Overview

URL mwebnice.com/6738/186/2/?subid=tismm7
IP104.21.10.231
ASNCLOUDFLARENET
Location
Report completed2022-09-07 21:47:06 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-07 2 mwebnice.com/6738/186/2/?subid=tismm7 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (77)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS criteo-sync.teads.tv (1) 1786 2017-02-17 10:06:41 UTC 2022-09-07 05:19:03 UTC 23.195.255.234
mnemonic passive DNS rtb-csync.smartadserver.com (1) 583 2012-12-17 16:38:47 UTC 2022-09-07 09:27:21 UTC 185.86.137.133
mnemonic passive DNS fonts.googleapis.com (3) 8877 2014-07-21 13:19:55 UTC 2022-09-07 19:40:29 UTC 142.250.74.10
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-07 04:50:01 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-07 05:03:48 UTC 143.204.55.110
mnemonic passive DNS amplify.outbrain.com (1) 2255 2017-04-12 07:58:35 UTC 2022-09-07 05:34:04 UTC 23.38.201.81
mnemonic passive DNS cm.g.doubleclick.net (2) 202 2013-05-30 23:19:45 UTC 2022-09-07 20:59:18 UTC 142.250.74.34
mnemonic passive DNS sync.outbrain.com (1) 757 2016-08-02 06:37:14 UTC 2022-09-07 04:50:29 UTC 64.202.112.223
mnemonic passive DNS sync-criteo.ads.yieldmo.com (1) 2354 2019-12-10 21:28:48 UTC 2022-09-07 05:19:03 UTC 54.220.128.66
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-08-29 13:43:22 UTC 2022-09-07 04:49:31 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-09-07 16:47:25 UTC 172.64.155.188
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-07 04:49:43 UTC 142.251.1.154
mnemonic passive DNS bam.nr-data.net (1) 630 2015-02-10 00:06:27 UTC 2022-09-07 04:54:29 UTC 162.247.241.14
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-07 16:09:22 UTC 142.250.74.164
mnemonic passive DNS ad.yieldlab.net (3) 3515 2014-05-07 00:17:56 UTC 2022-09-07 04:53:04 UTC 23.13.245.180
mnemonic passive DNS use.fontawesome.com (2) 942 2017-01-30 04:43:25 UTC 2022-09-07 05:00:35 UTC 104.21.63.54
mnemonic passive DNS ib.adnxs.com (2) 241 2012-05-23 22:36:14 UTC 2022-09-07 13:33:09 UTC 37.252.173.215
mnemonic passive DNS dpm.demdex.net (2) 204 2017-01-30 04:59:39 UTC 2022-09-07 04:49:36 UTC 52.209.70.49
mnemonic passive DNS sync-t1.taboola.com (1) 1269 2020-06-29 11:52:33 UTC 2022-09-07 04:54:14 UTC 141.226.228.48
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-07 04:49:50 UTC 34.117.237.239
mnemonic passive DNS www.clickfunnels.com (1) 51002 2014-10-08 20:01:35 UTC 2022-09-07 17:27:07 UTC 104.16.13.194
mnemonic passive DNS pixel.sitescout.com (3) 3280 2012-05-21 13:21:02 UTC 2022-09-07 19:34:56 UTC 66.155.71.25
mnemonic passive DNS simage2.pubmatic.com (1) 578 2012-07-21 03:13:48 UTC 2022-09-07 04:52:57 UTC 185.64.190.80
mnemonic passive DNS ocsp.godaddy.com (3) 698 2012-05-20 19:28:57 UTC 2022-09-07 04:58:59 UTC 192.124.249.24
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-09-07 20:24:43 UTC 142.250.74.3
mnemonic passive DNS ad.360yield.com (1) 657 2012-11-28 11:30:25 UTC 2022-09-07 04:49:31 UTC 18.159.9.120
mnemonic passive DNS visitor.omnitagjs.com (1) 1722 2017-01-30 04:58:42 UTC 2022-09-07 04:58:27 UTC 185.255.84.153
mnemonic passive DNS cdn01.basis.net (1) 6554 2017-07-10 04:43:26 UTC 2022-09-07 14:40:35 UTC 95.140.228.46
mnemonic passive DNS ocsp.pki.goog (20) 175 2017-06-14 07:23:31 UTC 2022-09-07 04:49:42 UTC 142.250.74.3
mnemonic passive DNS quick.vidalytics.com (14) 193746 2018-05-11 09:57:53 UTC 2022-09-07 13:20:00 UTC 192.229.220.49
mnemonic passive DNS ocsp.sca1b.amazontrust.com (7) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
mnemonic passive DNS www.prosperwellness.co (1) 0 2019-03-28 20:31:23 UTC 2022-09-07 13:20:00 UTC 104.21.95.133 Unknown ranking
mnemonic passive DNS gum.criteo.com (4) 381 2015-01-22 10:58:57 UTC 2022-09-07 14:35:02 UTC 178.250.2.146
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-07 04:49:35 UTC 31.13.72.36
mnemonic passive DNS pixel.rubiconproject.com (1) 314 2012-10-09 03:17:38 UTC 2022-09-07 04:50:57 UTC 213.19.162.80
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-07 04:53:17 UTC 142.250.74.72
mnemonic passive DNS status.thawte.com (2) 5123 2017-11-27 12:33:51 UTC 2022-09-07 04:50:38 UTC 93.184.220.29
mnemonic passive DNS exchange.mediavine.com (1) 2109 2020-11-23 01:20:19 UTC 2022-09-07 05:06:45 UTC 35.159.43.206
mnemonic passive DNS match.sharethrough.com (1) 604 2015-12-22 22:55:59 UTC 2022-09-07 04:49:45 UTC 52.29.43.144
mnemonic passive DNS criteo-partners.tremorhub.com (1) 2360 2017-11-20 17:11:05 UTC 2022-09-07 05:19:03 UTC 3.224.216.74
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-07 12:55:42 UTC 143.204.55.27
mnemonic passive DNS mwebnice.com (1) 0 2022-02-18 00:05:35 UTC 2022-09-07 14:25:40 UTC 172.67.146.245 Unknown ranking
mnemonic passive DNS app.clickfunnels.com (4) 34727 2015-03-12 08:40:23 UTC 2022-09-07 12:48:36 UTC 104.16.14.194
mnemonic passive DNS contextual.media.net (1) 513 2019-04-30 08:49:36 UTC 2022-09-07 17:17:02 UTC 23.38.200.22
mnemonic passive DNS x.bidswitch.net (1) 286 2017-08-28 15:21:00 UTC 2022-09-07 04:49:35 UTC 52.58.218.78
mnemonic passive DNS renewyourknees.com (18) 0 2021-06-07 08:45:56 UTC 2022-09-07 21:08:06 UTC 104.16.12.194 Unknown ranking
mnemonic passive DNS cdn1.lockerdomecdn.com (1) 13402 2017-05-19 01:45:29 UTC 2022-09-07 13:19:59 UTC 54.230.111.43
mnemonic passive DNS tr.outbrain.com (2) 2017 2017-04-12 07:58:35 UTC 2022-09-07 05:34:05 UTC 64.202.112.223
mnemonic passive DNS analytics-ingress-global.bitmovin.com (9) 47119 2017-08-18 05:30:44 UTC 2022-09-07 18:32:42 UTC 35.190.27.197
mnemonic passive DNS static.cloudflareinsights.com (1) 1294 2019-09-24 14:34:56 UTC 2022-09-07 06:49:22 UTC 172.64.156.26
mnemonic passive DNS static.getclicky.com (1) 11697 2012-05-22 03:28:28 UTC 2022-09-07 07:37:17 UTC 104.16.221.29
mnemonic passive DNS stats.vidalytics.com (4) 153185 2017-02-08 02:49:35 UTC 2022-09-07 18:32:42 UTC 34.107.158.93
mnemonic passive DNS dis.criteo.com (2) 660 2012-06-02 15:38:12 UTC 2022-09-07 19:12:50 UTC 178.250.0.163
mnemonic passive DNS beacon.krxd.net (1) 408 2012-05-22 04:25:40 UTC 2022-09-07 04:49:44 UTC 54.77.178.38
mnemonic passive DNS gem.gbc.criteo.com (1) 6039 2019-02-06 06:21:41 UTC 2022-09-07 13:17:28 UTC 178.250.6.119
mnemonic passive DNS r.casalemedia.com (2) 1896 2012-06-24 01:17:14 UTC 2022-09-07 04:57:06 UTC 104.18.19.126
mnemonic passive DNS widget.us.criteo.com (1) 19445 2015-08-23 19:59:38 UTC 2022-09-07 05:41:07 UTC 74.119.119.150
mnemonic passive DNS cm.adform.net (1) 1667 2015-03-30 07:47:01 UTC 2022-09-07 04:52:57 UTC 37.157.5.142
mnemonic passive DNS ups.analytics.yahoo.com (2) 287 2019-05-09 15:57:40 UTC 2022-09-07 04:49:44 UTC 3.126.56.137
mnemonic passive DNS www.rtb123.com (1) 18626 2017-06-03 19:59:06 UTC 2022-09-07 15:44:35 UTC 67.225.220.126
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-07 12:21:16 UTC 34.120.237.76
mnemonic passive DNS s3-us-west-2.amazonaws.com (1) 0 2017-06-03 01:37:46 UTC 2022-09-07 17:48:42 UTC 52.92.146.240 Unknown ranking
mnemonic passive DNS sslwidget.criteo.com (1) 1723 2012-05-31 02:43:28 UTC 2022-09-07 12:15:50 UTC 178.250.2.151
mnemonic passive DNS ocsp.digicert.com (16) 86 2012-05-21 07:02:23 UTC 2022-09-07 14:29:23 UTC 93.184.220.29
mnemonic passive DNS assets.mantisadnetwork.com (1) 155106 2018-11-22 04:54:21 UTC 2022-09-07 13:19:59 UTC 143.204.55.50
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-09-07 04:51:08 UTC 31.13.72.12
mnemonic passive DNS ad.sxp.smartclip.net (2) 2300 2017-05-16 21:17:22 UTC 2022-09-07 04:50:34 UTC 35.186.194.101
mnemonic passive DNS js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-09-07 05:17:09 UTC 151.101.86.137
mnemonic passive DNS licensing.bitmovin.com (2) 19299 2017-01-30 06:23:56 UTC 2022-09-07 18:32:42 UTC 35.227.229.24
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-07 05:08:41 UTC 52.88.220.109
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-07 04:56:27 UTC 104.18.20.226
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-07 20:38:05 UTC 142.250.74.174
mnemonic passive DNS ag.gbc.criteo.com (1) 5925 2018-12-17 13:17:41 UTC 2022-09-07 13:17:28 UTC 185.235.84.36
mnemonic passive DNS static.criteo.net (1) 652 2015-06-24 06:04:54 UTC 2022-09-07 10:35:40 UTC 178.250.0.130
mnemonic passive DNS s.thebrighttag.com (1) 1487 2014-11-26 15:16:07 UTC 2022-09-07 04:54:40 UTC 18.118.75.167
mnemonic passive DNS trk.legendaff.com (1) 0 2020-02-20 09:54:58 UTC 2022-09-07 18:18:49 UTC 104.21.19.175 Unknown ranking
mnemonic passive DNS in.getclicky.com (1) 9776 2012-05-21 07:08:50 UTC 2022-09-07 06:37:29 UTC 198.145.13.13


