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b
Cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Sun, 11 Sep 2022 07:47:26 GMT
cf-ray: 748ecb9d3d640b45-OSL
access-control-allow-origin: *
age: 833
cache-control: public, max-age=1200
etag: W/"630e9cfc-1353"
expires: Sun, 11 Sep 2022 08:07:26 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/lander.js HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=102273687711152a844ec99801119b&affiliate_id=&click_id=6738_sessid20220911074721711&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=102273687711152a844ec99801119b
Cookie: __cf_bm=KJG5mbKaWb_QpOWppdrGcVgz6MthOmMwrGn.zF7VKOA-1662882446-0-AQ0pXdZzfaVzk1c0MGU2wPozQ5f4QoajiedC/cdp3EhRWNECgdOM2fku6+PnbzF1fwHEjha+XHKsB71KJeA0E0Yp91+aVe42seoZ6/9URxGZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Sun, 11 Sep 2022 07:47:26 GMT
cf-ray: 748ecb9d5d830b45-OSL
access-control-allow-origin: *
age: 833
cache-control: public, max-age=1200
etag: W/"630e9d40-238fd1"
expires: Sun, 11 Sep 2022 08:07:26 GMT
last-modified: Tue, 30 Aug 2022 23:29:04 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Lato+sans-serif%7CRoboto%7CLato+sans-serif%7CCabin%7CLato+sans-serif%7CRoboto%7CLato+sans-serif%7CRoboto%7CLato+sans-serif%7CCabin%7CLato+sans-serif%7CCabin%7CLato+sans-serif%7COpen+Sans+Condensed%7CLato+sans-serif%7CLato%7CLato+sans-serif%7CRoboto%7CLato+sans-serif%7CRoboto%7CLato+sans-serif%7CLato%7CLato+sans-serif%7C%7C HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 07:47:27 GMT
date: Sun, 11 Sep 2022 07:47:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---