cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
1.4 kB URL cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
IP
File type ASCII text, with very long lines (1460)
Hash acf82ee47549fdc386d02768992a49ad
de7b617c2d6c095ff286235e6cf64c328da1a4bf
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
GET /npm/cookieconsent@3/build/cookieconsent.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 3.1.1
x-jsd-version-type: version
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
content-encoding: br
accept-ranges: bytes
date: Tue, 28 Nov 2023 09:25:58 GMT
age: 37560
x-served-by: cache-fra-eddf8230078-FRA, cache-bma1656-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1363
X-Firefox-Spdy: h2
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash 968db546e848ac966886c66d8423ef4c
637540183f020b5d88fb1d50bca231f794d13f1c
3f76081f7bddfef2af9106acb2595006e0371279fd958b002ef6dab0d06816ab
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Tue, 28 Nov 2023 09:25:58 GMT
Server: ECAcc (amb/6B67)
X-Cache: Miss from cloudfront
Via: 1.1 cc81c6e9e0635b111f930d60fbded11e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: CDqN0002TL5l9x_HWzTQe8cq_d_h9RbukVwUAXFPEeTInhkPRtEcmg==
i.oldmedic.com/img/4.jpg
90 kB IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 940x627, components 3\012- data
Hash ad4973dd956d57f3e91980452017e0f7
58ace72ba38f78b1c221797eb4d48173f4b184b1
d8d9cb792d66ea92e9a76849899c1e6830e83ec7547fa4dbf4ca20adb5826298
GET /img/4.jpg HTTP/1.1
Host: i.oldmedic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:25:58 GMT
content-type: image/jpeg
content-length: 90235
last-modified: Sat, 15 Feb 2020 22:40:37 GMT
etag: "1607b-59ea502d30547"
cache-control: max-age=31536000
expires: Tue, 26 Nov 2024 16:35:57 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 60601
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ovRalNzD4%2BgsP35%2F7beBDXE9YpJJc1k6LD5rAycZxF5RMRyvDNWIwaR0DPTGk7c3QmOuqwBb7d0ZycMB6Mmo2Dx5K1OeFslLgBHS5byZAe%2FZxYg4BtaN0M%2F3gFGTMUPPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d19112792eb529-OSL
alt-svc: h3=":443"; ma=86400
i.oldmedic.com/img/big/it-href-symptoms-symptoms-li-li-href-causes-causes-li-li-href-risk-factors-risk-factors-li-li-href-diagnosis-diagnosis-li-li-href-treatment-treatment-li-l-43.jpg
200 OK 24 kB URL GET HTTP/3 i.oldmedic.com/img/big/it-href-symptoms-symptoms-li-li-href-causes-causes-li-li-href-risk-factors-risk-factors-li-li-href-diagnosis-diagnosis-li-li-href-treatment-treatment-li-l-43.jpg
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectoldmedic.com
Fingerprint0F:84:CF:9F:73:8D:D3:21:00:4F:DC:DC:7C:1E:18:8F:01:09:E9:80
ValidityWed, 01 Nov 2023 15:54:52 GMT - Tue, 30 Jan 2024 15:54:51 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2018:12:13 23:50:27], baseline, precision 8, 553x415, components 3\012- data
Hash 266beddbe083a530bc33de0cf00dd1d7
c8971879dae7d7b7e6dfedfec471609ddd274338
4466481a94edf47d9d6c286785090639b2bc14e5c43d979bacc07c94d3922ed9
GET /img/big/it-href-symptoms-symptoms-li-li-href-causes-causes-li-li-href-risk-factors-risk-factors-li-li-href-diagnosis-diagnosis-li-li-href-treatment-treatment-li-l-43.jpg HTTP/1.1
Host: i.oldmedic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:25:58 GMT
content-type: image/jpeg
content-length: 23758
last-modified: Sun, 16 Feb 2020 00:40:46 GMT
etag: "5cce-59ea6b07e8cf3"
cache-control: max-age=31536000
expires: Wed, 27 Nov 2024 09:25:58 GMT
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpytpuRFseDVrRacslqDhsy%2B4kpZX%2F7f2cAE3lRw08fLeLpdflUULbWgUYPUF2i4L1AJy4U68zcJJ6XCRAkRsCXJKCIiCYvIOFeTWdxihygyRH%2B5IrmxOJbV%2BMlUHcI5Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d19112792db529-OSL
alt-svc: h3=":443"; ma=86400
i.oldmedic.com/img/big/it-href-symptoms-symptoms-li-li-href-risks-of-surgery-risks-of-surgery-li-li-href-preparation-preparation-li-li-href-treatments-treatments-li-li-href-foll.jpg
31 kB URL i.oldmedic.com/img/big/it-href-symptoms-symptoms-li-li-href-risks-of-surgery-risks-of-surgery-li-li-href-preparation-preparation-li-li-href-treatments-treatments-li-li-href-foll.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2018:12:13 23:51:12], baseline, precision 8, 553x414, components 3\012- data
Hash 46482a14018517454c9e1b5827d0836c
6b9ed6530bcbf9ccbe499794702531fa02b19eb1
b2e5093db90769c3912e96a5a40a3fd58e19adb34d6ac71ffd46220cfb471e48
GET /img/big/it-href-symptoms-symptoms-li-li-href-risks-of-surgery-risks-of-surgery-li-li-href-preparation-preparation-li-li-href-treatments-treatments-li-li-href-foll.jpg HTTP/1.1
Host: i.oldmedic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:25:58 GMT
content-type: image/jpeg
content-length: 31242
last-modified: Sun, 16 Feb 2020 00:40:55 GMT
etag: "7a0a-59ea6b103937b"
cache-control: max-age=31536000
expires: Wed, 27 Nov 2024 09:25:58 GMT
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyRXNaPv8gwGhec0M1uokvomLMRVN9YwCca6JrOBvaAiu76yXYl04wLcgr8kotuKW1AeGNgyve5hwIBVfITQvemBjdBHNRl40Lgy5NPK1hc80O2%2B8%2F5tMEsBacAjJS4Pvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d19112792fb529-OSL
alt-svc: h3=":443"; ma=86400
i.oldmedic.com/img/health/202/colic.jpg
200 OK 44 kB URL GET HTTP/3 i.oldmedic.com/img/health/202/colic.jpg
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectoldmedic.com
Fingerprint0F:84:CF:9F:73:8D:D3:21:00:4F:DC:DC:7C:1E:18:8F:01:09:E9:80
ValidityWed, 01 Nov 2023 15:54:52 GMT - Tue, 30 Jan 2024 15:54:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x300, components 3\012- data
Hash e2e7426e74865e402bc70655b9d71135
d2326280df5236aea9e1a964655e14bf37a6c951
9d600bd8d66d3193b7dd779c084377ac9c623b0113f2f3d0b573c605fb3bfdfa
GET /img/health/202/colic.jpg HTTP/1.1
Host: i.oldmedic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:25:58 GMT
content-type: image/jpeg
content-length: 44113
last-modified: Sun, 16 Feb 2020 11:55:10 GMT
etag: "ac51-59eb01c52db97"
cache-control: max-age=31536000
expires: Wed, 27 Nov 2024 09:25:58 GMT
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIlKbFv2OLDhr0tmafjRfLHG32aVRByKULABOkpeM3kkCv%2FybGGUp2R7kOzUvfNMQzJ6nceMJi2dQH12Lt59D71jOevMoV8I%2FeI1rMRzGUZPZxy2xHhAGlTP%2FhRnMU1TWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d19112792cb529-OSL
alt-svc: h3=":443"; ma=86400
i.oldmedic.com/img/big/it-healthline-2018/looking-to-lead-stronger-healthier-life-2.jpg
62 kB URL i.oldmedic.com/img/big/it-healthline-2018/looking-to-lead-stronger-healthier-life-2.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2018:12:13 23:42:59], baseline, precision 8, 553x415, components 3\012- data
Hash e5329a9b3b0c49205c5676597af866c9
56daf5609d4ceaae7f17cbb545188aa9167aaf5b
61e926a8205080bdde3b0f7196a4df56feb39addea2b629b73387c026d36ade2
GET /img/big/it-healthline-2018/looking-to-lead-stronger-healthier-life-2.jpg HTTP/1.1
Host: i.oldmedic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:25:58 GMT
content-type: image/jpeg
content-length: 62087
last-modified: Sun, 16 Feb 2020 09:41:01 GMT
etag: "f287-59eae3c95a254"
cache-control: max-age=31536000
expires: Wed, 27 Nov 2024 09:25:58 GMT
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ku73Ww0Z%2Fxg68cY6vrdVobFRmMG5jqHT%2FOJfa1XnyDGxVNDO8Ijp9b%2BBY0J01UiQeN5p8abdD1HLrHIkDf1jAvq9HFWfqud5HaeDCkzYMbaJr9bWK3FQT3s1767QHMHJGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d191127929b529-OSL
alt-svc: h3=":443"; ma=86400
i.oldmedic.com/img/big/it-healthline-2018/looking-to-lead-stronger-healthier-life-11.jpg
200 OK 60 kB URL GET HTTP/3 i.oldmedic.com/img/big/it-healthline-2018/looking-to-lead-stronger-healthier-life-11.jpg
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectoldmedic.com
Fingerprint0F:84:CF:9F:73:8D:D3:21:00:4F:DC:DC:7C:1E:18:8F:01:09:E9:80
ValidityWed, 01 Nov 2023 15:54:52 GMT - Tue, 30 Jan 2024 15:54:51 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2018:12:13 23:42:58], baseline, precision 8, 553x369, components 3\012- data
Hash 5201cc8428e9e96eb12cbb622e060497
df05cda08060c687b3eb427733322c41ae6465e8
f559f46496f8e28c87d532ed8d76dc88abf7eafb7d585432230dcf5cde16b76e
GET /img/big/it-healthline-2018/looking-to-lead-stronger-healthier-life-11.jpg HTTP/1.1
Host: i.oldmedic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:25:58 GMT
content-type: image/jpeg
content-length: 59763
last-modified: Sun, 16 Feb 2020 09:41:01 GMT
etag: "e973-59eae3c9027fe"
cache-control: max-age=31536000
expires: Wed, 27 Nov 2024 09:25:58 GMT
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bt7jSnuD2R6xM18TwI3mPo50fOaqZ0SaJA3Wuv2Zl1InifzR08R1SJTJzPf9Sncc4kxxK1GSxS7%2BCVWGNTjpMEeMl2pH9p6pzXb9Z1b9N2hCMf7LG%2FPL164oq8Q3BGTPXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d191127930b529-OSL
alt-svc: h3=":443"; ma=86400
i.oldmedic.com/img/big/it-healthline-2018/looking-to-lead-stronger-healthier-life.jpg
200 OK 60 kB URL GET HTTP/3 i.oldmedic.com/img/big/it-healthline-2018/looking-to-lead-stronger-healthier-life.jpg
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectoldmedic.com
Fingerprint0F:84:CF:9F:73:8D:D3:21:00:4F:DC:DC:7C:1E:18:8F:01:09:E9:80
ValidityWed, 01 Nov 2023 15:54:52 GMT - Tue, 30 Jan 2024 15:54:51 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2018:12:13 23:43:01], baseline, precision 8, 553x369, components 3\012- data
Hash 2c32d27e37d5cd862171babfd0f60785
f376627c5771c6b45dd8f52e00eb2509b50b4420
e6551641028f98be31b8383f4e0738ff92ae3087d8706ef43133a7face4c921c
GET /img/big/it-healthline-2018/looking-to-lead-stronger-healthier-life.jpg HTTP/1.1
Host: i.oldmedic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:25:58 GMT
content-type: image/jpeg
content-length: 59763
last-modified: Sun, 16 Feb 2020 09:41:01 GMT
etag: "e973-59eae3c9cfd22"
cache-control: max-age=31536000
expires: Wed, 27 Nov 2024 09:25:58 GMT
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R10ghfzuOVf8dn9zbFnnByecbHxwdezVL1JRX5sNRCL0kGkWD3bye0wERRcZwDbyoDnYbqas4wekACI0DRjmKcA4R%2Bcihs%2Bd55q5KMkHMI9Z6Iah81rMNaYDEnH55ByeRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d19112792ab529-OSL
alt-svc: h3=":443"; ma=86400
i.oldmedic.com/logo/it/logo.png
200 OK 8.1 kB URL GET HTTP/3 i.oldmedic.com/logo/it/logo.png
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectoldmedic.com
Fingerprint0F:84:CF:9F:73:8D:D3:21:00:4F:DC:DC:7C:1E:18:8F:01:09:E9:80
ValidityWed, 01 Nov 2023 15:54:52 GMT - Tue, 30 Jan 2024 15:54:51 GMT
File type PNG image data, 300 x 100, 8-bit colormap, non-interlaced\012- data
Hash dfa43eaeb491aeda39fa19cc5b856d7a
a5fb6c6a340d239710f0f62c2ea6021742fab715
0ac9c75a29e42374d0e388da9fac8a3104588c77b34e981e3e50924894cc5fa2
GET /logo/it/logo.png HTTP/1.1
Host: i.oldmedic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:25:59 GMT
content-type: image/png
content-length: 8119
last-modified: Sun, 16 Feb 2020 01:18:41 GMT
etag: "1fb7-59ea73816cf93"
cache-control: max-age=31536000
expires: Sun, 24 Nov 2024 15:12:51 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 238388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86h3VE6NHDE40fJO%2B%2BGHeyNJ2pIvqXG92dgWOcLrRkp7h2OxHXTbBQDislKtyt6oS3OFzNGT6AmWQLjgIseKH%2BWq0NYowy97BIA%2B38shOp%2FsJXisjFMxnCLVPxNb1Q8Wqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d191142a8fb529-OSL
alt-svc: h3=":443"; ma=86400
i.oldmedic.com/img/blank.jpg
200 OK 101 kB URL GET HTTP/3 i.oldmedic.com/img/blank.jpg
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectoldmedic.com
Fingerprint0F:84:CF:9F:73:8D:D3:21:00:4F:DC:DC:7C:1E:18:8F:01:09:E9:80
ValidityWed, 01 Nov 2023 15:54:52 GMT - Tue, 30 Jan 2024 15:54:51 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2019:01:09 16:40:37], baseline, precision 8, 1024x682, components 3\012- data
Size 101 kB (101258 bytes)
Hash 63de1e917af2df499d9da6bc9bb4db9f
24660b476e0791ea5c795836ee9955f03250b73f
a6f3ba72f023edabfbfaa602021adc7d8090afdb308900a0afbea448e7b0c512
GET /img/blank.jpg HTTP/1.1
Host: i.oldmedic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:25:59 GMT
content-type: image/jpeg
content-length: 101258
last-modified: Wed, 25 Aug 2021 11:50:07 GMT
etag: "18b8a-5ca60da0544c6"
cache-control: max-age=31536000
expires: Tue, 26 Nov 2024 07:57:28 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 91711
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1aX4fzHHYyBEt8N1hIdLAj17fcAzyWX1N0UsAxsw3TPwZwBMx2XeQ%2FitYpUHVs40lfWQyoXZWNzrTqJazYSKXn2rUemYix%2FryqCAPjRpfSH6HRG6p2N8HxxhUmwMd9zNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d191142a91b529-OSL
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
200 OK 33 kB URL GET HTTP/2 fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 32796, version 1.0\012- data
Hash b2a264e3e87b58b54b76483238805a40
169d6f17c82024fe0cfc2d19884a14dae2ec0bdb
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
GET /s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:01:19 GMT
expires: Fri, 22 Nov 2024 05:01:19 GMT
cache-control: public, max-age=31536000
age: 447880
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
200 OK 33 kB URL GET HTTP/2 fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 32796, version 1.0\012- data
Hash b2a264e3e87b58b54b76483238805a40
169d6f17c82024fe0cfc2d19884a14dae2ec0bdb
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
GET /s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:01:19 GMT
expires: Fri, 22 Nov 2024 05:01:19 GMT
cache-control: public, max-age=31536000
age: 447880
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
emea.hhkld.com/tag/load-106832.js
29 kB URL emea.hhkld.com/tag/load-106832.js
IP
File type gzip compressed data, from Unix\012- data
Hash 0dabdd8a3affee94f14065c3b71597dd
58db56a314f5a7f097302f8b9267f94f8374752a
bcc850e1ef0f7e830f7fe01e827e191ff345d3dfd0dfbe5be0a03de67dd01b59
GET /tag/load-106832.js HTTP/1.1
Host: emea.hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:25:58 GMT
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: uid=jV7KsGVlsiYvXZW6GdGGAg==; expires=Wed, 27-Nov-24 09:25:58 GMT; domain=.hhkld.com; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/josefinsans/v32/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
200 OK 29 kB URL GET HTTP/2 fonts.gstatic.com/s/josefinsans/v32/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 28600, version 1.0\012- data
Hash de104ab8acb1088aebea1aae24724a91
b613f95c303c539ef3fe4fe65db0fbc5e5a55fe1