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.10.231

Date UQ / IDS / BL URL IP
2022-11-22 15:32:48 +0000
0 - 0 - 1 mwebnice.com/6161/783/3/?subid=revifolsmicxs 104.21.10.231
2022-10-25 15:27:29 +0000
0 - 0 - 8 dodi-repacks-site.org/dying-light-2-stay-huma (...) 104.21.10.231
2022-10-22 18:46:19 +0000
0 - 0 - 1 mwebnice.com/7597/106/2/?subid=XMcfellpsoem 104.21.10.231
2022-10-15 17:47:09 +0000
0 - 0 - 1 mwebnice.com/6289/1126/3/?subid=XMcdrebfnt 104.21.10.231
2022-09-26 20:34:57 +0000
0 - 0 - 1 mwebnice.com/7367/542/2/?subid=XMdgerbdmmlot 104.21.10.231

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-07 00:16:47 +0000
0 - 0 - 7 tusachxinhxinh1.com/ 104.21.45.177
2022-12-07 00:14:32 +0000
0 - 0 - 1 fnxx.info/p287faafdqd7f2454509cb470d9oaeb7982 (...) 104.26.12.57
2022-12-07 00:11:16 +0000
0 - 0 - 1 www.ymmyfoods.shop/10581-114-4999-12909044/cc (...) 104.21.2.185
2022-12-07 00:08:34 +0000
0 - 0 - 1 www.ymmyfoods.shop/10581-114-4999-174807231/p (...) 172.67.129.141
2022-12-07 00:07:32 +0000
0 - 0 - 1 www.ymmyfoods.shop/10581-114-4999-83763951/ma (...) 172.67.129.141

Last 5 reports on domain: mwebnice.com

Date UQ / IDS / BL URL IP
2022-11-29 21:19:47 +0000
0 - 0 - 1 mwebnice.com/5624/2922/6/?subid=defrgthygtfasdfgh 188.114.96.1
2022-11-29 03:26:37 +0000
0 - 0 - 1 mwebnice.com/7191/846/2/?subid=bnicdwefgtrfergth 172.67.146.245
2022-11-26 21:58:10 +0000
0 - 0 - 1 mwebnice.com/7763/150/2/?subid=brainmicsdx 172.67.146.245
2022-11-22 15:32:48 +0000
0 - 0 - 1 mwebnice.com/6161/783/3/?subid=revifolsmicxs 104.21.10.231
2022-10-24 17:07:55 +0000
0 - 0 - 1 mwebnice.com/6340/1338/3/?subid=herpestlsamixa 172.67.146.245

No other reports with similar screenshot



JavaScript

Executed Scripts (58)


Executed Evals (6)

#1 JavaScript::Eval (size: 79, repeated: 1) - SHA256: 7d6b0fcdd3508922088e3af5a4b10c860917b5b36387e7e9c622eab70e01666b

                                        formSubmitFunctions["cfAR"] = function() {
    SendData("cfAR", null);
    return false;
};
                                    

#2 JavaScript::Eval (size: 119, repeated: 1) - SHA256: dbddef76572219ef06f89e08ee3c7c1051a81bd87312d5321bba4f282f41ac3d

                                        createCookie('is_eu', false);
createCookie('6k37lq76vuqjyyzr', true, 365);
createCookie('12069231_viewed_1', '4', 365);
                                    

#3 JavaScript::Eval (size: 20304, repeated: 1) - SHA256: 9c1ea695852f01d2fc6027d572b126b740a9c4634540fb0d39ea3656377eef77