c94f080a550a1f2d4fe07d371969b7a40c01606bd5624e8c03c976cbf5e06058
GET /s/josefinsans/v32/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:37:18 GMT
expires: Thu, 21 Nov 2024 21:37:18 GMT
cache-control: public, max-age=31536000
age: 474521
last-modified: Thu, 24 Aug 2023 20:50:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
200 OK 33 kB URL GET HTTP/2 fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 32796, version 1.0\012- data
Hash b2a264e3e87b58b54b76483238805a40
169d6f17c82024fe0cfc2d19884a14dae2ec0bdb
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
GET /s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:01:19 GMT
expires: Fri, 22 Nov 2024 05:01:19 GMT
cache-control: public, max-age=31536000
age: 447880
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
oldmedic.com/template/spidermag/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL GET HTTP/3 oldmedic.com/template/spidermag/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectoldmedic.com
Fingerprint0F:84:CF:9F:73:8D:D3:21:00:4F:DC:DC:7C:1E:18:8F:01:09:E9:80
ValidityWed, 01 Nov 2023 15:54:52 GMT - Tue, 30 Jan 2024 15:54:51 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /template/spidermag/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: oldmedic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://oldmedic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:25:59 GMT
content-length: 77160
last-modified: Sun, 16 Feb 2020 12:15:20 GMT
etag: "12d68-59eb0647b3cad"
cache-control: max-age=2678400
expires: Tue, 05 Dec 2023 09:25:59 GMT
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoklnaVKZ23r6Uc9AtWuOgSGKZyFqeJPWr8abHjyhvl7QLaMWEn1ZNWYHazv22yH46G0sTi02%2FhDJeHFYG8xAQm76RUqvyT7CVzBWG5mndFfi9FIALK4WCXFKfr4QM4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d191141a84b529-OSL
alt-svc: h3=":443"; ma=86400
sarcasticnotarycontrived.com/21/60/b8/2160b8262a582df2703d1f662227b38c.js
15 kB URL sarcasticnotarycontrived.com/21/60/b8/2160b8262a582df2703d1f662227b38c.js
IP
File type ASCII text, with very long lines (42799), with no line terminators
Hash 5212b901a08d4cc2203d9d26f3b7c9b8
c22ca70ea8f9927ca48ef8e81336462c962d7820
e9c94ecd892d5d209a940d1b7a60db2bebbdbb037f82819e1a2091ccd5f9add3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /21/60/b8/2160b8262a582df2703d1f662227b38c.js HTTP/1.1
Host: sarcasticnotarycontrived.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 09:25:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cbd096d67cb5e8c01eb4b0bb4dfc042c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.youtube.com/s/player/5753e790/player_ias.vflset/en_US/embed.js
200 OK 18 kB URL GET HTTP/3 www.youtube.com/s/player/5753e790/player_ias.vflset/en_US/embed.js
IP
Requested by https://www.youtube.com/embed/hYvJ-8xs_FI
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with very long lines (3391)
Hash 904caf11fb18e41930e32cccd21950f1
fcc8805568828784193a870c62ff6a8623958dd7
aac8a032a85e9f37ff21da59701a89c5c71d2f6eaaf43fd1f4a3406f4f9ece41
GET /s/player/5753e790/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hYvJ-8xs_FI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 17782
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Nov 2023 08:32:23 GMT
expires: Tue, 26 Nov 2024 08:32:23 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 27 Nov 2023 02:43:52 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 89616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
oldmedic.com/template/spidermag/js/1.js
200 OK 65 kB URL GET HTTP/2 oldmedic.com/template/spidermag/js/1.js
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectoldmedic.com
Fingerprint0F:84:CF:9F:73:8D:D3:21:00:4F:DC:DC:7C:1E:18:8F:01:09:E9:80
ValidityWed, 01 Nov 2023 15:54:52 GMT - Tue, 30 Jan 2024 15:54:51 GMT
File type ASCII text, with very long lines (65468), with CRLF line terminators
Hash b1a80f73fd71943d1ab0987ef063c03a
75904b9b731cb188570f28ce47c338b914160f82
f73a0824b08d5069220de5be4c6516426e5f4508240f4e604acf5ee26990d5b4
GET /template/spidermag/js/1.js HTTP/1.1
Host: oldmedic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:25:58 GMT
content-type: application/javascript
last-modified: Sun, 16 Feb 2020 12:15:21 GMT
etag: W/"236f0-59eb0648bc708"
cache-control: max-age=2678400
expires: Thu, 07 Dec 2023 05:48:58 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 445020
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bhNcLE%2BSvKY2u6J7gyOlvLAGaEyVClhN23%2BvyrUKiWjEg8gzzu2R9YEVg4eJa%2FcnD8YaUXITsDET7PlKsbrtapHCg0wQ5qghtMOm3JqvIHDLcmHraSdRDkGx884iu4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d191124bc056bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.optad360.net/cmp/v3/translations/v8/en.json
200 OK 51 kB URL GET HTTP/2 cdn.optad360.net/cmp/v3/translations/v8/en.json
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerAmazon
Subject*.optad360.net
FingerprintAA:78:57:71:31:74:64:48:50:D0:12:24:49:A2:2D:B0:41:CD:0A:41
ValidityMon, 26 Jun 2023 00:00:00 GMT - Wed, 24 Jul 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 0b9f8611ce8a63a82cffc607dd45e210
bf4ebe68728593b2668f55dd9023713f90a619f1
fdedadb86c98f1adabbb361fd0d5558d732d7ac00b0210721b698c57143d2e76
GET /cmp/v3/translations/v8/en.json HTTP/1.1
Host: cdn.optad360.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
date: Tue, 28 Nov 2023 09:26:00 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Tue, 31 Oct 2023 13:40:11 GMT
etag: W/"62ba9f54a9611bfde1669a697d9e6054"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=360000000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G_KwQipIQKYv_bMi6ihnGpAMei_fGMc8I2ivQXlfT0I9m6mAy6PROA==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.youtube.com/embed/hYvJ-8xs_FI
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:23:18 GMT
expires: Fri, 22 Nov 2024 23:23:18 GMT
cache-control: public, max-age=31536000
age: 381761
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.statsforads.com/tag/180427526.min.js
200 OK 104 kB URL GET HTTP/2 www.statsforads.com/tag/180427526.min.js
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerAmazon
Subjectstatsforads.com
FingerprintD3:90:F9:62:08:8C:49:2A:DE:7B:AC:49:86:FC:5A:77:51:9F:C4:65
ValiditySat, 19 Aug 2023 00:00:00 GMT - Mon, 16 Sep 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Size 104 kB (103907 bytes)
Hash c1569bde1ef820cbe37e487f93e54223
febe4a4b5186a3f7419fd942d4d2780e38598470
ccc91681cc0679f4bc579e5f7e60d7cc55d1f7b1389197c28d31b68241f89f86
GET /tag/180427526.min.js HTTP/1.1
Host: www.statsforads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 28 Nov 2023 09:17:50 GMT
last-modified: Mon, 25 Mar 2019 16:21:48 GMT
etag: W/"7a86304582faa7d415fa8f8b2f60071c"
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ITm7lnDP0AmMix7iep76-ubYDY42o9mYFu1QkmUBib0gO1BvhuAn-w==
age: 489
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=7516a748d25c406&gdpr=0&gdpr_consent=&us_privacy=
204 No Content 0 B URL GET HTTP/2 onetag-sys.com/usync/?pubId=7516a748d25c406&gdpr=0&gdpr_consent=&us_privacy=
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint1B:3E:A7:6D:D6:26:C6:9E:AB:38:DE:9E:22:71:64:8C:9F:91:0B:7B
ValidityWed, 28 Dec 2022 00:00:00 GMT - Sun, 28 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=7516a748d25c406&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash ab08b21b37480bf609deaf73dcbf1e34
4121333c3a37ff481b30918ce3a1aa643cf813c2
d8c99d9c9d12731615d29afd9aba86e213ce6c7dfb8938334de50d3edfd78fcd
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 Nov 2023 09:25:59 GMT
Last-Modified: Tue, 28 Nov 2023 08:04:38 GMT
Server: ECAcc (ska/F6ED)
X-Cache: Miss from cloudfront
Via: 1.1 cc81c6e9e0635b111f930d60fbded11e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: blz7_xSMPeEGSfqcSmhzifOxqWff1TC8t2nTONMt2yX93lqkTrlKpQ==
Age: 4881
www.youtube.com/s/player/5753e790/player_ias.vflset/en_US/base.js
782 kB URL www.youtube.com/s/player/5753e790/player_ias.vflset/en_US/base.js
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with very long lines (555)
Size 782 kB (782158 bytes)
Hash 85f21f816ed447ec33941883636321de
8834ef2dae24310a9565904f4cdfb14b8fc917ac
c0f8bc0a7cbd1ea0a11cd392354aa301018eb949c5b6b28dfcb16b66c312bad6
GET /s/player/5753e790/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hYvJ-8xs_FI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 782158
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Nov 2023 08:32:23 GMT
expires: Tue, 26 Nov 2024 08:32:23 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 27 Nov 2023 02:43:52 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 89616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cmp.optad360.io/items/601cd514-ec34-4ebf-b1c9-a92f76e7ec86.min.js
200 OK 83 kB URL GET HTTP/2 cmp.optad360.io/items/601cd514-ec34-4ebf-b1c9-a92f76e7ec86.min.js
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerAmazon
Subject*.optad360.io
FingerprintBC:89:97:49:5C:BF:E9:C9:F2:FA:B3:55:B7:6A:1E:6D:7F:5B:86:9E
ValiditySun, 17 Sep 2023 00:00:00 GMT - Tue, 15 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash a59c2f92fdfdfee2acf4842447a8c9ae
d15c3892745a10bf217a77d02828ef3afc780a57
21d19714182823a2055c7900415ba195fe8fe27b8b2ffdf38a07acbaaba36390
GET /items/601cd514-ec34-4ebf-b1c9-a92f76e7ec86.min.js HTTP/1.1
Host: cmp.optad360.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 25 Nov 2023 19:09:20 GMT
last-modified: Fri, 17 Nov 2023 14:20:36 GMT
etag: W/"e09a2a7708eaa464a039dfd1c301ae60"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4DkneZnzrFqOv046HTGkRg8iuI1VpjuTQh-f3h4zaPshqGu7QtKf_g==
age: 224199
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231128
200 OK 853 B URL GET HTTP/3 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231128
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type JSON data\012- , ASCII text, with very long lines (1597), with no line terminators
Hash 9c685cfa87bbea42bd2a85dde674cd99
9a418176363548fdabccfb63ad0e0ae4ef7bda03
de49d6fcb8fd60805ec73f3a148055e721e7dbadc5eefcd014c0fe13bcc80599
GET /gh/prebid/currency-file@1/latest.json?date=20231128 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 853
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1887
x-jsd-version-type: version
etag: W/"63d-mkGBdjY1SP2rzPtjrQ4K5O972gM"
content-encoding: br
accept-ranges: bytes
date: Tue, 28 Nov 2023 09:26:00 GMT
age: 19505
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
sync.hhkld.com/tools/sync?dsp=26&uid=&gdpr=0
43 B URL sync.hhkld.com/tools/sync?dsp=26&uid=&gdpr=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /tools/sync?dsp=26&uid=&gdpr=0 HTTP/1.1
Host: sync.hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prebid.a-mo.net/
Cookie: uid=jV7KsGVlsiYvXZW6GdGGAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:00 GMT
content-type: image/gif
content-length: 43
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
last-modified: Tue, 28 Nov 2023 09:26:00 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Muli:300,400,400italic,600,700%7CJosefin+Sans:300,400,400italic,600,700
200 OK 3.8 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Muli:300,400,400italic,600,700%7CJosefin+Sans:300,400,400italic,600,700
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Hash c7b603f684e2b19d8a74bedf2afbc289
3a53e90fbb34b977ca062a62bf13dae19112d9a7
9409478c8f674a34f408a8fd8020b67b788355f792f4c7afe2b0295562aed9dc
GET /css?family=Muli:300,400,400italic,600,700%7CJosefin+Sans:300,400,400italic,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Nov 2023 09:25:58 GMT
date: Tue, 28 Nov 2023 09:25:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
video.onnetwork.tv/embed.php?ext=optad
738 B URL video.onnetwork.tv/embed.php?ext=optad
IP
File type ASCII text, with very long lines (405)
Hash 338d4a5fd7c119c30643ac70492083e4
e143f3c930b5ef1232be4b310814adf33baf58d8
1cfed3aae1c61c303a161cc0e44e6a00e4eef068743ed3fc9cf6e4506541a8ef
GET /embed.php?ext=optad HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Tue, 28 Nov 2023 09:25:59 GMT
expires: Tue, 28 Nov 2023 09:25:59 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
feature-policy: fullscreen *; autoplay;
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-length: 738
content-type: text/javascript;charset=utf-8
date: Tue, 28 Nov 2023 09:26:00 GMT
server: XO.webservant
X-Firefox-Spdy: h2
sync.hhkld.com/tools/sync?dsp=67&uid=
200 OK 43 B URL GET HTTP/2 sync.hhkld.com/tools/sync?dsp=67&uid=
IP
Requested by https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /tools/sync?dsp=67&uid= HTTP/1.1
Host: sync.hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cookies.nextmillmedia.com/
Cookie: uid=jV7KsGVlsiYvXZW6GdGGAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:00 GMT
content-type: image/gif
content-length: 43
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
last-modified: Tue, 28 Nov 2023 09:26:00 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
X-Firefox-Spdy: h2
cdn2.viads.net/1.0.7/index.js
97 kB URL cdn2.viads.net/1.0.7/index.js
IP
File type ASCII text, with very long lines (26610)
Hash 35b78f0619da0c3cefd78ed9110943e7
bd38cb03f0755ca7bccaefafaae846c8c0b65fb5
f4dab19efec14205e419d50d7d094677303225e0d603b79c59395673d5be3993
GET /1.0.7/index.js HTTP/1.1
Host: cdn2.viads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:25:59 GMT
content-type: application/javascript
last-modified: Wed, 18 Oct 2023 13:37:21 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: max-age=315360000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D
200 OK 119 B URL GET HTTP/2 prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
Fingerprint5C:1B:DB:42:AD:A4:54:7C:87:D6:3F:1A:B6:29:AF:0C:7F:A6:14:FE
ValidityTue, 07 Nov 2023 13:48:39 GMT - Mon, 05 Feb 2024 13:48:38 GMT
File type HTML document, ASCII text, with no line terminators
Hash 5a6d912df63add7d588aeb16a18a16a1
10878368d5f4499266519a784f62089c781c1dbf
f7f1d318d912f85865485255febe3bfd1f4d4e2931c4c28c3d6a4c40dde3501e
GET /isyn?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=0, private, must-revalidate
content-type: text/html; charset=utf-8
date: Tue, 28 Nov 2023 09:25:59 GMT
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Tue, 28 Nov 2023 09:30:59 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
204 No Content 0 B URL GET HTTP/2 cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D