                                        function $d(d) {
    return document.getElementById(d)
}
var proc = location.protocol;
if (proc != 'https:') {
    proc = 'http:'
}
var _image_path = proc + '//addthisevent.com/gfx/icon-calendar-t1.png';
var _ate_license = '';
var _ate_mouse = false;
var _ate_css = 'true';
var _ate_callback = '';
var _ate_dropdown = '';
var _ate_lbl_outlook = 'Outlook Calendar';
var _ate_lbl_google = 'Google Calendar';
var _ate_lbl_yahoo = 'Yahoo Calendar';
var _ate_lbl_hotmail = 'Hotmail Calendar';
var _ate_lbl_ical = 'iCal Calendar';
var _ate_lbl_fb_event = 'Facebook Event';
var _ate_show_outlook = true;
var _ate_show_google = true;
var _ate_show_yahoo = true;
var _ate_show_hotmail = true;
var _ate_show_ical = true;
var _ate_show_facebook = true;
var _d_rd = false;
var _ate_btn_found = false;
var _ate_btn_expo = false;
var addthisevent = function() {
    var D = false,
        dropzcx = 1,
        olddrop = '',
        dropmousetim, css1 = false,
        css2 = false;
    return {
        generate: function() {
            try {
                _image_path = _image_path
            } catch (e) {
                _image_path = proc + '//addthisevent.com/gfx/icon-calendar-t1.png'
            }
            try {
                _ate_license = _license
            } catch (e) {}
            try {
                _ate_mouse = _mouse
            } catch (e) {}
            try {
                _ate_css = _css
            } catch (e) {}
            var b = addthisevent.glicense(_ate_license);
            var c = document.getElementsByTagName('*');
            for (var d = 0; d < c.length; d += 1) {
                var f = '',
                    fbevent = false,
                    str = c[d].className,
                    htmx = '';
                if (addthisevent.hasclass(c[d], 'addthisevent')) {
                    var g = c[d].getElementsByTagName('span');
                    for (var m = 0; m < g.length; m += 1) {
                        if (addthisevent.hasclass(g[m], '_url')) {
                            g[m].style.display = 'none'
                        }
                        if (addthisevent.hasclass(g[m], '_start')) {
                            g[m].style.display = 'none';
                            f += '&dstart=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_end')) {
                            g[m].style.display = 'none';
                            f += '&dend=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_zonecode')) {
                            g[m].style.display = 'none';
                            f += '&dzone=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_summary')) {
                            g[m].style.display = 'none';
                            f += '&dsum=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_description')) {
                            g[m].style.display = 'none';
                            f += '&ddesc=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_location')) {
                            g[m].style.display = 'none';
                            f += '&dloca=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_organizer')) {
                            g[m].style.display = 'none';
                            f += '&dorga=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_organizer_email')) {
                            g[m].style.display = 'none';
                            f += '&dorgaem=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_attendees')) {
                            g[m].style.display = 'none';
                            f += '&datte=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_all_day_event')) {
                            g[m].style.display = 'none';
                            f += '&dallday=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_date_format')) {
                            g[m].style.display = 'none';
                            f += '&dateformat=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_alarm_reminder')) {
                            g[m].style.display = 'none';
                            f += '&alarm=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_recurring')) {
                            g[m].style.display = 'none';
                            f += '&drule=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_uid')) {
                            g[m].style.display = 'none';
                            f += '&uid=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_facebook_event')) {
                            if (g[m].innerHTML != '') {
                                g[m].style.display = 'none';
                                var h = g[m].innerHTML.replace(/ /gi, "");
                                f += '&fbevent=' + encodeURIComponent(h);
                                fbevent = true
                            }
                        }
                    }
                    if (b) {
                        f += '&credits=false'
                    }
                    f = f.replace(/'/gi, "�");
                    if (_ate_dropdown != '') {
                        _ate_dropdown = _ate_dropdown + ',';
                        _ate_dropdown = _ate_dropdown.replace(/ /gi, '');
                        var i = _ate_dropdown.split(',');
                        for (var a = 0; a < i.length; a += 1) {
                            if (_ate_show_outlook && i[a] == 'outlook') {
                                htmx += '<span class="ateoutlook" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'outlook\',\'' + f + '\');">' + _ate_lbl_outlook + '</span>'
                            }
                            if (_ate_show_google && i[a] == 'google') {
                                htmx += '<span class="ategoogle" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'google\',\'' + f + '\');">' + _ate_lbl_google + '</span>'
                            }
                            if (_ate_show_yahoo && i[a] == 'yahoo') {
                                htmx += '<span class="ateyahoo" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'yahoo\',\'' + f + '\');">' + _ate_lbl_yahoo + '</span>'
                            }
                            if (_ate_show_hotmail && i[a] == 'hotmail') {
                                htmx += '<span class="atehotmail" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'hotmail\',\'' + f + '\');">' + _ate_lbl_hotmail + '</span>'
                            }
                            if (_ate_show_ical && i[a] == 'ical') {
                                htmx += '<span class="ateical" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'ical\',\'' + f + '\');">' + _ate_lbl_ical + '</span>'
                            }
                            if (fbevent && i[a] == 'facebook') {
                                if (_ate_show_facebook && i[a] == 'facebook') {
                                    htmx += '<span class="atefacebook" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'facebook\',\'' + f + '\');">' + _ate_lbl_fb_event + '</span>'
                                }
                            }
                        }
                    } else {
                        if (_ate_show_outlook) {
                            htmx += '<span class="ateoutlook" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'outlook\',\'' + f + '\');">' + _ate_lbl_outlook + '</span>'
                        }
                        if (_ate_show_google) {
                            htmx += '<span class="ategoogle" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'google\',\'' + f + '\');">' + _ate_lbl_google + '</span>'
                        }
                        if (_ate_show_yahoo) {
                            htmx += '<span class="ateyahoo" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'yahoo\',\'' + f + '\');">' + _ate_lbl_yahoo + '</span>'
                        }
                        if (_ate_show_hotmail) {
                            htmx += '<span class="atehotmail" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'hotmail\',\'' + f + '\');">' + _ate_lbl_hotmail + '</span>'
                        }
                        if (_ate_show_ical) {
                            htmx += '<span class="ateical" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'ical\',\'' + f + '\');">' + _ate_lbl_ical + '</span>'
                        }
                        if (fbevent) {
                            if (_ate_show_facebook) {
                                htmx += '<span data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'facebook\',\'' + f + '\');">' + _ate_lbl_fb_event + '</span>'
                            }
                        }
                    }
                    if (!b) {
                        htmx += '<em class="copyx"><em class="brx"></em><em class="frs" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'home\');">AddThisEvent</em></em>'
                    }
                    c[d].id = 'atedrop' + dropzcx;
                    c[d].className = c[d].className.replace(/addthisevent/gi, '');
                    c[d].className = c[d].className + ' addthisevent-drop';
                    c[d].title = '';
                    var j = c[d].getAttribute('data-direct');
                    if (j) {
                        c[d].setAttribute('data-url', f);
                        c[d].setAttribute('data-ref', dropzcx);
                        c[d].onclick = function() {
                            addthisevent.direct(this);
                            return false
                        }
                    } else {
                        if (_ate_mouse) {
                            c[d].onmouseover = function() {
                                clearTimeout(dropmousetim);
                                addthisevent.show(this, 'auto', 'auto', true)
                            };
                            c[d].onmouseout = function() {
                                dropmousetim = setTimeout("addthisevent.out();", 200)
                            };
                            c[d].onclick = function() {
                                return false
                            }
                        } else {
                            c[d].onclick = function() {
                                addthisevent.show(this, 'auto', 'auto');
                                return false
                            }
                        }
                    }
                    var k = c[d];
                    var l = document.createElement('span');
                    l.id = 'atedrop' + dropzcx + '-drop';
                    l.className = 'addthisevent_dropdown';
                    l.innerHTML = htmx;
                    k.appendChild(l);
                    dropzcx++;
                    _ate_btn_found = true
                }
            }
            if (_ate_css == 'false') {
                addthisevent.trycss()
            } else {
                addthisevent.applycss(b)
            }
            if (_ate_btn_found && !_ate_btn_expo) {
                _ate_btn_expo = true;
                addthisevent.track({
                    typ: 'exposure',
                    cal: ''
                })
            }
        },
        direct: function(f) {
            var a = f.getAttribute('data-url');
            var b = f.getAttribute('data-direct');
            addthisevent.cli(f, b, a)
        },
        cli: function(f, a, b) {
            var c = '',
                ref = location.href,
                nw = true,
                now = new Date();
            if (a == 'outlook') {
                c = proc + '//addthisevent.com/create/?service=OUTLOOK' + b + '&reference=' + ref;
                nw = false
            }
            if (a == 'google') {
                c = proc + '//addthisevent.com/create/?service=GOOGLE' + b + '&reference=' + ref
            }
            if (a == 'yahoo') {
                c = proc + '//addthisevent.com/create/?service=YAHOO' + b + '&reference=' + ref
            }
            if (a == 'hotmail') {
                c = proc + '//addthisevent.com/create/?service=HOTMAIL' + b + '&reference=' + ref
            }
            if (a == 'ical') {
                c = proc + '//addthisevent.com/create/?service=ICAL' + b + '&reference=' + ref;
                nw = false
            }
            if (a == 'facebook') {
                c = proc + '//addthisevent.com/create/?service=FACEBOOK' + b + '&reference=' + ref
            }
            if (a == 'home') {
                c = proc + '//addthisevent.com/'
            }
            if (c != '') {
                if (a != 'home') {
                    var d = f.getAttribute('data-ref');
                    var g = $d('atedrop' + d);
                    if (g) {
                        var h = g.getAttribute('data-track');
                        if (h != null) {
                            h = h.replace(/ate-calendar/gi, a);
                            try {
                                eval(h)
                            } catch (e) {}
                        }
                    }
                }
                if (!$d('atecllink')) {
                    var j = document.createElement("a");
                    j.id = 'atecllink';
                    j.rel = 'external';
                    j.innerHTML = '{addthisevent-ghost-link}';
                    j.style.display = 'none';
                    document.body.appendChild(j)
                }
                var k = $d('atecllink');
                if (nw) {
                    k.target = '_blank'
                } else {
                    k.target = '_self'
                }
                k.href = c;
                addthisevent.eclick('atecllink')
            }
            addthisevent.track({
                typ: 'click',
                cal: a
            });
            if (_ate_callback) {
                for (var i = 0; i < _ate_callback.length; i++) {
                    try {
                        eval(_ate_callback[i])
                    } catch (e) {
                        alert(e.description)
                    }
                }
            }
        },
        applycss: function(a) {
            if (!css2) {
                var b;
                b = '.addthisevent-drop {display:inline-block;position:relative;font-family:arial;color:#333!important;background:#f4f4f4 url(' + _image_path + ') no-repeat 9px 50%;text-decoration:none!important;border:1px solid #d9d9d9;color:#555;font-weight:bold;font-size:14px;text-decoration:none;padding:9px 12px 8px 35px;-moz-border-radius:2px;-webkit-border-radius:2px;-webkit-touch-callout:none;-webkit-user-select:none;-khtml-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none;}';
                b += '.addthisevent-drop:hover {border:1px solid #aab9d4;color:#555;font-weight:bold;font-size:14px;text-decoration:none!important;}';
                b += '.addthisevent-drop:active {top:1px;}';
                b += '.addthisevent-selected {background-color:#f7f7f7;}';
                if (a) {
                    b += '.addthisevent_dropdown {width:200px;position:absolute;z-index:99999;padding:0px 0px 0px 0px;background:#fff;text-align:left;display:none;margin-top:-2px;margin-left:-1px;border-top:1px solid #c8c8c8;border-right:1px solid #bebebe;border-bottom:1px solid #a8a8a8;border-left:1px solid #bebebe;-moz-border-radius:2px;-webkit-border-radius:2px;-webkit-box-shadow:1px 3px 6px rgba(0,0,0,0.15);-moz-box-shadow:1px 3px 6px rgba(0,0,0,0.15);box-shadow:1px 3px 6px rgba(0,0,0,0.15);}'
                } else {
                    b += '.addthisevent_dropdown {width:200px;position:absolute;z-index:99999;padding:6px 0px 0px 0px;background:#fff;text-align:left;display:none;margin-top:-2px;margin-left:-1px;border-top:1px solid #c8c8c8;border-right:1px solid #bebebe;border-bottom:1px solid #a8a8a8;border-left:1px solid #bebebe;-moz-border-radius:2px;-webkit-border-radius:2px;-webkit-box-shadow:1px 3px 6px rgba(0,0,0,0.15);-moz-box-shadow:1px 3px 6px rgba(0,0,0,0.15);box-shadow:1px 3px 6px rgba(0,0,0,0.15);}'
                }
                b += '.addthisevent_dropdown span {display:block;cursor:pointer;line-height:110%;background:#fff;text-decoration:none;font-size:12px;color:#6d84b4;padding:8px 10px 9px 15px;}';
                b += '.addthisevent_dropdown span:hover {background:#f4f4f4;color:#6d84b4;text-decoration:none;font-size:12px;}';
                b += '.addthisevent span {display:none!important;}';
                b += '.addthisevent-drop ._url,.addthisevent-drop ._start,.addthisevent-drop ._end,.addthisevent-drop ._zonecode,.addthisevent-drop ._summary,.addthisevent-drop ._description,.addthisevent-drop ._location,.addthisevent-drop ._organizer,.addthisevent-drop ._organizer_email,.addthisevent-drop ._facebook_event,.addthisevent-drop ._all_day_event {display:none!important;}';
                b += '.addthisevent_dropdown .copyx {width:200px;height:21px;display:block;position:relative;cursor:default;}';
                b += '.addthisevent_dropdown .brx {width:180px;height:1px;overflow:hidden;background:#e0e0e0;position:absolute;z-index:100;left:10px;top:9px;}';
                b += '.addthisevent_dropdown .frs {position:absolute;top:5px;cursor:pointer;right:10px;padding-left:10px;font-style:normal;font-weight:normal;text-align:right;z-index:101;line-height:110%;background:#fff;text-decoration:none;font-size:9px;color:#cacaca;}';