IP
Requested by https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Certificate IssuerAmazon
Subjectcookies.nextmillmedia.com
Fingerprint01:8E:4A:16:C7:C3:B6:97:4E:36:AC:D6:42:3C:07:30:FB:79:87:D6
ValidityTue, 13 Jun 2023 00:00:00 GMT - Thu, 11 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?bidder=amx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=&gpp_sid=%7B%7B.GPPSID%7D%7D&gpp=%7B%7B.GPP%7D%7D HTTP/1.1
Host: cookies.nextmillmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cookies.nextmillmedia.com/
DNT: 1
Connection: keep-alive
Cookie: NMUID=csuid_71de7f45-8b55-4eec-8957-77963754489f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 28 Nov 2023 09:26:00 GMT
server: fasthttp
X-Firefox-Spdy: h2
cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=d0c544c9-565a-4efa-b43c-b08853b5a605&gdpr_consent=null&gdpr=0
0 B URL cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=d0c544c9-565a-4efa-b43c-b08853b5a605&gdpr_consent=null&gdpr=0
IP
Certificate IssuerAmazon
Subjectcookies.nextmillmedia.com
Fingerprint01:8E:4A:16:C7:C3:B6:97:4E:36:AC:D6:42:3C:07:30:FB:79:87:D6
ValidityTue, 13 Jun 2023 00:00:00 GMT - Thu, 11 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?bidder=loopme&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=d0c544c9-565a-4efa-b43c-b08853b5a605&gdpr_consent=null&gdpr=0 HTTP/1.1
Host: cookies.nextmillmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cookies.nextmillmedia.com/
DNT: 1
Connection: keep-alive
Cookie: NMUID=csuid_71de7f45-8b55-4eec-8957-77963754489f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Tue, 28 Nov 2023 09:26:00 GMT
content-length: 0
location: https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=d0c544c9-565a-4efa-b43c-b08853b5a605
server: fasthttp
set-cookie: syncedBidders={"loopme":1}; max-age=604800; secure; SameSite=None
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
0 B URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 28 Nov 2023 09:26:00 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
proceedglad.com/sbar.json?key=2160b8262a582df2703d1f662227b38c
200 OK 3.9 kB URL GET HTTP/1.1 proceedglad.com/sbar.json?key=2160b8262a582df2703d1f662227b38c
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectproceedglad.com
FingerprintF9:04:D4:C5:64:56:F0:7B:9E:AE:0C:CB:EC:1A:5E:E9:8E:9E:86:E3
ValidityWed, 22 Nov 2023 07:26:18 GMT - Tue, 20 Feb 2024 07:26:17 GMT
File type JSON data\012- , ASCII text, with very long lines (5926), with no line terminators
Hash 57fae82ab85db8ccc3d3edd78aebb4d9
2653282a6c890ae570d8161be1a2421db48f6dd3
75a2781ca342e7839d7facbd408610f8cddf755cdbc20d52055e5f9ead6869b3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=2160b8262a582df2703d1f662227b38c HTTP/1.1
Host: proceedglad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 09:26:00 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://it.oldmedic.com
Access-Control-Allow-Origin: https://it.oldmedic.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19025954; expires=Wed, 29 Nov 2023 09:26:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 29 Nov 2023 09:26:00 GMT; secure; SameSite=None
uncs=1; expires=Wed, 29 Nov 2023 09:26:00 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 29 Nov 2023 09:26:00 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 29 Nov 2023 09:26:00 GMT; secure; SameSite=None
slec2160b8262a582df2703d1f662227b38c=[3078189]; expires=Tue, 28 Nov 2023 09:26:05 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fcf4ec038543e5ab83423d8440d5504d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
33 kB URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 932d7af1a6ef0cb0b8c4c45e728c4674
0902cef2a481a60974971c18cb5310e00c803180
aa9128c9b6358b6737614ee3eb534a674a3c581c264b89ee29404d6f48949f34
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 28 Nov 2023 09:26:00 GMT
server: ESF
cache-control: private
content-length: 32570
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/hYvJ-8xs_FI/sddefault.webp
200 OK 19 kB URL GET HTTP/2 i.ytimg.com/vi_webp/hYvJ-8xs_FI/sddefault.webp
IP
Requested by https://www.youtube.com/embed/hYvJ-8xs_FI
Certificate IssuerGoogle Trust Services LLC
Subjectedgestatic.com
FingerprintC8:30:4C:1A:A8:FF:83:E1:A2:7F:DB:02:8C:D9:05:46:C4:D6:CA:95
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 510f84502656402c7399f68ad8ed02c3
7c5d68a6bcd845ceadee997dc0857cfdd06c7724
070ff3efad8aece2919a61f1cb689572e433abbb76ca0a27899cd53b38975db1
GET /vi_webp/hYvJ-8xs_FI/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 19014
date: Tue, 28 Nov 2023 09:26:00 GMT
expires: Tue, 28 Nov 2023 11:26:00 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/5753e790/player_ias.vflset/en_US/remote.js
34 kB URL www.youtube.com/s/player/5753e790/player_ias.vflset/en_US/remote.js
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with very long lines (537)
Hash e739e70af114197bcabbd34fc2d1691a
908ccc08776e167816ddd89e0d1c3d0b2ba8cec9
1d67a03e55e1237f8b0d57be60968e885879a63eb083c16fc42f06c19186d94f
GET /s/player/5753e790/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hYvJ-8xs_FI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33493
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Nov 2023 08:34:50 GMT
expires: Tue, 26 Nov 2024 08:34:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 27 Nov 2023 02:43:52 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 89470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
yt3.ggpht.com/IqthBg_izXZ2hCNV1oeILnXysKjrx-9F9eHsCbXJarqe84FgRbnm0b5EstUdzrBGW0qEZwAw3Q=s68-c-k-c0x00ffffff-no-rj
200 OK 3.7 kB URL GET HTTP/2 yt3.ggpht.com/IqthBg_izXZ2hCNV1oeILnXysKjrx-9F9eHsCbXJarqe84FgRbnm0b5EstUdzrBGW0qEZwAw3Q=s68-c-k-c0x00ffffff-no-rj
IP
Requested by https://www.youtube.com/embed/hYvJ-8xs_FI
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash d9488b433a24b651790e1972f8b88c6a
f7192a3c65acdc641234144a217d11006f9d433c
b596129a5517b5ca57ec63503a33c7c8fd61482e3b4c3f241f7f39a121f1f756
GET /IqthBg_izXZ2hCNV1oeILnXysKjrx-9F9eHsCbXJarqe84FgRbnm0b5EstUdzrBGW0qEZwAw3Q=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 3749
x-xss-protection: 0
date: Tue, 28 Nov 2023 08:25:43 GMT
expires: Wed, 29 Nov 2023 08:25:43 GMT
cache-control: public, max-age=86400, no-transform
age: 3618
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/js/th/Cz7e-VR341EnRw5g1wAl9brpVe2wOP5KsPJPm-1eumg.js
15 kB URL www.google.com/js/th/Cz7e-VR341EnRw5g1wAl9brpVe2wOP5KsPJPm-1eumg.js
IP
File type ASCII text, with very long lines (38418)
Hash 0ff93e9afaa17455052bf116df5213a0
a4959f33a4a612f6e9f1a30d9c5fce09384a8a22
0b3edef95477e35127470e60d70025f5bae955edb038fe4ab0f24f9bed5eba68
GET /js/th/Cz7e-VR341EnRw5g1wAl9brpVe2wOP5KsPJPm-1eumg.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 15072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 00:07:55 GMT
expires: Fri, 22 Nov 2024 00:07:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Nov 2023 17:00:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 465486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
0 B URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 28 Nov 2023 09:26:01 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
110 B URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 9b4987bf4fb957899d241ab52420a8bc
4d2ade3347ee98198ac47dbc31946c2dfa081058
b3ffbe55c12781404452ef058d8cfaf2c68242a409389d6de2f0d1eb17d6076c
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1310
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 28 Nov 2023 09:26:01 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pbs.nextmillmedia.com/setuid?bidder=loopme&uid=d0c544c9-565a-4efa-b43c-b08853b5a605
86 B URL pbs.nextmillmedia.com/setuid?bidder=loopme&uid=d0c544c9-565a-4efa-b43c-b08853b5a605
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c6641b08f4be6f479f1588af08054b3
8da28b3146834c48fd843b108749191516d2a65d
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
GET /setuid?bidder=loopme&uid=d0c544c9-565a-4efa-b43c-b08853b5a605 HTTP/1.1
Host: pbs.nextmillmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cookies.nextmillmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:26:01 GMT
content-type: image/png
content-length: 86
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: uids=eyJ0ZW1wVUlEcyI6eyJsb29wbWUiOnsidWlkIjoiZDBjNTQ0YzktNTY1YS00ZWZhLWI0M2MtYjA4ODUzYjVhNjA1IiwiZXhwaXJlcyI6IjIwMjMtMTItMTJUMDk6MjY6MDEuMjI5MTAzMzEzWiJ9fX0=; Path=/; Expires=Mon, 26 Feb 2024 09:26:01 GMT
vary: Origin
X-Firefox-Spdy: h2
hhkld.com/logs/req/site?sid=106832&uid=50b80a04-b567-4a9f-b1e3-47fb35fb0986&event=playerLoaded&v=20&cb=1701163564962&t_player_start=332&t_page_load=2853
200 OK 0 B URL GET HTTP/2 hhkld.com/logs/req/site?sid=106832&uid=50b80a04-b567-4a9f-b1e3-47fb35fb0986&event=playerLoaded&v=20&cb=1701163564962&t_player_start=332&t_page_load=2853
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/req/site?sid=106832&uid=50b80a04-b567-4a9f-b1e3-47fb35fb0986&event=playerLoaded&v=20&cb=1701163564962&t_player_start=332&t_page_load=2853 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:01 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163564970&t_player_start=340&t_page_load=2860
0 B URL hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163564970&t_player_start=340&t_page_load=2860
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163564970&t_player_start=340&t_page_load=2860 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:01 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.youtube.com/generate_204?d0Df2g
0 B URL www.youtube.com/generate_204?d0Df2g
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?d0Df2g HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hYvJ-8xs_FI
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 09:26:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
imasdk.googleapis.com/js/sdkloader/ima3.js
200 OK 128 kB URL GET HTTP/3 imasdk.googleapis.com/js/sdkloader/ima3.js
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (2725)
Size 128 kB (128094 bytes)
Hash 865fefbe42a3df73ca64198c337b20e6
cd1304165333f9fc26d2aa716a4c50c8ce99fbae
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 128094
date: Tue, 28 Nov 2023 09:26:01 GMT
expires: Tue, 28 Nov 2023 09:26:01 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1701163565381&d=11986&wsc=00&typ=embed&mobile=0&c=47
126 B URL cdn.onnetwork.tv/cnt/a_cntg.png?ts=1701163565381&d=11986&wsc=00&typ=embed&mobile=0&c=47
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1701163565381&d=11986&wsc=00&typ=embed&mobile=0&c=47 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Tue, 28 Nov 2023 09:26:01 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Tuesday, 28-Nov-2023 09:26:01 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1701163565394&d=11986&wsc=00&typ=embed&mobile=0&c=40
200 OK 126 B URL GET HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1701163565394&d=11986&wsc=00&typ=embed&mobile=0&c=40
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintAB:87:BF:D8:2A:47:42:48:16:B8:D6:C0:E7:2B:03:F6:B7:8E:0B:FA
ValiditySun, 22 Oct 2023 09:31:33 GMT - Sat, 20 Jan 2024 09:31:32 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1701163565394&d=11986&wsc=00&typ=embed&mobile=0&c=40 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Tue, 28 Nov 2023 09:26:01 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Tuesday, 28-Nov-2023 09:26:01 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player90/embed.min.js?s=1701082363
200 OK 71 kB URL GET HTTP/2 cdn.onnetwork.tv/js/player90/embed.min.js?s=1701082363
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintAB:87:BF:D8:2A:47:42:48:16:B8:D6:C0:E7:2B:03:F6:B7:8E:0B:FA
ValiditySun, 22 Oct 2023 09:31:33 GMT - Sat, 20 Jan 2024 09:31:32 GMT
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 34e0cf12fe252c4ca4558ab821817b8b
85f1f0bb61e28f843e0aa1ed6c1bbb210a72103c
69c4c138ba48e4fdd2d14df64c03d18bf93459b73ebd6d312902447afcf067fd
GET /js/player90/embed.min.js?s=1701082363 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: XO.webservantpro
date: Tue, 28 Nov 2023 09:26:01 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 10:52:43 GMT
vary: Accept-Encoding
etag: W/"656474fb-15dc4"
expires: Sat, 15 Jun 2024 09:26:01 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
i.oldmedic.com/logo/de/logo.png
9.2 kB URL i.oldmedic.com/logo/de/logo.png
IP
File type PNG image data, 300 x 100, 8-bit colormap, non-interlaced\012- data
Hash afdd3120e782f2efe042c53b28a18186
36ca14c329ea61aca9062b68cb3c415033365426
57da30fe705b153e8651879158f731501d5c7a621dcd08ed89c1b75ba1191aa3
GET /logo/de/logo.png HTTP/1.1
Host: i.oldmedic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _sharedID=e088ead1-7bff-46f8-8297-a8f006a6f68e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:26:01 GMT
content-type: image/png
content-length: 9174
last-modified: Sun, 16 Feb 2020 01:18:40 GMT
etag: "23d6-59ea7380e53b6"
cache-control: max-age=31536000
expires: Mon, 25 Nov 2024 08:26:51 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 176350
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObD18kyYvRhqLmCAPTTHoz189tJ2g1AXk%2FvmrhgmgQB9YzN2cR5C47hdmla%2FZ681MAL%2FqVQvm9Y6Z847JfuiMMxJ3sHgn6SLR0PpFWMIdWfZiK9RR0kB1eDOsRwa9lOh3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d191251dffb529-OSL
alt-svc: h3=":443"; ma=86400
proceedglad.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRuu3m8%2FPCgLiiCKQrMgrLBOunt%2BuwcxrpFgTOLuSk4eqquqJ2Wqq5qq7ulJTsEF2eN489h5JtmgBnG9izLxsgSEHQ%2BSg%2FkbBHHxKDMZGXyh%2B32f96mC53nf%2BvyguCABCnq%2B%2BaHZk0rRpWYt8G9sSc1N6fz1e34Y1IJb%2FpbUrcYtfzD92f5bYdCsBW%2F47wu2Y5aiIAyCMAj9FWlFYgZLMxYyO%2BmGtW5Qa0S1sNnAwP4Xu8KDox54%2F4K8AMkn%2F99%2B%2FAiSjaHT724Lt5Ob7OZ7aaFobiz6%2FPhjvaNNqZEuysR6SPTx%2FDSMmxDy5RUYfTx3ANM%2FnDpALCfE%2By1ErI%2FnMhH3jy6VxgpCI%2BbPouyPIdQYko7BzH1I%2FoQAjGN9Azp9uG5sSXcvWTplJ%2BTq0z8hywm5%2BvuL0Om3y0oO%2FLtGFbk02mGQVJCDMWRvjKw4Rb7nQZanYPlnkPwXsvR0DTo93HDKQPJq5l7KMWQyhhJDUOehmH7SQ5F4KDIPKT%2F3abObBEE7iZN6vdNgjNXrjDU7Ld7k9UYnCVCwqbwh8mwIpoZgdh%2BZ3ceOHMIWP8FtV3Dcg8snxPtoH31eoRQEpSMoKUEpCcqcoOxXR1y5yFUPuXJFHM5zNM%2F1amTy3gE9MnlPaHKQXZDnp3Pxrm9ex44496OwFcSdqBXRZifiSdQO6jxMWq0oitpxvcPgZAXprsys7skJef3mJjI5Ic99ch0xPYVTp2DyVdDiNdBy1I4C0O1RoxNgT58YxVPBJasxk4KbCll%2BFfmud6AuyMuz%2FdT%2BfhOCnZF5gNkKma3wqfyZoKcejO6YkhzeMaUjjzayXKZyj053dzenufC%2B%2FkDslsby1dtu%2BNU7bEpMy5N7wuVrVHOpe458syw5F3bFWCbID6tuS8SbhdteLqwusrXNd1dW08wK56TRY1D55No1MDkhzzz%2Ba%2FYqX7p4BdKOYYsKabFQKs0pWLYPly16zhBYtcBx5qEsqpGN4kVTSQIlFpjGFZw4%2B%2FGPfy8t6gP3AD3rgeb3odMKfVuhrypQNYQr%2FjfKM3v29q%2F1WSBW3ihW1juMlVVfXI7WyXNfNJMgEUEk4qQbJ20a8G7S6Ma0G4p23KQhcjcR4vsb%2FwAAAP%2F%2FAQAA%2F%2F9rsFVpbQQAAA%3D%3D
200 OK 7 B URL GET HTTP/1.1 proceedglad.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRuu3m8%2FPCgLiiCKQrMgrLBOunt%2BuwcxrpFgTOLuSk4eqquqJ2Wqq5qq7ulJTsEF2eN489h5JtmgBnG9izLxsgSEHQ%2BSg%2FkbBHHxKDMZGXyh%2B32f96mC53nf%2BvyguCABCnq%2B%2BaHZk0rRpWYt8G9sSc1N6fz1e34Y1IJb%2FpbUrcYtfzD92f5bYdCsBW%2F47wu2Y5aiIAyCMAj9FWlFYgZLMxYyO%2BmGtW5Qa0S1sNnAwP4Xu8KDox54%2F4K8AMkn%2F99%2B%2FAiSjaHT724Lt5Ob7OZ7aaFobiz6%2FPhjvaNNqZEuysR6SPTx%2FDSMmxDy5RUYfTx3ANM%2FnDpALCfE%2By1ErI%2FnMhH3jy6VxgpCI%2BbPouyPIdQYko7BzH1I%2FoQAjGN9Azp9uG5sSXcvWTplJ%2BTq0z8hywm5%2BvuL0Om3y0oO%2FLtGFbk02mGQVJCDMWRvjKw4Rb7nQZanYPlnkPwXsvR0DTo93HDKQPJq5l7KMWQyhhJDUOehmH7SQ5F4KDIPKT%2F3abObBEE7iZN6vdNgjNXrjDU7Ld7k9UYnCVCwqbwh8mwIpoZgdh%2BZ3ceOHMIWP8FtV3Dcg8snxPtoH31eoRQEpSMoKUEpCcqcoOxXR1y5yFUPuXJFHM5zNM%2F1amTy3gE9MnlPaHKQXZDnp3Pxrm9ex44496OwFcSdqBXRZifiSdQO6jxMWq0oitpxvcPgZAXprsys7skJef3mJjI5Ic99ch0xPYVTp2DyVdDiNdBy1I4C0O1RoxNgT58YxVPBJasxk4KbCll%2BFfmud6AuyMuz%2FdT%2BfhOCnZF5gNkKma3wqfyZoKcejO6YkhzeMaUjjzayXKZyj053dzenufC%2B%2FkDslsby1dtu%2BNU7bEpMy5N7wuVrVHOpe458syw5F3bFWCbID6tuS8SbhdteLqwusrXNd1dW08wK56TRY1D55No1MDkhzzz%2Ba%2FYqX7p4BdKOYYsKabFQKs0pWLYPly16zhBYtcBx5qEsqpGN4kVTSQIlFpjGFZw4%2B%2FGPfy8t6gP3AD3rgeb3odMKfVuhrypQNYQr%2FjfKM3v29q%2F1WSBW3ihW1juMlVVfXI7WyXNfNJMgEUEk4qQbJ20a8G7S6Ma0G4p23KQhcjcR4vsb%2FwAAAP%2F%2FAQAA%2F%2F9rsFVpbQQAAA%3D%3D
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectproceedglad.com
FingerprintF9:04:D4:C5:64:56:F0:7B:9E:AE:0C:CB:EC:1A:5E:E9:8E:9E:86:E3
ValidityWed, 22 Nov 2023 07:26:18 GMT - Tue, 20 Feb 2024 07:26:17 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRuu3m8%2FPCgLiiCKQrMgrLBOunt%2BuwcxrpFgTOLuSk4eqquqJ2Wqq5qq7ulJTsEF2eN489h5JtmgBnG9izLxsgSEHQ%2BSg%2FkbBHHxKDMZGXyh%2B32f96mC53nf%2BvyguCABCnq%2B%2BaHZk0rRpWYt8G9sSc1N6fz1e34Y1IJb%2FpbUrcYtfzD92f5bYdCsBW%2F47wu2Y5aiIAyCMAj9FWlFYgZLMxYyO%2BmGtW5Qa0S1sNnAwP4Xu8KDox54%2F4K8AMkn%2F99%2B%2FAiSjaHT724Lt5Ob7OZ7aaFobiz6%2FPhjvaNNqZEuysR6SPTx%2FDSMmxDy5RUYfTx3ANM%2FnDpALCfE%2By1ErI%2FnMhH3jy6VxgpCI%2BbPouyPIdQYko7BzH1I%2FoQAjGN9Azp9uG5sSXcvWTplJ%2BTq0z8hywm5%2BvuL0Om3y0oO%2FLtGFbk02mGQVJCDMWRvjKw4Rb7nQZanYPlnkPwXsvR0DTo93HDKQPJq5l7KMWQyhhJDUOehmH7SQ5F4KDIPKT%2F3abObBEE7iZN6vdNgjNXrjDU7Ld7k9UYnCVCwqbwh8mwIpoZgdh%2BZ3ceOHMIWP8FtV3Dcg8snxPtoH31eoRQEpSMoKUEpCcqcoOxXR1y5yFUPuXJFHM5zNM%2F1amTy3gE9MnlPaHKQXZDnp3Pxrm9ex44496OwFcSdqBXRZifiSdQO6jxMWq0oitpxvcPgZAXprsys7skJef3mJjI5Ic99ch0xPYVTp2DyVdDiNdBy1I4C0O1RoxNgT58YxVPBJasxk4KbCll%2BFfmud6AuyMuz%2FdT%2BfhOCnZF5gNkKma3wqfyZoKcejO6YkhzeMaUjjzayXKZyj053dzenufC%2B%2FkDslsby1dtu%2BNU7bEpMy5N7wuVrVHOpe458syw5F3bFWCbID6tuS8SbhdteLqwusrXNd1dW08wK56TRY1D55No1MDkhzzz%2Ba%2FYqX7p4BdKOYYsKabFQKs0pWLYPly16zhBYtcBx5qEsqpGN4kVTSQIlFpjGFZw4%2B%2FGPfy8t6gP3AD3rgeb3odMKfVuhrypQNYQr%2FjfKM3v29q%2F1WSBW3ihW1juMlVVfXI7WyXNfNJMgEUEk4qQbJ20a8G7S6Ma0G4p23KQhcjcR4vsb%2FwAAAP%2F%2FAQAA%2F%2F9rsFVpbQQAAA%3D%3D HTTP/1.1
Host: proceedglad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Cookie: u_pl=19025954; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 09:26:01 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 89492c14edfac9df25ab20e9adc3c038
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1701163565768&d=11986&wsc=00&typ=embed&mobile=0&c=44
200 OK 126 B URL GET HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1701163565768&d=11986&wsc=00&typ=embed&mobile=0&c=44
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintAB:87:BF:D8:2A:47:42:48:16:B8:D6:C0:E7:2B:03:F6:B7:8E:0B:FA
ValiditySun, 22 Oct 2023 09:31:33 GMT - Sat, 20 Jan 2024 09:31:32 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1701163565768&d=11986&wsc=00&typ=embed&mobile=0&c=44 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Tue, 28 Nov 2023 09:26:01 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Tuesday, 28-Nov-2023 09:26:01 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
30 kB URL imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (2932)
Hash 8f9de88ce3f8c9d139d2f2cbe690a19c
44a883f299845f9ca9ccac700e15a99f70360858
1ffcd332e3ba9ca17685961744ad95a996079fc73be19c34aab467a85f730bec
GET /js/sdkloader/gpt_proxy.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 30077
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Nov 2023 09:16:31 GMT
expires: Tue, 28 Nov 2023 09:31:31 GMT
cache-control: public, max-age=900
age: 570
last-modified: Wed, 15 Nov 2023 19:13:18 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
imasdk.googleapis.com/js/sdkloader/ima3.js
200 OK 128 kB URL GET HTTP/3 imasdk.googleapis.com/js/sdkloader/ima3.js
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (2725)
Size 128 kB (128094 bytes)
Hash 865fefbe42a3df73ca64198c337b20e6
cd1304165333f9fc26d2aa716a4c50c8ce99fbae
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 128094
date: Tue, 28 Nov 2023 09:26:01 GMT
expires: Tue, 28 Nov 2023 09:26:01 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css
252 kB URL cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css
IP
Size 252 kB (251764 bytes)
Hash 80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:26:02 GMT
content-type: text/css
last-modified: Thu, 12 Aug 2021 09:52:53 GMT
etag: W/"6114ef75-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 344397
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgK6RnmeRKlGuDq57XzPY%2FZhdBYxusYoybWC2l51Nke%2FwrgL3eXjGsrKevhlYBdmcMLVU5%2BtcBU5drc90GjLBHCKlcd1Mk%2Bs13kAanss1dmv2sm6es4%2BM%2BLmIo3msu%2Fkezp5LSPb29Jt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d19126bd5163c1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1701163566108&event=plimpression&d=11986&vs=0&aps=4&playerVisible=0&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
200 OK 126 B URL GET HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1701163566108&event=plimpression&d=11986&vs=0&aps=4&playerVisible=0&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintAB:87:BF:D8:2A:47:42:48:16:B8:D6:C0:E7:2B:03:F6:B7:8E:0B:FA
ValiditySun, 22 Oct 2023 09:31:33 GMT - Sat, 20 Jan 2024 09:31:32 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1701163566108&event=plimpression&d=11986&vs=0&aps=4&playerVisible=0&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Tue, 28 Nov 2023 09:26:02 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Tuesday, 28-Nov-2023 09:26:02 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg
200 OK 65 kB URL GET HTTP/3 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=242, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=364], progressive, precision 8, 364x242, components 3\012- data
Hash 61f7b1fa1698507638df7882e2bdfcaf
89134af9a734f4c30d0db01ea36c86895e46b7e3
bc0a583f7e3c834e53d5263ecc90d279b27460ea2e9bce56b7ac6b129eb5849c
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 28 Nov 2023 09:26:02 GMT
content-type: image/jpeg
content-length: 64642
last-modified: Thu, 12 Aug 2021 09:52:54 GMT
etag: "6114ef76-fc82"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1405683
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKL2LcKw5kpZ%2FgMp%2FMyAjhXu%2FaG2oirQMVSI59IfarrlrcJTHW6MsCQ%2FABSTKG%2FOyyurEc5M4ssBYiNf6MP4P1NZyJd9Qwz2HQ5J7a%2FlGBmUyTzbdIz57bPVZFF48Tig%2FqAHScNye%2BgV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d191278c7063dd-LHR
alt-svc: h3=":443"; ma=86400
cdn.onnetwork.tv/cnt/a_cntm.png?ts=1701163566121&i=1377120&d=11986&wsc=ab&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=4&vs=40
200 OK 126 B URL GET HTTP/2 cdn.onnetwork.tv/cnt/a_cntm.png?ts=1701163566121&i=1377120&d=11986&wsc=ab&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=4&vs=40
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintAB:87:BF:D8:2A:47:42:48:16:B8:D6:C0:E7:2B:03:F6:B7:8E:0B:FA
ValiditySun, 22 Oct 2023 09:31:33 GMT - Sat, 20 Jan 2024 09:31:32 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntm.png?ts=1701163566121&i=1377120&d=11986&wsc=ab&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=4&vs=40 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Tue, 28 Nov 2023 09:26:02 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Tuesday, 28-Nov-2023 09:26:02 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1701163566122&d=11986&wsc=ab&typ=embed&mobile=0&c=45
200 OK 126 B URL GET HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1701163566122&d=11986&wsc=ab&typ=embed&mobile=0&c=45
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintAB:87:BF:D8:2A:47:42:48:16:B8:D6:C0:E7:2B:03:F6:B7:8E:0B:FA
ValiditySun, 22 Oct 2023 09:31:33 GMT - Sat, 20 Jan 2024 09:31:32 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1701163566122&d=11986&wsc=ab&typ=embed&mobile=0&c=45 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Tue, 28 Nov 2023 09:26:02 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Tuesday, 28-Nov-2023 09:26:02 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
45 kB URL fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Hash da0a99894f0ee058f0320d98a4fe6ebf
baca698d76c20c570c7f62857c770981f2ff7622
f0ed7502368bfa65e07b33a7b334443e01805482932dae07687cae481b60148f
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Nov 2023 09:26:02 GMT
date: Tue, 28 Nov 2023 09:26:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.onnetwork.tv/img/black2.mp4
2.2 kB URL cdn.onnetwork.tv/img/black2.mp4
IP
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 5cb95b4168423a49376882e1b2ba6171
8f6cc8c3da7687921eb12ef0d20769b988626f88
6212a4c6fd9be62d0795e3957471693cb344af6f21c2bbe0e957f3ed82520f1b
GET /img/black2.mp4 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
server: XO.webservantpro
date: Tue, 28 Nov 2023 09:26:02 GMT
content-type: video/mp4
content-length: 2238
last-modified: Tue, 15 Nov 2022 12:58:10 GMT
etag: "63738ce2-8be"
expires: Sat, 15 Jun 2024 09:26:02 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-range: bytes 0-2237/2238
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/1/3/1377120_6m.jpg
23 kB URL cdnt.onnetwork.tv/poster/1/3/1377120_6m.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash a7428b950a02e1f0e517d293658f5b54
77b3cd2a79fbe8b8a78e59904c95763f304e0724
fa8eaa33f51d4911b191ae7878c6bc39e80d34ed4db8f36b6873e1ddf3b96c33
GET /poster/1/3/1377120_6m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: XO.webservantpro
date: Tue, 28 Nov 2023 09:26:02 GMT
content-type: image/jpeg
content-length: 22824
last-modified: Mon, 27 Nov 2023 10:46:30 GMT
etag: "65647386-5928"
expires: Sat, 15 Jun 2024 09:26:02 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/destination?id=G-KSCXDDB4SG&l=dataLayer&cx=c
200 OK 90 kB URL GET HTTP/3 www.googletagmanager.com/gtag/destination?id=G-KSCXDDB4SG&l=dataLayer&cx=c
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (5955)
Hash f2be6c482bb0c853cdedc2f63c2d5f5c
a19ff43a86a08d6560193ce5e117af46afef590c
7b18e89b20159f8fddcf7bc1866fab2cfb32c7c522b8a89bb3d4e27ca69ac280
GET /gtag/destination?id=G-KSCXDDB4SG&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 09:26:02 GMT
expires: Tue, 28 Nov 2023 09:26:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 04:57:34 GMT
expires: Fri, 22 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 448109
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
16 kB URL fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 04:53:27 GMT
expires: Fri, 22 Nov 2024 04:53:27 GMT
cache-control: public, max-age=31536000
age: 448356
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
proceedglad.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3l9%2BeFAWFEEUhSEgrLBO%2BmO%2B4h7EuEaCMYm7Kzl5qK6qnpSprmqquqcnOQUXZI%2FjzWPnmWSDGsT1LsrEyxIQdjxIDuZvEMTFo8xkZPCF7vd93qcKnud96%2FPD4pL4KOjF1odmXypFl5p1v3ZjW2puSlfbuFcL%2FLp%2Fq7Ytdatxq9af%2FGzvrcBv1v03au8LtmuWQj%2Fw%2FcAPaqvSisT0l6YsZHa6HNSX%2FXojrAfNBvr2v9gVHhz1wHuX5AVIPv7%2FzuNHkGwEnX53W7jd3GQ330sLRXNj0eMnH%2BtdbUqNdF4m1kOiT2anYdyYkC%2BvweiTmQOY3tHEAWI5Jt5vAWJ9MpOJuHd8pTRWEBoxfxZlbwShRpB0BGbuQ%2FInBGAcG5vQ6cMNY0u6d8XSCTsmC0%2F%2FhCzHZOH3F6HTb1eU7NfuGlXk0miHflJB9keQ3RGy4gz5vgdZnoHln0HyX8jS03Xo9GjTKQPJq6l7KUeQyQhKDECdh2LySQ9F4qHIPKT8okaby4nvt5M4iaJOgzEWRYw1Oy3e5FGjk%2Fgo2ETeAHk2AFMDMHuAzB5gVw5gi5%2Fgdio47sHlY%2BJ9dIAer1AKgtIRlJSglARlTlD2qmOuXOiqh1y5Ig5mOZzlqBqavHtIj03eFZocZpfk%2BclcvMWtReyKi1oYtPy4E7ZC2uyEPAnbfsSDpNUKw7AdRx0GJytId21qdV%2BOyes3t5DJMXnuk0XE9AxOnYHJV0GL10DLYTv0QXeGjY6PfX1qFE8Fl6zOTApuKmT5AvI971Bdkpen%2B6n%2F%2FSYEOyezALMVMlvhU%2FkzQVc9GN4xJTm6Y0pHHm1muUzlPp3s7m5Oc%2BF9%2FYHYK43la7fd4Kt32ISYlKf3hMvXqeZSdx35ZkVyLuyqsUyQH9bctoi3CrezUlhdZOtb766upZkVzkmjR6DyyfXrYHJMnnn81%2FRVvnT5CqQdwRYV0mKuVJozsOwALpv3nCGwao7jzENZVEMbxvOmkgRKzDGNKzhx%2FuMf%2F16a14fuAbrWA83vQ6cVerZCT1WgagBX%2FG%2BYZ%2Fb87V%2BjaSBW3jBW1juKlVVfXI3WyYtaM2iITtxpM85jwXjQDqNO5Psh5432sgiWkbuxEN%2Ff%2BAcAAP%2F%2FAQAA%2F%2F9%2FuNuPbQQAAA%3D%3D
7 B URL proceedglad.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3l9%2BeFAWFEEUhSEgrLBO%2BmO%2B4h7EuEaCMYm7Kzl5qK6qnpSprmqquqcnOQUXZI%2FjzWPnmWSDGsT1LsrEyxIQdjxIDuZvEMTFo8xkZPCF7vd93qcKnud96%2FPD4pL4KOjF1odmXypFl5p1v3ZjW2puSlfbuFcL%2FLp%2Fq7Ytdatxq9af%2FGzvrcBv1v03au8LtmuWQj%2Fw%2FcAPaqvSisT0l6YsZHa6HNSX%2FXojrAfNBvr2v9gVHhz1wHuX5AVIPv7%2FzuNHkGwEnX53W7jd3GQ330sLRXNj0eMnH%2BtdbUqNdF4m1kOiT2anYdyYkC%2BvweiTmQOY3tHEAWI5Jt5vAWJ9MpOJuHd8pTRWEBoxfxZlbwShRpB0BGbuQ%2FInBGAcG5vQ6cMNY0u6d8XSCTsmC0%2F%2FhCzHZOH3F6HTb1eU7NfuGlXk0miHflJB9keQ3RGy4gz5vgdZnoHln0HyX8jS03Xo9GjTKQPJq6l7KUeQyQhKDECdh2LySQ9F4qHIPKT8okaby4nvt5M4iaJOgzEWRYw1Oy3e5FGjk%2Fgo2ETeAHk2AFMDMHuAzB5gVw5gi5%2Fgdio47sHlY%2BJ9dIAer1AKgtIRlJSglARlTlD2qmOuXOiqh1y5Ig5mOZzlqBqavHtIj03eFZocZpfk%2BclcvMWtReyKi1oYtPy4E7ZC2uyEPAnbfsSDpNUKw7AdRx0GJytId21qdV%2BOyes3t5DJMXnuk0XE9AxOnYHJV0GL10DLYTv0QXeGjY6PfX1qFE8Fl6zOTApuKmT5AvI971Bdkpen%2B6n%2F%2FSYEOyezALMVMlvhU%2FkzQVc9GN4xJTm6Y0pHHm1muUzlPp3s7m5Oc%2BF9%2FYHYK43la7fd4Kt32ISYlKf3hMvXqeZSdx35ZkVyLuyqsUyQH9bctoi3CrezUlhdZOtb766upZkVzkmjR6DyyfXrYHJMnnn81%2FRVvnT5CqQdwRYV0mKuVJozsOwALpv3nCGwao7jzENZVEMbxvOmkgRKzDGNKzhx%2FuMf%2F16a14fuAbrWA83vQ6cVerZCT1WgagBX%2FG%2BYZ%2Fb87V%2BjaSBW3jBW1juKlVVfXI3WyYtaM2iITtxpM85jwXjQDqNO5Psh5432sgiWkbuxEN%2Ff%2BAcAAP%2F%2FAQAA%2F%2F9%2FuNuPbQQAAA%3D%3D