                b += '.addthisevent_dropdown .frs:hover {color:#999!important;}';
                var c = document.createElement("style");
                c.type = "text/css";
                c.id = "ate_css";
                if (c.styleSheet) {
                    c.styleSheet.cssText = b
                } else {
                    c.appendChild(document.createTextNode(b))
                }
                document.getElementsByTagName("head")[0].appendChild(c);
                css2 = true
            }
        },
        trycss: function() {
            if (!css1) {
                try {
                    var a = '.addthisevent {visibility:hidden;}';
                    a += '.addthisevent-drop ._url,.addthisevent-drop ._start,.addthisevent-drop ._end,.addthisevent-drop ._zonecode,.addthisevent-drop ._summary,.addthisevent-drop ._description,.addthisevent-drop ._location,.addthisevent-drop ._organizer,.addthisevent-drop ._organizer_email,.addthisevent-drop ._attendees,.addthisevent-drop ._facebook_event,.addthisevent-drop ._all_day_event {display:none!important;}';
                    var b = document.createElement("style");
                    b.type = "text/css";
                    if (b.styleSheet) {
                        b.styleSheet.cssText = a
                    } else {
                        b.appendChild(document.createTextNode(a))
                    }
                    document.getElementsByTagName("head")[0].appendChild(b)
                } catch (e) {}
                css1 = true;
                addthisevent.track({
                    typ: 'jsinit',
                    cal: ''
                })
            }
        },
        removecss: function() {
            try {
                return (hdx = $d('ate_css')) ? hdx.parentNode.removeChild(hdx) : false
            } catch (e) {}
        },
        show: function(f, o, a, b) {
            var c = f.id;
            var d = $d(c);
            var g = $d(c + '-drop');
            if (d && g) {
                if (olddrop != c) {
                    addthisevent.hide(olddrop)
                }
                var h = addthisevent.getstyle(g, 'display');
                try {
                    f.blur()
                } catch (e) {};
                if (h == 'block') {
                    if (b) {} else {
                        addthisevent.hide(c)
                    }
                } else {
                    olddrop = c;
                    d.className = d.className + ' addthisevent-selected';
                    d.style.zIndex = addthisevent.topzindex();
                    g.style.left = '0px';
                    g.style.top = '0px';
                    g.style.display = 'block';
                    setTimeout("addthisevent.tim();", 350);
                    D = false;
                    var i = parseInt(d.offsetHeight);
                    var j = parseInt(d.offsetWidth);
                    var k = parseInt(g.offsetHeight);
                    var l = parseInt(g.offsetWidth);
                    var m = addthisevent.viewport();
                    var n = m.split('/');
                    var p = parseInt(n[0]);
                    var q = parseInt(n[1]);
                    var r = parseInt(n[2]);
                    var s = parseInt(n[3]);
                    var t = addthisevent.elementposition(g);
                    var u = t.split('/');
                    var v = parseInt(u[0]);
                    var w = parseInt(u[1]);
                    var x = w + k;
                    var y = q + s;
                    var z = v + l;
                    var A = p + r;
                    var B = 0,
                        dropy = 0;
                    if (o == 'down' && a == 'left') {
                        B = '0px';
                        dropy = i + 'px'
                    } else if (o == 'up' && a == 'left') {
                        B = '0px';
                        dropy = -k + 'px'
                    } else if (o == 'down' && a == 'right') {
                        B = -(l - j) + 'px';
                        dropy = i + 'px'
                    } else if (o == 'up' && a == 'right') {
                        B = -(l - j) + 'px';
                        dropy = -k + 'px'
                    } else if (o == 'auto' && a == 'left') {
                        B = '0px';
                        if (x > y) {
                            dropy = -k + 'px'
                        } else {
                            dropy = i + 'px'
                        }
                    } else if (o == 'auto' && a == 'right') {
                        B = -(l - j) + 'px';
                        if (x > y) {
                            dropy = -k + 'px'
                        } else {
                            dropy = i + 'px'
                        }
                    } else {
                        if (x > y) {
                            dropy = -k + 'px'
                        } else {
                            dropy = i + 'px'
                        }
                        if (z > A) {
                            B = -(l - j) + 'px'
                        } else {
                            B = '0px'
                        }
                    }
                    g.style.left = B;
                    g.style.top = dropy;
                    var C = 'ontouchstart' in document.documentElement ? 'touchstart' : 'click';
                    if (document.addEventListener) {
                        document.addEventListener(C, function() {
                            if (D) {
                                setTimeout(function() {
                                    addthisevent.force(c)
                                }, 300)
                            }
                        }, false)
                    } else if (document.attachEvent) {
                        document.attachEvent("on" + C, function() {
                            if (D) {
                                setTimeout(function() {
                                    addthisevent.force(c)
                                }, 300)
                            }
                        })
                    } else {
                        document.onclick = function() {
                            addthisevent.force(c)
                        }
                    }
                }
            }
        },
        force: function(f) {
            var a = $d(f);
            var b = $d(f + '-drop');
            if (a && b) {
                if (D && b.style.display == 'block') {
                    setTimeout("addthisevent.hide('" + f + "');", 350)
                }
            }
        },
        out: function() {
            addthisevent.force(olddrop)
        },
        hide: function(f) {
            var a = $d(f);
            var b = $d(f + '-drop');
            if (a && b) {
                a.className = a.className.replace(/addthisevent-selected/gi, '');
                b.style.display = 'none';
                b.style.zIndex = ''
            }
        },
        tim: function() {
            D = true
        },
        topzindex: function() {
            var a = 99999;
            var b = document.getElementsByTagName('*');
            for (var d = 0; d < b.length; d += 1) {
                if (addthisevent.hasclass(b[d], 'addthisevent-drop') || addthisevent.hasclass(b[d], 'addeventstc-drop')) {
                    var c = addthisevent.getstyle(b[d], 'z-index');
                    if (!isNaN(parseFloat(c)) && isFinite(c)) {
                        c = parseInt(c);
                        if (c > a) {
                            a = c
                        }
                    }
                }
            }
            a++;
            return a
        },
        viewport: function() {
            var w = 0,
                h = 0,
                y = 0,
                x = 0;
            if (typeof(window.innerWidth) == 'number') {
                w = window.innerWidth;
                h = window.innerHeight
            } else if (document.documentElement && (document.documentElement.clientWidth || document.documentElement.clientHeight)) {
                w = document.documentElement.clientWidth;
                h = document.documentElement.clientHeight
            } else if (document.body && (document.body.clientWidth || document.body.clientHeight)) {
                w = document.body.clientWidth;
                h = document.body.clientHeight
            }
            if (document.all) {
                x = (document.documentElement.scrollLeft) ? document.documentElement.scrollLeft : document.body.scrollLeft;
                y = (document.documentElement.scrollTop) ? document.documentElement.scrollTop : document.body.scrollTop
            } else {
                x = window.pageXOffset;
                y = window.pageYOffset
            }
            return w + '/' + h + '/' + x + '/' + y
        },
        elementposition: function(a) {
            var x = 0,
                y = 0;
            if (a.offsetParent) {
                x = a.offsetLeft;
                y = a.offsetTop;
                while (a = a.offsetParent) {
                    x += a.offsetLeft;
                    y += a.offsetTop
                }
            }
            return x + '/' + y
        },
        getstyle: function(a, b) {
            var x = a;
            var y;
            if (x.currentStyle) {
                y = x.currentStyle[b]
            } else if (window.getComputedStyle) {
                y = document.defaultView.getComputedStyle(x, null).getPropertyValue(b)
            }
            return y
        },
        glicense: function(f) {
            var b = location.href;
            var c = true;
            var d = f;
            var e = d.length;
            if (e == 20) {
                var a = d.substring(0, 1);
                var z = d.substring(9, 10);
                var m = d.substring(17, 18);
                if (a != 'a') {
                    c = false
                }
                if (z != 'z') {
                    c = false
                }
                if (m != 'm') {
                    c = false
                }
            } else {
                c = false
            }
            if (b.indexOf('addthisevent.com') == -1 && d == 'aao8iuet5zp9iqw5sm9z') {
                c = false
            }
            return c
        },
        refresh: function() {
            var a = document.getElementsByTagName('*');
            for (var d = 0; d < a.length; d += 1) {
                if (addthisevent.hasclass(a[d], 'addthisevent-drop')) {
                    a[d].className = a[d].className.replace(/addthisevent-drop/gi, '');
                    a[d].className = a[d].className.replace(/addthisevent/gi, '');
                    a[d].className = a[d].className + ' addthisevent'
                }
            }
            _ate_btn_expo = false;
            addthisevent.generate()
        },
        callcack: function(f) {
            _ate_callback = f
        },
        setlabel: function(l, t) {
            var x = l.toLowerCase();
            if (x == 'outlook') {
                _ate_lbl_outlook = t
            }
            if (x == 'google') {
                _ate_lbl_google = t
            }
            if (x == 'yahoo') {
                _ate_lbl_yahoo = t
            }
            if (x == 'ical') {
                _ate_lbl_ical = t
            }
            if (x == 'facebookevent') {
                _ate_lbl_fb_event = t
            }
        },
        settings: function(c) {
            if (c.license != undefined) {
                _ate_license = c.license
            }
            if (c.css != undefined) {
                if (c.css) {
                    _ate_css = 'true'
                } else {
                    _ate_css = 'false';
                    addthisevent.removecss()
                }
            }
            if (c.mouse != undefined) {
                _ate_mouse = c.mouse
            }
            if (c.outlook != undefined) {
                if (c.outlook.show != undefined) {
                    _ate_show_outlook = c.outlook.show
                }
            }
            if (c.google != undefined) {
                if (c.google.show != undefined) {
                    _ate_show_google = c.google.show
                }
            }
            if (c.yahoo != undefined) {
                if (c.yahoo.show != undefined) {
                    _ate_show_yahoo = c.yahoo.show
                }
            }
            if (c.hotmail != undefined) {
                if (c.hotmail.show != undefined) {
                    _ate_show_hotmail = c.hotmail.show
                }
            }
            if (c.ical != undefined) {
                if (c.ical.show != undefined) {
                    _ate_show_ical = c.ical.show
                }
            }
            if (c.facebook != undefined) {
                if (c.facebook.show != undefined) {
                    _ate_show_facebook = c.facebook.show
                }
            }
            if (c.outlook != undefined) {
                if (c.outlook.text != undefined) {
                    _ate_lbl_outlook = c.outlook.text
                }
            }
            if (c.google != undefined) {
                if (c.google.text != undefined) {
                    _ate_lbl_google = c.google.text
                }
            }
            if (c.yahoo != undefined) {
                if (c.yahoo.text != undefined) {
                    _ate_lbl_yahoo = c.yahoo.text
                }
            }
            if (c.hotmail != undefined) {
                if (c.hotmail.text != undefined) {
                    _ate_lbl_hotmail = c.hotmail.text
                }
            }
            if (c.ical != undefined) {
                if (c.ical.text != undefined) {
                    _ate_lbl_ical = c.ical.text
                }
            }
            if (c.facebook != undefined) {
                if (c.facebook.text != undefined) {
                    _ate_lbl_fb_event = c.facebook.text
                }
            }
            if (c.dropdown != undefined) {
                if (c.dropdown.order != undefined) {
                    _ate_dropdown = c.dropdown.order
                }
            }
            if (c.callback != undefined) {
                _ate_callback = c.callback
            }
        },
        hasclass: function(e, c) {
            return new RegExp('(\\s|^)' + c + '(\\s|$)').test(e.className)
        },
        htmlencode: function(a) {
            var b = a.replace(/<br\s*[\/]?>/gi, "\n");
            b = b.replace(/<(?:.|\n)*?>/gm, '');
            b = b.replace(/(^\s+|\s+$)/g, '');
            var c = document.createElement("div");
            var d = document.createTextNode(b);
            c.appendChild(d);
            return c.innerHTML
        },
        eclick: function(a) {
            var b = document.getElementById(a);
            if (b.click) {
                b.click()
            } else if (document.createEvent) {
                var c = document.createEvent('MouseEvents');
                c.initEvent('click', true, true);
                b.dispatchEvent(c)
            }
        },
        track: function(a) {
            var b = new Image(1, 1);
            var d = new Date();
            var c = d.getTime();
            var e = encodeURIComponent(window.location.href);
            b.src = proc + '//track.addevent.com/atc/?trktyp=' + a.typ + '&trkcal=' + a.cal + '&guid=' + addthisevent.getguid() + '&url=' + e + '&cache=' + c
        },
        getguid: function() {
            var a = "addevent_track_cookie=",
                coov = '';
            var b = document.cookie.split(';');
            for (var i = 0; i < b.length; i++) {
                var c = b[i];
                while (c.charAt(0) == ' ') {
                    c = c.substring(1, c.length)
                }
                if (c.indexOf(a) == 0) {
                    coov = c.substring(a.length, c.length)
                }
            }
            if (coov == '') {
                var d = (addthisevent.s4() + addthisevent.s4() + "-" + addthisevent.s4() + "-4" + addthisevent.s4().substr(0, 3) + "-" + addthisevent.s4() + "-" + addthisevent.s4() + addthisevent.s4() + addthisevent.s4()).toLowerCase();
                var e = new Date();
                e.setTime(e.getTime() + (365 * 24 * 60 * 60 * 1000));
                var f = "expires=" + e.toUTCString();
                document.cookie = "addevent_track_cookie=" + d + "; " + f;
                coov = d
            }
            return coov
        },
        s4: function() {
            return (((1 + Math.random()) * 0x10000) | 0).toString(16).substring(1)
        }
    }
}();
if (window.addEventListener) {
    window.addEventListener("DOMContentLoaded", function() {
        _d_rd = true;
        addthisevent.trycss();
        addthisevent.generate()
    }, false);
    window.addEventListener("load", function() {
        addthisevent.generate()
    }, false)
} else if (window.attachEvent) {
    window.attachEvent("onreadystatechange", function() {
        _d_rd = true;
        addthisevent.trycss();
        addthisevent.generate()
    });
    window.attachEvent("onload", function() {
        addthisevent.generate()
    })
} else {
    window.onload = function() {
        addthisevent.generate()
    }
}
if (!_d_rd) {
    setTimeout("addthisevent.trycss();addthisevent.generate();", 20)
}
                                    