IP
Certificate IssuerLet's Encrypt
Subjectproceedglad.com
FingerprintF9:04:D4:C5:64:56:F0:7B:9E:AE:0C:CB:EC:1A:5E:E9:8E:9E:86:E3
ValidityWed, 22 Nov 2023 07:26:18 GMT - Tue, 20 Feb 2024 07:26:17 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3l9%2BeFAWFEEUhSEgrLBO%2BmO%2B4h7EuEaCMYm7Kzl5qK6qnpSprmqquqcnOQUXZI%2FjzWPnmWSDGsT1LsrEyxIQdjxIDuZvEMTFo8xkZPCF7vd93qcKnud96%2FPD4pL4KOjF1odmXypFl5p1v3ZjW2puSlfbuFcL%2FLp%2Fq7Ytdatxq9af%2FGzvrcBv1v03au8LtmuWQj%2Fw%2FcAPaqvSisT0l6YsZHa6HNSX%2FXojrAfNBvr2v9gVHhz1wHuX5AVIPv7%2FzuNHkGwEnX53W7jd3GQ330sLRXNj0eMnH%2BtdbUqNdF4m1kOiT2anYdyYkC%2BvweiTmQOY3tHEAWI5Jt5vAWJ9MpOJuHd8pTRWEBoxfxZlbwShRpB0BGbuQ%2FInBGAcG5vQ6cMNY0u6d8XSCTsmC0%2F%2FhCzHZOH3F6HTb1eU7NfuGlXk0miHflJB9keQ3RGy4gz5vgdZnoHln0HyX8jS03Xo9GjTKQPJq6l7KUeQyQhKDECdh2LySQ9F4qHIPKT8okaby4nvt5M4iaJOgzEWRYw1Oy3e5FGjk%2Fgo2ETeAHk2AFMDMHuAzB5gVw5gi5%2Fgdio47sHlY%2BJ9dIAer1AKgtIRlJSglARlTlD2qmOuXOiqh1y5Ig5mOZzlqBqavHtIj03eFZocZpfk%2BclcvMWtReyKi1oYtPy4E7ZC2uyEPAnbfsSDpNUKw7AdRx0GJytId21qdV%2BOyes3t5DJMXnuk0XE9AxOnYHJV0GL10DLYTv0QXeGjY6PfX1qFE8Fl6zOTApuKmT5AvI971Bdkpen%2B6n%2F%2FSYEOyezALMVMlvhU%2FkzQVc9GN4xJTm6Y0pHHm1muUzlPp3s7m5Oc%2BF9%2FYHYK43la7fd4Kt32ISYlKf3hMvXqeZSdx35ZkVyLuyqsUyQH9bctoi3CrezUlhdZOtb766upZkVzkmjR6DyyfXrYHJMnnn81%2FRVvnT5CqQdwRYV0mKuVJozsOwALpv3nCGwao7jzENZVEMbxvOmkgRKzDGNKzhx%2FuMf%2F16a14fuAbrWA83vQ6cVerZCT1WgagBX%2FG%2BYZ%2Fb87V%2BjaSBW3jBW1juKlVVfXI3WyYtaM2iITtxpM85jwXjQDqNO5Psh5432sgiWkbuxEN%2Ff%2BAcAAP%2F%2FAQAA%2F%2F9%2FuNuPbQQAAA%3D%3D HTTP/1.1
Host: proceedglad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Cookie: u_pl=19025954; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 09:26:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a981b1cd0d00525ed64fa7b629964dad
Strict-Transport-Security: max-age=0; includeSubdomains
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/hYvJ-8xs_FI
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type JSON data\012- , ASCII text
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1701163567287
Content-Type: application/json
X-Goog-Visitor-Id: CgtrVkYtaE85cWE5Yyin5JarBjIICgJOTxICEgA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231119.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1701163563711&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C678%2C400&vis=1&wgl=true&ca_type=image
Content-Length: 17132
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hYvJ-8xs_FI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Tue, 28 Nov 2023 09:26:03 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+744; expires=Thu, 27-Nov-2025 09:26:03 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 09:26:03 GMT
cache-control: private
proceedglad.com/pixel/sbs?c=1
200 OK 0 B URL GET HTTP/1.1 proceedglad.com/pixel/sbs?c=1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectproceedglad.com
FingerprintF9:04:D4:C5:64:56:F0:7B:9E:AE:0C:CB:EC:1A:5E:E9:8E:9E:86:E3
ValidityWed, 22 Nov 2023 07:26:18 GMT - Tue, 20 Feb 2024 07:26:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: proceedglad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Cookie: u_pl=19025954; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 09:26:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
csi.gstatic.com/csi?v=2&s=ima&puid=1~lpi4v478&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=1~lpi4v478&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~lpi4v478&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=ima&puid=2~lpi4v55q&c=4904096683798&slotId=2452048341899&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807947
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=2~lpi4v55q&c=4904096683798&slotId=2452048341899&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807947
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=2~lpi4v55q&c=4904096683798&slotId=2452048341899&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807947 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rtb.hhkld.com/vast/cs?zone=106832&w=432&h=243&vp=4&site=https%3A%2F%2Fit.oldmedic.com%2Fburosumab&gdpr=0&consent=&_timestamp=1701163565531
958 B URL rtb.hhkld.com/vast/cs?zone=106832&w=432&h=243&vp=4&site=https%3A%2F%2Fit.oldmedic.com%2Fburosumab&gdpr=0&consent=&_timestamp=1701163565531
IP
File type gzip compressed data, from Unix\012- data
Hash 98afd9e7c64724e15bc837e5dfa1b8c8
3de3f8f0994f8d12c100b8e1140d675c10b1d062
70c430f87d70932e2989bef0ff21044208daf7c43b2a8f8b38cc64df17aa2c50
GET /vast/cs?zone=106832&w=432&h=243&vp=4&site=https%3A%2F%2Fit.oldmedic.com%2Fburosumab&gdpr=0&consent=&_timestamp=1701163565531 HTTP/1.1
Host: rtb.hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:03 GMT
content-type: text/xml
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: https://imasdk.googleapis.com
last-modified: Tue, 28 Nov 2023 09:26:03 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=clir4an2tal488ar39hgXx; expires=Thu, 28 Nov 2024 09:26:02 GMT; domain=.hhkld.com; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
rtb-apac.rtbserve.io/win?i=44tyWjY9zVs_0&p=1701163562.201966&f=nurlnw
3.1 kB URL rtb-apac.rtbserve.io/win?i=44tyWjY9zVs_0&p=1701163562.201966&f=nurlnw
IP
ASN #393710 WEBAIR-INTERNET-SINGAPORE
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (3053), with no line terminators
Hash 5de94d2711f013e0b9e3f84066efec0e
fe9f829182b0ad3014009b7afed041ccd0b18275
eb3942e4d11ecf5b98d4531b25154a3de6b52e4e363d8b598f12656f560cd1e6
GET /win?i=44tyWjY9zVs_0&p=1701163562.201966&f=nurlnw HTTP/1.1
Host: rtb-apac.rtbserve.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 09:26:03 GMT
Content-Type: text/xml
Content-Length: 3053
Connection: keep-alive
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163568029&t_dsp_request=3063&t_player_start=3399&t_page_load=5919
200 OK 0 B URL GET HTTP/2 hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163568029&t_dsp_request=3063&t_player_start=3399&t_page_load=5919
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163568029&t_dsp_request=3063&t_player_start=3399&t_page_load=5919 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:04 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163568048&t_player_start=3418&t_page_load=5938
200 OK 0 B URL GET HTTP/2 hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163568048&t_player_start=3418&t_page_load=5938
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163568048&t_player_start=3418&t_page_load=5938 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:04 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=c66659ef-d1cc-484c-9a2b-549ec7e46b2a&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=2160b8262a582df2703d1f662227b38c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9
1 B URL unseenreport.com/pxf.gif?uuid=c66659ef-d1cc-484c-9a2b-549ec7e46b2a&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=2160b8262a582df2703d1f662227b38c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=c66659ef-d1cc-484c-9a2b-549ec7e46b2a&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=2160b8262a582df2703d1f662227b38c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 09:26:04 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d59d52f6c3b7fad859ff55fb4ac4ed52
Strict-Transport-Security: max-age=0; includeSubdomains
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi.gstatic.com/csi?v=2&s=ima&puid=3~lpi4v57p&c=4904096683798&slotId=2452048341899&vast_v=3.0&nlc=0
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=3~lpi4v57p&c=4904096683798&slotId=2452048341899&vast_v=3.0&nlc=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=3~lpi4v57p&c=4904096683798&slotId=2452048341899&vast_v=3.0&nlc=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi.gstatic.com/csi?v=2&s=ima&puid=4~lpi4v5vc&c=4904096683798&slotId=2452048341899&uet=2&faa=1
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=4~lpi4v5vc&c=4904096683798&slotId=2452048341899&uet=2&faa=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=4~lpi4v5vc&c=4904096683798&slotId=2452048341899&uet=2&faa=1 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163568657&t_dsp_request=611&t_player_start=4027&t_page_load=6547
0 B URL hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163568657&t_dsp_request=611&t_player_start=4027&t_page_load=6547
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163568657&t_dsp_request=611&t_player_start=4027&t_page_load=6547 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:04 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163568678&t_player_start=4048&t_page_load=6568
0 B URL hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163568678&t_player_start=4048&t_page_load=6568
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163568678&t_player_start=4048&t_page_load=6568 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:04 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=32075&v=20&cb=1701163569292&t_dsp_request=620&t_player_start=4662&t_page_load=7182
0 B URL hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=32075&v=20&cb=1701163569292&t_dsp_request=620&t_player_start=4662&t_page_load=7182
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=32075&v=20&cb=1701163569292&t_dsp_request=620&t_player_start=4662&t_page_load=7182 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:05 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163569315&t_player_start=4685&t_page_load=7206
200 OK 0 B URL GET HTTP/2 hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163569315&t_player_start=4685&t_page_load=7206
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163569315&t_player_start=4685&t_page_load=7206 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:05 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi.gstatic.com/csi?v=2&s=ima&puid=1~lpi4v75u&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=1~lpi4v75u&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~lpi4v75u&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rtb.hhkld.com/vast/cs?zone=106832&w=432&h=243&vp=4&site=https%3A%2F%2Fit.oldmedic.com%2Fburosumab&gdpr=0&consent=&_timestamp=1701163569344
456 B URL rtb.hhkld.com/vast/cs?zone=106832&w=432&h=243&vp=4&site=https%3A%2F%2Fit.oldmedic.com%2Fburosumab&gdpr=0&consent=&_timestamp=1701163569344
IP
File type XML 1.0 document text\012- XML document, ASCII text
Hash 130755e0fc4be82dad64d042076a0d9f
c988ae45ba805aa12c8b013b04b652e6b198b560
8fc02ab550fa46ecdbd5bf70c09c50f4cf7f8b6da5059c06ae49291477959099
GET /vast/cs?zone=106832&w=432&h=243&vp=4&site=https%3A%2F%2Fit.oldmedic.com%2Fburosumab&gdpr=0&consent=&_timestamp=1701163569344 HTTP/1.1
Host: rtb.hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:06 GMT
content-type: text/xml
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: https://imasdk.googleapis.com
last-modified: Tue, 28 Nov 2023 09:26:06 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=clir4bn2tal488ar45bgXx; expires=Thu, 28 Nov 2024 09:26:06 GMT; domain=.hhkld.com; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
rtb-apac.rtbserve.io/win?i=UAVazaUJzRQ_0&p=1701163566.201966&f=nurlnw
3.1 kB URL rtb-apac.rtbserve.io/win?i=UAVazaUJzRQ_0&p=1701163566.201966&f=nurlnw
IP
ASN #393710 WEBAIR-INTERNET-SINGAPORE
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (3053), with no line terminators
Hash e3c36f64a724bed0d85dcfeb1a488994
be9fc3e26b3106bbc8cfcf0c4e522fccb7b71bb9
830b9802a0ae9d7d5aa5650cc255673b42df1206c2eadd98fc9e90d16c3e7f7f
GET /win?i=UAVazaUJzRQ_0&p=1701163566.201966&f=nurlnw HTTP/1.1
Host: rtb-apac.rtbserve.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 09:26:07 GMT
Content-Type: text/xml
Content-Length: 3053
Connection: keep-alive
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163571126&t_dsp_request=1814&t_player_start=6497&t_page_load=9016
0 B URL hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163571126&t_dsp_request=1814&t_player_start=6497&t_page_load=9016
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163571126&t_dsp_request=1814&t_player_start=6497&t_page_load=9016 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:07 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player86/player_light_v.js?s=1700781586
200 OK 330 kB URL GET HTTP/2 cdn.onnetwork.tv/js/player86/player_light_v.js?s=1700781586
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintAB:87:BF:D8:2A:47:42:48:16:B8:D6:C0:E7:2B:03:F6:B7:8E:0B:FA
ValiditySun, 22 Oct 2023 09:31:33 GMT - Sat, 20 Jan 2024 09:31:32 GMT
File type C++ source, ASCII text, with very long lines (1252)
Size 330 kB (330088 bytes)
Hash 8b18a44a729a90637075f934c6a6dc64
c54680edd87bf0a9699bac658f60aa86e2768eaf
8302289e0443fdf33ce593aae299fd91a8528d96d2f181b28794cd98f9860016
GET /js/player86/player_light_v.js?s=1700781586 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Tue, 28 Nov 2023 09:26:01 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 23:19:46 GMT
vary: Accept-Encoding
etag: W/"655fde12-4b95f"
expires: Sat, 15 Jun 2024 09:26:01 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163571151&t_player_start=6522&t_page_load=9041
0 B URL hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163571151&t_player_start=6522&t_page_load=9041
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163571151&t_player_start=6522&t_page_load=9041 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:07 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
rtb.hhkld.com/wrapper/078clir4bn2tal488ar45b0
497 B URL rtb.hhkld.com/wrapper/078clir4bn2tal488ar45b0
IP
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (2005), with no line terminators
Hash 8cb12f0252b8109c8700fa2d5106c750
2b608ae0fe503e31adda191f613aa50e3c1402b5
68568fb046b387f1edd716f54ff5580aa1ad2f094aa8f64b3d32760b69392de7
GET /wrapper/078clir4bn2tal488ar45b0 HTTP/1.1
Host: rtb.hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:06 GMT
content-type: application/xml; charset=utf-8
age: 0
cache-control: no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: https://imasdk.googleapis.com
content-encoding: gzip
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=ima&puid=4~lpi4v890&c=4904096683798&slotId=2452048341899&uet=2&faa=1
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=4~lpi4v890&c=4904096683798&slotId=2452048341899&uet=2&faa=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=4~lpi4v890&c=4904096683798&slotId=2452048341899&uet=2&faa=1 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163571758&t_dsp_request=610&t_player_start=7128&t_page_load=9648
0 B URL hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163571758&t_dsp_request=610&t_player_start=7128&t_page_load=9648
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163571758&t_dsp_request=610&t_player_start=7128&t_page_load=9648 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:07 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163571775&t_player_start=7145&t_page_load=9665
200 OK 0 B URL GET HTTP/2 hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163571775&t_player_start=7145&t_page_load=9665
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163571775&t_player_start=7145&t_page_load=9665 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:07 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=32075&v=20&cb=1701163572386&t_dsp_request=615&t_player_start=7756&t_page_load=10275
0 B URL hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=32075&v=20&cb=1701163572386&t_dsp_request=615&t_player_start=7756&t_page_load=10275
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=32075&v=20&cb=1701163572386&t_dsp_request=615&t_player_start=7756&t_page_load=10275 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:08 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163572397&t_player_start=7767&t_page_load=10287
200 OK 0 B URL GET HTTP/2 hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163572397&t_player_start=7767&t_page_load=10287
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163572397&t_player_start=7767&t_page_load=10287 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:08 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi.gstatic.com/csi?v=2&s=ima&puid=1~lpi4v9kx&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=1~lpi4v9kx&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~lpi4v9kx&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi.gstatic.com/csi?v=2&s=ima&puid=2~lpi4va06&c=4904096683798&slotId=2452048341899&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807947
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=2~lpi4va06&c=4904096683798&slotId=2452048341899&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807947
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=2~lpi4va06&c=4904096683798&slotId=2452048341899&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807947 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rtb-apac.rtbserve.io/win?i=7RrD-qEoBGo_0&p=1701163569.201966&f=nurlnw
3.1 kB URL rtb-apac.rtbserve.io/win?i=7RrD-qEoBGo_0&p=1701163569.201966&f=nurlnw
IP
ASN #393710 WEBAIR-INTERNET-SINGAPORE
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (3053), with no line terminators
Hash ce61f4c3c6910d7d16a966f5f43e5923
b76aa67be4a6723d221acb094e81735a687850cd
e464ed4f0f0e1f0b71ef53dc4138e0371ea40df475b56e257a7b0d6ca0cf6309
GET /win?i=7RrD-qEoBGo_0&p=1701163569.201966&f=nurlnw HTTP/1.1
Host: rtb-apac.rtbserve.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 09:26:10 GMT
Content-Type: text/xml
Content-Length: 3053
Connection: keep-alive
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163574232&t_dsp_request=1837&t_player_start=9602&t_page_load=12123
0 B URL hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163574232&t_dsp_request=1837&t_player_start=9602&t_page_load=12123
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163574232&t_dsp_request=1837&t_player_start=9602&t_page_load=12123 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:10 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163574245&t_player_start=9615&t_page_load=12135
0 B URL hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163574245&t_player_start=9615&t_page_load=12135
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163574245&t_player_start=9615&t_page_load=12135 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:10 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=ima&puid=3~lpi4va1v&c=4904096683798&slotId=2452048341899&vast_v=3.0&nlc=0
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=3~lpi4va1v&c=4904096683798&slotId=2452048341899&vast_v=3.0&nlc=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=3~lpi4va1v&c=4904096683798&slotId=2452048341899&vast_v=3.0&nlc=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi.gstatic.com/csi?v=2&s=ima&puid=4~lpi4vanu&c=4904096683798&slotId=2452048341899&uet=2&faa=1
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=4~lpi4vanu&c=4904096683798&slotId=2452048341899&uet=2&faa=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=4~lpi4vanu&c=4904096683798&slotId=2452048341899&uet=2&faa=1 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163574845&t_dsp_request=603&t_player_start=10216&t_page_load=12736
0 B URL hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163574845&t_dsp_request=603&t_player_start=10216&t_page_load=12736
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163574845&t_dsp_request=603&t_player_start=10216&t_page_load=12736 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:10 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163574860&t_player_start=10231&t_page_load=12750
0 B URL hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163574860&t_player_start=10231&t_page_load=12750
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163574860&t_player_start=10231&t_page_load=12750 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:10 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=32075&v=20&cb=1701163575454&t_dsp_request=597&t_player_start=10824&t_page_load=13343
200 OK 0 B URL GET HTTP/2 hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=32075&v=20&cb=1701163575454&t_dsp_request=597&t_player_start=10824&t_page_load=13343
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=32075&v=20&cb=1701163575454&t_dsp_request=597&t_player_start=10824&t_page_load=13343 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:11 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163575465&t_player_start=10835&t_page_load=13355
200 OK 0 B URL GET HTTP/2 hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163575465&t_player_start=10835&t_page_load=13355
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163575465&t_player_start=10835&t_page_load=13355 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:11 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=ima&puid=1~lpi4vbvq&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=1~lpi4vbvq&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~lpi4vbvq&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi.gstatic.com/csi?v=2&s=ima&puid=2~lpi4vci5&c=4904096683798&slotId=2452048341899&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807947
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=2~lpi4vci5&c=4904096683798&slotId=2452048341899&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807947
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=2~lpi4vci5&c=4904096683798&slotId=2452048341899&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807947 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rtb.hhkld.com/vast/cs?zone=106832&w=432&h=243&vp=4&site=https%3A%2F%2Fit.oldmedic.com%2Fburosumab&gdpr=0&consent=&_timestamp=1701163575487
200 OK 4.0 kB URL GET HTTP/2 rtb.hhkld.com/vast/cs?zone=106832&w=432&h=243&vp=4&site=https%3A%2F%2Fit.oldmedic.com%2Fburosumab&gdpr=0&consent=&_timestamp=1701163575487
IP
Requested by https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html#goog_952094391
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
File type gzip compressed data, from Unix\012- data
Hash 1e8e2cb7c25d64d945e20523e8a71f96
5b936dc56cd219b4909ddae39a8ad60018137b5b
ba2b626d1ae7dcf96ecf068cc95faf717900ba85569da08f0db7d601316bc39a
GET /vast/cs?zone=106832&w=432&h=243&vp=4&site=https%3A%2F%2Fit.oldmedic.com%2Fburosumab&gdpr=0&consent=&_timestamp=1701163575487 HTTP/1.1
Host: rtb.hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:12 GMT
content-type: text/xml
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: https://imasdk.googleapis.com
last-modified: Tue, 28 Nov 2023 09:26:12 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=clir4d72tal488ar5om0Xx; expires=Thu, 28 Nov 2024 09:26:12 GMT; domain=.hhkld.com; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163577466&t_dsp_request=2003&t_player_start=12836&t_page_load=15356
0 B URL hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163577466&t_dsp_request=2003&t_player_start=12836&t_page_load=15356
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163577466&t_dsp_request=2003&t_player_start=12836&t_page_load=15356 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:13 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163577499&t_player_start=12869&t_page_load=15388
0 B URL hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163577499&t_player_start=12869&t_page_load=15388
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163577499&t_player_start=12869&t_page_load=15388 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:13 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi.gstatic.com/csi?v=2&s=ima&puid=3~lpi4vcjq&c=4904096683798&slotId=2452048341899&vast_v=3.0&nlc=0
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=3~lpi4vcjq&c=4904096683798&slotId=2452048341899&vast_v=3.0&nlc=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=3~lpi4vcjq&c=4904096683798&slotId=2452048341899&vast_v=3.0&nlc=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi.gstatic.com/csi?v=2&s=ima&puid=4~lpi4vd5k&c=4904096683798&slotId=2452048341899&uet=2&faa=1
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=4~lpi4vd5k&c=4904096683798&slotId=2452048341899&uet=2&faa=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=4~lpi4vd5k&c=4904096683798&slotId=2452048341899&uet=2&faa=1 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163578122&t_dsp_request=626&t_player_start=13492&t_page_load=16012
0 B URL hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163578122&t_dsp_request=626&t_player_start=13492&t_page_load=16012
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163578122&t_dsp_request=626&t_player_start=13492&t_page_load=16012 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:14 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163578133&t_player_start=13503&t_page_load=16024
0 B URL hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163578133&t_player_start=13503&t_page_load=16024
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163578133&t_player_start=13503&t_page_load=16024 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:14 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
cdn.onnetwork.tv/css/player86.css?s=1696164487
258 kB URL cdn.onnetwork.tv/css/player86.css?s=1696164487
IP
File type Unicode text, UTF-8 text, with very long lines (15936)
Size 258 kB (258289 bytes)
Hash 59505146b1d115ebcff9ebe29c0186f5
70544af5169760fbec67dbd81a946bfd1e01d90d
ffaab1bb2a36dba080f433f0b4bd2f18fa8e27223c397d02dba6ebf403fedaf9
GET /css/player86.css?s=1696164487 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Tue, 28 Nov 2023 09:26:01 GMT
content-type: text/css
last-modified: Sun, 01 Oct 2023 12:48:07 GMT
vary: Accept-Encoding
etag: W/"65196a87-c176"
expires: Sat, 15 Jun 2024 09:26:01 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=32075&v=20&cb=1701163578764&t_dsp_request=633&t_player_start=14134&t_page_load=16654
200 OK 0 B URL GET HTTP/2 hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=32075&v=20&cb=1701163578764&t_dsp_request=633&t_player_start=14134&t_page_load=16654
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=32075&v=20&cb=1701163578764&t_dsp_request=633&t_player_start=14134&t_page_load=16654 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:14 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163578775&t_player_start=14145&t_page_load=16665
0 B URL hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163578775&t_player_start=14145&t_page_load=16665
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163578775&t_player_start=14145&t_page_load=16665 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:14 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi.gstatic.com/csi?v=2&s=ima&puid=1~lpi4vefe&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=1~lpi4vefe&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~lpi4vefe&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi.gstatic.com/csi?v=2&s=ima&puid=2~lpi4vewp&c=4904096683798&slotId=2452048341899&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807947
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=2~lpi4vewp&c=4904096683798&slotId=2452048341899&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807947
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=2~lpi4vewp&c=4904096683798&slotId=2452048341899&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807947 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rtb.hhkld.com/vast/cs?zone=106832&w=432&h=243&vp=4&site=https%3A%2F%2Fit.oldmedic.com%2Fburosumab&gdpr=0&consent=&_timestamp=1701163578800
4.0 kB URL rtb.hhkld.com/vast/cs?zone=106832&w=432&h=243&vp=4&site=https%3A%2F%2Fit.oldmedic.com%2Fburosumab&gdpr=0&consent=&_timestamp=1701163578800
IP
File type gzip compressed data, from Unix\012- data
Hash 8ad717e883771c463ac137d626aa06e4
7c4b54466f6cb030587304ff92758d28b46b09dd
7345a4a88a82e65c53831e4ec2753ab900e89e097706893d20f785da7be8d39b
GET /vast/cs?zone=106832&w=432&h=243&vp=4&site=https%3A%2F%2Fit.oldmedic.com%2Fburosumab&gdpr=0&consent=&_timestamp=1701163578800 HTTP/1.1
Host: rtb.hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:15 GMT
content-type: text/xml
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: https://imasdk.googleapis.com
last-modified: Tue, 28 Nov 2023 09:26:15 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=clir4dv2tal488ar6lagXx; expires=Thu, 28 Nov 2024 09:26:15 GMT; domain=.hhkld.com; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163580578&t_dsp_request=1806&t_player_start=15949&t_page_load=18469
0 B URL hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163580578&t_dsp_request=1806&t_player_start=15949&t_page_load=18469