#4 JavaScript::Eval (size: 918, repeated: 1) - SHA256: 8a35882658815a06c43bdfe3ab9dde3442c5d7269fa840dd35afe2b5eb10cc1f

                                        (function(v, i, d, a, l, y, t, c, s) {
    y = '_' + d.toLowerCase();
    c = d + 'L';
    if (!v[d]) {
        v[d] = {};
    }
    if (!v[c]) {
        v[c] = {};
    }
    if (!v[y]) {
        v[y] = {};
    }
    var vl = 'Loader',
        vli = v[y][vl],
        vsl = v[c][vl + 'Script'],
        vlf = v[c][vl + 'Loaded'],
        ve = 'Embed';
    if (!vsl) {
        vsl = function(u, cb) {
            if (t) {
                cb();
                return;
            }
            s = i.createElement("script");
            s.type = "text/javascript";
            s.async = 1;
            s.src = u;
            if (s.readyState) {
                s.onreadystatechange = function() {
                    if (s.readyState === "loaded" || s.readyState == "complete") {
                        s.onreadystatechange = null;
                        vlf = 1;
                        cb();
                    }
                };
            } else {
                s.onload = function() {
                    vlf = 1;
                    cb();
                };
            }
            i.getElementsByTagName("head")[0].appendChild(s);
        };
    }
    vsl(l + 'loader.min.js', function() {
        if (!vli) {
            var vlc = v[c][vl];
            vli = new vlc();
        }
        vli.loadScript(l + 'player.min.js', function() {
            var vec = v[d][ve];
            t = new vec();
            t.run(a);
        });
    });
})(window, document, 'Vidalytics', 'vidalytics_embed_pBrrlABfvNSTASm0', 'https://quick.vidalytics.com/embeds/Gzq_USs6/pBrrlABfvNSTASm0/');
                                    