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163580578&t_dsp_request=1806&t_player_start=15949&t_page_load=18469 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:16 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163580591&t_player_start=15961&t_page_load=18481
0 B URL hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163580591&t_player_start=15961&t_page_load=18481
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163580591&t_player_start=15961&t_page_load=18481 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:16 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=ima&puid=3~lpi4veye&c=4904096683798&slotId=2452048341899&vast_v=3.0&nlc=0
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=3~lpi4veye&c=4904096683798&slotId=2452048341899&vast_v=3.0&nlc=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=3~lpi4veye&c=4904096683798&slotId=2452048341899&vast_v=3.0&nlc=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi.gstatic.com/csi?v=2&s=ima&puid=4~lpi4vfk2&c=4904096683798&slotId=2452048341899&uet=2&faa=1
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=4~lpi4vfk2&c=4904096683798&slotId=2452048341899&uet=2&faa=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=4~lpi4vfk2&c=4904096683798&slotId=2452048341899&uet=2&faa=1 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163581182&t_dsp_request=594&t_player_start=16552&t_page_load=19071
0 B URL hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163581182&t_dsp_request=594&t_player_start=16552&t_page_load=19071
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163581182&t_dsp_request=594&t_player_start=16552&t_page_load=19071 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:17 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163581197&t_player_start=16567&t_page_load=19087
0 B URL hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163581197&t_player_start=16567&t_page_load=19087
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163581197&t_player_start=16567&t_page_load=19087 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:17 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=32075&v=20&cb=1701163581770&t_dsp_request=576&t_player_start=17140&t_page_load=19660
0 B URL hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=32075&v=20&cb=1701163581770&t_dsp_request=576&t_player_start=17140&t_page_load=19660
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=32075&v=20&cb=1701163581770&t_dsp_request=576&t_player_start=17140&t_page_load=19660 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:17 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163581781&t_player_start=17151&t_page_load=19670
0 B URL hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163581781&t_player_start=17151&t_page_load=19670
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31662&v=20&cb=1701163581781&t_player_start=17151&t_page_load=19670 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:17 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=ima&puid=1~lpi4vgqo&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=1~lpi4vgqo&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~lpi4vgqo&c=4904096683798&slotId=2452048341899&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi.gstatic.com/csi?v=2&s=ima&puid=2~lpi4vh84&c=4904096683798&slotId=2452048341899&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807947
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=2~lpi4vh84&c=4904096683798&slotId=2452048341899&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807947
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=2~lpi4vh84&c=4904096683798&slotId=2452048341899&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807947 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rtb.hhkld.com/vast/cs?zone=106832&w=432&h=243&vp=4&site=https%3A%2F%2Fit.oldmedic.com%2Fburosumab&gdpr=0&consent=&_timestamp=1701163581805
4.0 kB URL rtb.hhkld.com/vast/cs?zone=106832&w=432&h=243&vp=4&site=https%3A%2F%2Fit.oldmedic.com%2Fburosumab&gdpr=0&consent=&_timestamp=1701163581805
IP
File type gzip compressed data, from Unix\012- data
Hash 86c2e44342723eff32ed55b9075da4f1
38965f15f4887524586e9a0308a669d715d5f92a
1f8a84bab6f64fb79eac4708470ab57efb35ddaa8bbaaf466692e7170f19c621
GET /vast/cs?zone=106832&w=432&h=243&vp=4&site=https%3A%2F%2Fit.oldmedic.com%2Fburosumab&gdpr=0&consent=&_timestamp=1701163581805 HTTP/1.1
Host: rtb.hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:18 GMT
content-type: text/xml
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: https://imasdk.googleapis.com
last-modified: Tue, 28 Nov 2023 09:26:18 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: uid=clir4en2tal488ar7e80Xx; expires=Thu, 28 Nov 2024 09:26:18 GMT; domain=.hhkld.com; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163583600&t_dsp_request=1821&t_player_start=18970&t_page_load=21490
0 B URL hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163583600&t_dsp_request=1821&t_player_start=18970&t_page_load=21490
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31662&v=20&cb=1701163583600&t_dsp_request=1821&t_player_start=18970&t_page_load=21490 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:19 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163583620&t_player_start=18991&t_page_load=21511
0 B URL hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163583620&t_player_start=18991&t_page_load=21511
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=31893&v=20&cb=1701163583620&t_player_start=18991&t_page_load=21511 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:19 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447628
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi.gstatic.com/csi?v=2&s=ima&puid=3~lpi4vh9x&c=4904096683798&slotId=2452048341899&vast_v=3.0&nlc=0
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=3~lpi4vh9x&c=4904096683798&slotId=2452048341899&vast_v=3.0&nlc=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=3~lpi4vh9x&c=4904096683798&slotId=2452048341899&vast_v=3.0&nlc=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi.gstatic.com/csi?v=2&s=ima&puid=4~lpi4vhvh&c=4904096683798&slotId=2452048341899&uet=2&faa=1
0 B URL csi.gstatic.com/csi?v=2&s=ima&puid=4~lpi4vhvh&c=4904096683798&slotId=2452048341899&uet=2&faa=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=4~lpi4vhvh&c=4904096683798&slotId=2452048341899&uet=2&faa=1 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: *
date: Tue, 28 Nov 2023 09:26:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163584259&t_dsp_request=642&t_player_start=19629&t_page_load=22149
0 B URL hhkld.com/logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163584259&t_dsp_request=642&t_player_start=19629&t_page_load=22149
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/player?event=rtb&event2=destroy_empty&sid=106832&tid=31893&v=20&cb=1701163584259&t_dsp_request=642&t_player_start=19629&t_page_load=22149 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:20 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
247 kB URL imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 247 kB (246766 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163584273&t_player_start=19643&t_page_load=22162
0 B URL hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163584273&t_player_start=19643&t_page_load=22162
IP
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /logs/event/dsp?event=rtb&event2=request&sid=106832&tids=32075&v=20&cb=1701163584273&t_player_start=19643&t_page_load=22162 HTTP/1.1
Host: hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.oldmedic.com/
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:26:20 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/hYvJ-8xs_FI
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type JSON data\012- , ASCII text
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1701163584474
Content-Type: application/json
X-Goog-Visitor-Id: CgtrVkYtaE85cWE5Yyin5JarBjIICgJOTxICEgA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231119.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1701163563711&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C678%2C400&vis=1&wgl=true&ca_type=image
Content-Length: 831
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hYvJ-8xs_FI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Tue, 28 Nov 2023 09:26:20 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+947; expires=Thu, 27-Nov-2025 09:26:20 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 09:26:20 GMT
cache-control: private
video.onnetwork.tv/frame86.php?id=ffONNP93f33f7d1a5dd4f711a3fa43cc098c4217011635653811&iid=1701163565382&e=1&ap=4&map=1&umum=1&naa=0&lang=1&pinva=1&pinv=1&dpre=1&onnsfonn=1&vids=1377120&dpb=1&onnwid=11986&wtop=https%253A%252F%252Fit.oldmedic.com%252Fburosumab&apop=0&vpop=0&apopa=0&vpopa=0&cId=ndONNP93f33f7d1a5dd4f711a3fa43cc098c421701163565379&rrpt=%7B%22CxSegments%22%3Anull%7D
200 OK 23 kB URL GET HTTP/2 video.onnetwork.tv/frame86.php?id=ffONNP93f33f7d1a5dd4f711a3fa43cc098c4217011635653811&iid=1701163565382&e=1&ap=4&map=1&umum=1&naa=0&lang=1&pinva=1&pinv=1&dpre=1&onnsfonn=1&vids=1377120&dpb=1&onnwid=11986&wtop=https%253A%252F%252Fit.oldmedic.com%252Fburosumab&apop=0&vpop=0&apopa=0&vpopa=0&cId=ndONNP93f33f7d1a5dd4f711a3fa43cc098c421701163565379&rrpt=%7B%22CxSegments%22%3Anull%7D
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintAB:87:BF:D8:2A:47:42:48:16:B8:D6:C0:E7:2B:03:F6:B7:8E:0B:FA
ValiditySun, 22 Oct 2023 09:31:33 GMT - Sat, 20 Jan 2024 09:31:32 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11086)
Hash 78c295b0c798af213bc98bfbf9d663a1
3b86e2b75c4dd0a4ba8e5ef29c9c5e0171fc4ff0
630bafa373025d0cb50347026c658edf1e56a9a4c5baae05451d8c2a4d8c6358
GET /frame86.php?id=ffONNP93f33f7d1a5dd4f711a3fa43cc098c4217011635653811&iid=1701163565382&e=1&ap=4&map=1&umum=1&naa=0&lang=1&pinva=1&pinv=1&dpre=1&onnsfonn=1&vids=1377120&dpb=1&onnwid=11986&wtop=https%253A%252F%252Fit.oldmedic.com%252Fburosumab&apop=0&vpop=0&apopa=0&vpopa=0&cId=ndONNP93f33f7d1a5dd4f711a3fa43cc098c421701163565379&rrpt=%7B%22CxSegments%22%3Anull%7D HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Tue, 28 Nov 2023 09:26:01 GMT
expires: Tue, 28 Nov 2023 09:26:02 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
feature-policy: fullscreen *; autoplay;
access-control-allow-origin: https://it.oldmedic.com
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-length: 7351
content-type: text/html; charset=utf-8
date: Tue, 28 Nov 2023 09:26:01 GMT
server: XO.webservant
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
200 OK 770 kB URL GET HTTP/3 imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 770 kB (769930 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.optad360.net/cmp/v3/cmp-4.0.9.min.js
200 OK 792 kB URL GET HTTP/2 cdn.optad360.net/cmp/v3/cmp-4.0.9.min.js
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerAmazon
Subject*.optad360.net
FingerprintAA:78:57:71:31:74:64:48:50:D0:12:24:49:A2:2D:B0:41:CD:0A:41
ValidityMon, 26 Jun 2023 00:00:00 GMT - Wed, 24 Jul 2024 23:59:59 GMT
Size 792 kB (792060 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cmp/v3/cmp-4.0.9.min.js HTTP/1.1
Host: cdn.optad360.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 17 Nov 2023 13:57:29 GMT
last-modified: Fri, 17 Nov 2023 13:54:28 GMT
etag: W/"b7f9873738450fb5e3951eda8705d5c4"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=360000000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KaYVWWITdBXOfkajo0SWPoz7lYzFDdsxmeigFI1RYj8tRhH2QqnEOw==
age: 934111
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html
200 OK 1.5 kB URL GET HTTP/2 cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint55:06:B7:F1:EF:E9:55:FB:7C:8C:4F:5D:DB:05:C9:15:19:90:9B:2F
ValiditySat, 11 Nov 2023 03:00:51 GMT - Fri, 09 Feb 2024 03:00:50 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (1633), with no line terminators
Hash f93ed3ce8bed77cddedfbd4906ec1e86
a6860f6e0d690ac796f5c8e9211aef6031a29abb
7a7a3a39b0cf96b597a8da0cef9b2093229e1778fda9697b5215ba4cb267c1a0
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:26:01 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Thu, 12 Aug 2021 09:54:31 GMT
etag: W/"6114efd7-609"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 28 Nov 2023 10:26:01 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cbskalbcdukl.xyz/code/gjqtmodcmm5ha3ddf4ztkmy
200 OK 10 B URL GET HTTP/2 cbskalbcdukl.xyz/code/gjqtmodcmm5ha3ddf4ztkmy
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectcbskalbcdukl.xyz
FingerprintE5:29:CE:38:42:6E:A9:1E:7D:3C:7B:70:56:0D:36:60:8B:8A:0B:92
ValidityWed, 01 Nov 2023 19:12:02 GMT - Tue, 30 Jan 2024 19:12:01 GMT
File type ASCII text, with no line terminators
Hash f495e69f2e9edc75eeae7dd3ea78a747
a89e38bbe70fa2de5db9d578975abd4e9dcda52e
8bf4c7cf443426b4cd8b5a56d22109b4e70314c1d2b8d0eb68887696722c132c
GET /code/gjqtmodcmm5ha3ddf4ztkmy HTTP/1.1
Host: cbskalbcdukl.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:25:58 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=d3504973-1dac-4a18-a768-07c1453d6e22; expires=Thu, 28-Dec-2023 09:25:58 GMT; Max-Age=2592000; path=/; SameSite=None; domain=cbskalbcdukl.xyz; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
200 OK 770 kB URL GET HTTP/3 imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 770 kB (769930 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/5753e790/www-embed-player.vflset/www-embed-player.js
200 OK 329 kB URL GET HTTP/3 www.youtube.com/s/player/5753e790/www-embed-player.vflset/www-embed-player.js
IP
Requested by https://www.youtube.com/embed/hYvJ-8xs_FI
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with very long lines (682)
Size 329 kB (329383 bytes)
Hash dc848346d24f8116dd4e95dbfc24e2fe
c5b7f2aa11322cdbea47ed65db753439295efa5b
810892545e4b290f8b8516bda6858ef698a342489be9800e2ba0e358c8d5d7a3
GET /s/player/5753e790/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hYvJ-8xs_FI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 98548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Nov 2023 08:32:23 GMT
expires: Tue, 26 Nov 2024 08:32:23 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 27 Nov 2023 02:43:52 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 89616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