#5 JavaScript::Eval (size: 655, repeated: 1) - SHA256: 97c33bf4252fe957777ccb6e04ecfac3e1c00526256426b1d71244206aab457a

                                        (function(v, i, d, a, l, y, t, c, s) {
    y = '_' + d.toLowerCase();
    if (!v[y]) {
        v[y] = {}
    }
    if (!v[y].embeds) {
        v[y].embeds = {}
    }
    t = function() {
        if (v[d] && v[d].Embed) {
            var ve = v[d].Embed;
            c = new ve();
            c.run(a);
            c.loadCss();
        } else {
            setTimeout(t, 1000)
        }
    };
    s = new XMLHttpRequest();
    s.open("GET", l + '?ac=' + (new Date()).getTime(), true);
    s.onreadystatechange = function() {
        if (s.readyState == 4) {
            if ((s.status == 200 || s.status == 304)) {
                var sd = JSON.parse(s.responseText);
                v[y].embeds[a] = {
                    type: "video",
                    options: sd
                };
                t();
            }
        }
    };
    s.send();
})(window, document, 'Vidalytics', 'G6i2TCj8FIK2j19d', 'https://quick.vidalytics.com/embeds/Gzq_USs6/G6i2TCj8FIK2j19d/player.settings.json');
                                    