200 OK 770 kB URL GET HTTP/3 imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 770 kB (769930 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
oldmedic.com/template/spidermag/favicon.png
404 Not Found 0 B URL GET HTTP/3 oldmedic.com/template/spidermag/favicon.png
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectoldmedic.com
Fingerprint0F:84:CF:9F:73:8D:D3:21:00:4F:DC:DC:7C:1E:18:8F:01:09:E9:80
ValidityWed, 01 Nov 2023 15:54:52 GMT - Tue, 30 Jan 2024 15:54:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/spidermag/favicon.png HTTP/1.1
Host: oldmedic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Cookie: _sharedID=e088ead1-7bff-46f8-8297-a8f006a6f68e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Tue, 28 Nov 2023 09:26:00 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.25
cache-control: max-age=2678400
expires: Tue, 28 Nov 2023 13:01:49 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 73451
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ff9uVnrl4cP4eQPt5EAT16QTzxriNZ5JWdVgWrsBVrwpnLiab38H1KOoc%2BtFLlF3kP%2FcDUyvgcu96IkeFr%2BBaODUFY72MnWhCfO6oGAV6G4TYfTvNuljTK3OSZ1nuoE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1911cccd4b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
emea.hhkld.com/tag/load-106832.js?page_url=https%3A%2F%2Fit.oldmedic.com%2Fburosumab
200 OK 14 kB URL GET HTTP/2 emea.hhkld.com/tag/load-106832.js?page_url=https%3A%2F%2Fit.oldmedic.com%2Fburosumab
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjecthhkld.com
FingerprintE8:82:46:E9:07:DF:A4:FC:81:80:50:68:57:0E:12:C4:A6:79:00:99
ValiditySun, 22 Oct 2023 03:01:14 GMT - Sat, 20 Jan 2024 03:01:13 GMT
File type ASCII text, with very long lines (2602)
Hash f7511cd69db36c6aa15c0d9cf95df9d8
5f606447af638779539e1a8a1930aab176d75389
7851a79ce95b054874896b511c55b28fae640de21475aece71901106a518b5dc
GET /tag/load-106832.js?page_url=https%3A%2F%2Fit.oldmedic.com%2Fburosumab HTTP/1.1
Host: emea.hhkld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Cookie: uid=jV7KsGVlsiYvXZW6GdGGAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 09:25:59 GMT
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
200 OK 770 kB URL GET HTTP/3 imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 770 kB (769930 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
200 OK 770 kB URL GET HTTP/3 imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 770 kB (769930 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.optad360.net/icons/branding-ads.svg
200 OK 7.4 kB URL GET HTTP/2 cdn.optad360.net/icons/branding-ads.svg
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerAmazon
Subject*.optad360.net
FingerprintAA:78:57:71:31:74:64:48:50:D0:12:24:49:A2:2D:B0:41:CD:0A:41
ValidityMon, 26 Jun 2023 00:00:00 GMT - Wed, 24 Jul 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7833), with no line terminators
Hash b9ed77c084ebc5ccb94251ba703c65ec
18f3dfac801ba769376e88a8e613216594cc010c
7634fddf32b8b57a979c0f5730a9491feffd56e663615906020617730cbbd4dc
GET /icons/branding-ads.svg HTTP/1.1
Host: cdn.optad360.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 12 Oct 2023 13:25:33 GMT
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
cache-control: public, max-age=360000000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rSGuGcmhfcDa3n9mwyh94eivgenMS8bGAsIYenKUU3jrCXSOkeGfSA==
age: 4046427
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
200 OK 770 kB URL GET HTTP/3 imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 770 kB (769930 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
oldmedic.com/template/spidermag/js/2.js
200 OK 13 kB URL GET HTTP/2 oldmedic.com/template/spidermag/js/2.js
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectoldmedic.com
Fingerprint0F:84:CF:9F:73:8D:D3:21:00:4F:DC:DC:7C:1E:18:8F:01:09:E9:80
ValidityWed, 01 Nov 2023 15:54:52 GMT - Tue, 30 Jan 2024 15:54:51 GMT
File type ASCII text, with very long lines (2559), with CRLF line terminators
Hash 59d0584af131fc8ac1e5165f2a763af5
223538fc9fe3b845aec97d1f28c02ab7ec6614cf
d861dc27fb3986ea1a4264f313c6b5667d6044854a650a42d28d223bbfbf098e
GET /template/spidermag/js/2.js HTTP/1.1
Host: oldmedic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:25:58 GMT
content-type: application/javascript
last-modified: Sun, 16 Feb 2020 12:15:21 GMT
etag: W/"32ad-59eb064899871"
cache-control: max-age=2678400
expires: Fri, 08 Dec 2023 07:50:58 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 351300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhLi%2BxFTfSMKajqzO1%2B%2BSIVU3cHBQuAYH14TPeHLhnW13QOL%2FjDFS3CFjtnkH505ZCILwo4arj0oQKIn3UozQPMFj%2FQPg7sZCCYNZTcIM90MfKZzY0VKHLCO6C0LPb0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d19111eb7556bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.onnetwork.tv/sd/1/3/1377120.mp4?sev=s1oizkMyZ8m7egVzH2yHfA&e=1701174361&u=11986
0 B URL GET cdn.onnetwork.tv/sd/1/3/1377120.mp4?sev=s1oizkMyZ8m7egVzH2yHfA&e=1701174361&u=11986
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintAB:87:BF:D8:2A:47:42:48:16:B8:D6:C0:E7:2B:03:F6:B7:8E:0B:FA
ValiditySun, 22 Oct 2023 09:31:33 GMT - Sat, 20 Jan 2024 09:31:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sd/1/3/1377120.mp4?sev=s1oizkMyZ8m7egVzH2yHfA&e=1701174361&u=11986 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: XO.webservantpro
date: Tue, 28 Nov 2023 09:26:02 GMT
content-type: video/mp4
content-length: 18666377
last-modified: Mon, 27 Nov 2023 10:49:38 GMT
etag: "65647442-11cd389"
strict-transport-security: max-age=31536000
access-control-allow-origin: *
content-range: bytes 0-18666376/18666377
X-Firefox-Spdy: h2
it.oldmedic.com/burosumab
200 OK 36 kB URL User Request GET HTTP/2 it.oldmedic.com/burosumab
IP
Certificate IssuerLet's Encrypt
Subjectoldmedic.com
Fingerprint0F:84:CF:9F:73:8D:D3:21:00:4F:DC:DC:7C:1E:18:8F:01:09:E9:80
ValidityWed, 01 Nov 2023 15:54:52 GMT - Tue, 30 Jan 2024 15:54:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /burosumab HTTP/1.1
Host: it.oldmedic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:25:58 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.25
cache-control: max-age=86400
expires: Wed, 29 Nov 2023 09:25:58 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxZLc2OJ2cuG6HALaQOULIkL6AhNjPCYPezprWb7mxCOwkH%2FAfqbVYj5Cqr3HvMeOq%2Fi%2BU1pxAUvQ8BEFFWLsSt6CBEhsXZODBAbZb8TT3pDhTDLK86vU5TekQ1HO%2FTzclk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1910f29150b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
200 OK 770 kB URL GET HTTP/3 imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 770 kB (769930 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csync.loopme.me/?pubid=11364&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D
307 Temporary Redirect 86 B URL GET HTTP/2 csync.loopme.me/?pubid=11364&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D
IP
Requested by https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Certificate IssuerLet's Encrypt
Subjectloopme.com
Fingerprint77:99:BE:EA:5C:8C:85:0A:5B:66:0F:82:32:40:90:1F:F6:9B:42:3E
ValidityTue, 07 Nov 2023 12:01:13 GMT - Mon, 05 Feb 2024 12:01:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pubid=11364&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D HTTP/1.1
Host: csync.loopme.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
set-cookie: viewer_token=d0c544c9-565a-4efa-b43c-b08853b5a605; path=/; domain=csync.loopme.me; secure; HttpOnly; Expires=Wed, 28-Feb-2024 09:26:00 GMT; SameSite=None
location: https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=d0c544c9-565a-4efa-b43c-b08853b5a605&gdpr_consent=null&gdpr=0
content-length: 0
date: Tue, 28 Nov 2023 09:26:00 GMT
server: _
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player90/embedOptAd.min.js?s=1701082363
200 OK 32 kB URL GET HTTP/2 cdn.onnetwork.tv/js/player90/embedOptAd.min.js?s=1701082363
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintAB:87:BF:D8:2A:47:42:48:16:B8:D6:C0:E7:2B:03:F6:B7:8E:0B:FA
ValiditySun, 22 Oct 2023 09:31:33 GMT - Sat, 20 Jan 2024 09:31:32 GMT
File type ASCII text, with very long lines (32285), with no line terminators
Hash 7a70c8ad10ac0cdc2e5a31fa0725463f
1388370c2307ca04d7abb8b55edbc1313c47ad7f
8f84eaaf8187de77c4c885f39b95a0e2aa3a8ba713f416f6e85daf89d8814b11
GET /js/player90/embedOptAd.min.js?s=1701082363 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: XO.webservantpro
date: Tue, 28 Nov 2023 09:26:01 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 10:52:43 GMT
vary: Accept-Encoding
etag: W/"656474fb-7e1d"
expires: Sat, 15 Jun 2024 09:26:01 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.optad360.net/cmp/v3/atpList.json
200 OK 142 kB URL GET HTTP/2 cdn.optad360.net/cmp/v3/atpList.json
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerAmazon
Subject*.optad360.net
FingerprintAA:78:57:71:31:74:64:48:50:D0:12:24:49:A2:2D:B0:41:CD:0A:41
ValidityMon, 26 Jun 2023 00:00:00 GMT - Wed, 24 Jul 2024 23:59:59 GMT
Size 142 kB (141621 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cmp/v3/atpList.json HTTP/1.1
Host: cdn.optad360.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
date: Thu, 23 Nov 2023 11:09:39 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Tue, 22 Aug 2023 07:10:17 GMT
etag: W/"e8df990f83f610eec41ea8552b5008f9"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 54roVN_JRoeEr1xyBZajIjn1udKxb8sYtwCM-oH3CS4YGN4bG0Lr9w==
age: 425783
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.605.0_en.html
200 OK 770 kB URL GET HTTP/3 imasdk.googleapis.com/js/core/bridge3.605.0_en.html
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48587)
Size 770 kB (769930 bytes)
Hash c9b5e0526e4853ea980b4e79032e15a3
13643c897b0e35ce0a2cfd9810c14a0d9ad2b387
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
GET /js/core/bridge3.605.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 246766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:51 GMT
expires: Fri, 22 Nov 2024 05:05:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
content-type: text/html
vary: Accept-Encoding
age: 447614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
get.optad360.io/sf/582649a2-fa00-42a0-a535-b2e004969633/plugin.min.js
200 OK 294 kB URL GET HTTP/2 get.optad360.io/sf/582649a2-fa00-42a0-a535-b2e004969633/plugin.min.js
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerAmazon
Subject*.optad360.io
FingerprintBC:89:97:49:5C:BF:E9:C9:F2:FA:B3:55:B7:6A:1E:6D:7F:5B:86:9E
ValiditySun, 17 Sep 2023 00:00:00 GMT - Tue, 15 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 294 kB (293829 bytes)
Hash 95e28dc79c5c3e2af8cb482e4e9a43a0
fb5e6f9bb20b6e91598bc3c3b85c89793465a27e
d859b40b6cc4b47965c3153059394a9d647962734ae3963e3af629dc8cfd0df9
GET /sf/582649a2-fa00-42a0-a535-b2e004969633/plugin.min.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 27 Nov 2023 21:57:30 GMT
last-modified: Mon, 06 Nov 2023 11:49:43 GMT
etag: W/"95e28dc79c5c3e2af8cb482e4e9a43a0"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XJHIVBw3sK8T0piWkXoCyQMF2_jmIQaw7wpLzNox3wgIllmuO5RQuA==
age: 41309
X-Firefox-Spdy: h2
www.youtube.com/s/player/5753e790/www-player.css
200 OK 387 kB URL GET HTTP/3 www.youtube.com/s/player/5753e790/www-player.css
IP
Requested by https://www.youtube.com/embed/hYvJ-8xs_FI
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
Size 387 kB (386711 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/player/5753e790/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/hYvJ-8xs_FI
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Nov 2023 08:32:23 GMT
expires: Tue, 26 Nov 2024 08:32:23 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 27 Nov 2023 02:43:52 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 89616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
200 OK 3.1 kB URL GET HTTP/2 cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerAmazon
Subjectcookies.nextmillmedia.com
Fingerprint01:8E:4A:16:C7:C3:B6:97:4E:36:AC:D6:42:3C:07:30:FB:79:87:D6
ValidityTue, 13 Jun 2023 00:00:00 GMT - Thu, 11 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (3141), with no line terminators
Hash 3ad59bb632653b65fa38a7a9c8d45dd7
e20ef7d1eee958d6e273f31360c357aaed231c88
886bb9745c4e770697ece6598720ef5eada8d7044e99acf538f7f928f78b9915
GET /sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID] HTTP/1.1
Host: cookies.nextmillmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:26:00 GMT
content-type: text/html
content-length: 3089
server: fasthttp
set-cookie: NMUID=csuid_71de7f45-8b55-4eec-8957-77963754489f; max-age=604800; secure; SameSite=None
X-Firefox-Spdy: h2
rtb-apac.rtbserve.io/win?i=0cLwXqI1jp0_0&p=1701163575.201966&f=nurlnw
0 B URL GET rtb-apac.rtbserve.io/win?i=0cLwXqI1jp0_0&p=1701163575.201966&f=nurlnw
IP
Requested by https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html#goog_952094397
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /win?i=0cLwXqI1jp0_0&p=1701163575.201966&f=nurlnw HTTP/1.1
Host: rtb-apac.rtbserve.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
DNT: 1
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js
200 OK 386 B URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js
IP
Requested by https://it.oldmedic.com/burosumab
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type ASCII text, with very long lines (399), with no line terminators
Hash 022602a468da44628060800173771da2
9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c
6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.oldmedic.com
DNT: 1
Connection: keep-alive
Referer: https://it.oldmedic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Nov 2023 09:26:02 GMT
content-type: application/javascript
last-modified: Thu, 12 Aug 2021 09:52:54 GMT
etag: W/"6114ef76-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 344397
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9eaOsGUb344xXYw6ldaMNyuH7PATj6FqWtvmyaIoqRbMLTbxXT0356VMuykZXN%2BmwL69Wxa1lisaRafIoP%2FnskM2lCOQQelSJsPl1Ct2lXNJWdJ1JFs9dNOTIbleSjemoX9km%2FQrXe%2Fr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d19126bd5a63c1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
104.21.0.159
216.58.207.234
35.214.226.125
141.94.202.176
188.114.97.1
51.89.9.254
0.0.0.0