#6 JavaScript::Eval (size: 110, repeated: 1) - SHA256: b937da9c4432f9d603f5b0b3583fa7c1d4f68bb10ae9743a4b53ba94f88fbf4d

                                        formSubmitFunctions["acform0"] = function() {
    SendData("acform0", function onsubmit(event) {

    });
    return false;
};
                                    

Executed Writes (2)

#1 JavaScript::Write (size: 85, repeated: 1) - SHA256: fa5fd8280fc9153c19154bd89659f2439774dd29204ecdd07f7f81c15ba14ad0

                                        < body onload = "window.location.href='https://pixel.sitescout.com/dmp/asyncPixelSync'" >
                                    

#2 JavaScript::Write (size: 5565, repeated: 1) - SHA256: 264713822a2952b44f892142f6fafac9c5dbca8e7c49d96d00a9cc23a5801b3d

                                        < html > < head > < title > Dising < /title><script type="text/javascript
">rD = false;function edcTimeout() {rD = true; }function cto_AI(u,n) { if (rD) {return;} var cto_ifr=document.getElementById('cto_sub_ifr_px');var cto_ifr_doc=null;if(typeof(cto_ifr)==='undefined'||cto_ifr==null)cto_ifr_doc=document;else if(cto_ifr.contentDocument)cto_ifr_doc=cto_ifr.contentDocument;else if(cto_ifr.contentWindow)cto_ifr_doc=cto_ifr.contentWindow.document;else if(cto_ifr.document)cto_ifr_doc=cto_ifr.document;else cto_ifr_doc=document;if(cto_ifr_doc.createElement){var im=cto_ifr_doc.createElement('IMG');if(im){var d=document.getElementById('cto_pc');if(d!==null && d.appendChild){d.appendChild(im)}if(n){im.onload=n;im.onerror=n;im.onabort=n}im.src=u}} }function cto_l(){if(typeof(cto_loaded)==='undefined')cto_loaded=1;else cto_loaded++;}function cto_run() {function l_i1_1(){cto_AI('https://x.bidswitch.net/sync?dsp_id=46&user_id=k-lQPHfBfDIpFkAnOXgrezU_mRbOlA95nqvZrwsw&expires=30', cto_l);}function l_i2_1(){cto_AI('https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-3rgIABfDIpFkAnOXgrezU_mRbOlQgNaDV1EByw&google_cm&google_hm=ay0zcmdJQUJmRElwRmtBbk9YZ3JlelVfbVJiT2xRZ05hRFYxRUJ5dw', cto_l);}function l_i3_1(){cto_AI('https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID', cto_l);}function l_i4_1(){cto_AI('https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-X2Xk_hfDIpFkAnOXgrezU_mRbOlioRZ6ph7sRQ', cto_l);}function l_i5_1(){cto_AI('https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-2dyaUBfDIpFkAnOXgrezU_mRbOlcpyPhZAfLDQ', cto_l);}function l_i6_1(){cto_AI('https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Jz8-DRfDIpFkAnOXgrezU_mRbOn7z6cDjnbyWA', cto_l);}function l_i7_1(){cto_AI('https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-UlZ4XhfDIpFkAnOXgrezU_mRbOlF03416LnTxnR5_pB3h5y5', cto_l);}function l_i8_1(){cto_AI('https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-_yNH-RfDIpFkAnOXgrezU_mRbOn3DRZ8cOpMfg', cto_l);}function l_i9_1(){cto_AI('https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Jp-W-xfDIpFkAnOXgrezU_mRbOmHh_MUUpsitQ', cto_l);}function l_i10_1(){cto_AI('https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-9KL4XhfDIpFkAnOXgrezU_mRbOkEjvLtPBmQxw&expires=30', cto_l);}function l_i11_1(){cto_AI('https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-aKaBXxfDIpFkAnOXgrezU_mRbOmIfIRRIECQIg', cto_l);}function l_i12_1(){cto_AI('https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-N9EGERfDIpFkAnOXgrezU_mRbOn7t9QLaTjBuw', cto_l);}function l_i13_1(){cto_AI('https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-KRdkfhfDIpFkAnOXgrezU_mRbOkcQt-Eg2k7Dg', cto_l);}function l_i14_1(){cto_AI('https://criteo-sync.teads.tv/um?eid=80&uid=k-K9RyXhfDIpFkAnOXgrezU_mRbOnu5XiDH_Q_Vg', cto_l);}function l_i15_1(){cto_AI('https://eb2.3lift.com/xuid?mid=2711&xuid=k-GeSKhxfDIpFkAnOXgrezU_mRbOnZIdjXKGqNgA&dongle=013b', cto_l);}function l_i16_1(){cto_AI('https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-7zZxqxfDIpFkAnOXgrezU_mRbOnE1FUmXH5F-g', cto_l);}function l_i17_1(){cto_AI('https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-Q_McGRfDIpFkAnOXgrezU_mRbOnmZCpeKmPlag', l_i17_2);}function l_i17_2(){cto_AI('https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-Q_McGRfDIpFkAnOXgrezU_mRbOnmZCpeKmPlag', l_i17_3);}function l_i17_3(){cto_AI('https://ad.yieldlab.net/m?dt_id=12438557&ext_id=k-Q_McGRfDIpFkAnOXgrezU_mRbOnmZCpeKmPlag', cto_l);}function l_i18_1(){cto_AI('https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-ElOdDhfDIpFkAnOXgrezU_mRbOldhn66Abw-AQ', cto_l);}function l_i19_1(){cto_AI('https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-VX8npBfDIpFkAnOXgrezU_mRbOmeLn6bICRmFw', cto_l);}function l_i20_1(){cto_AI('https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40', l_i20_2);}function l_i20_2(){cto_AI('https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40', l_i20_3);}function l_i20_3(){cto_AI('https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40', cto_l);}function l_i21_1(){cto_AI('https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-I7CTnhfDIpFkAnOXgrezU_mRbOl_bv6YNtTQCQ', cto_l);}function l_i22_1(){cto_AI('https://criteo-partners.tremorhub.com/sync?UICR=k-p1CMiBfDIpFkAnOXgrezU_mRbOnjSnJETDTMxw', cto_l);}function l_i23_1(){cto_AI('https://sync-criteo.ads.yieldmo.com/sync?id=k-3Dr_DhfDIpFkAnOXgrezU_mRbOkT5NFElWfVcg&pn_id=criteo&ext=1', cto_l);}cto_tot = 23;l_i1_1();l_i2_1();l_i3_1();l_i4_1();l_i5_1();l_i6_1();l_i7_1();l_i8_1();l_i9_1();l_i10_1();l_i11_1();l_i12_1();l_i13_1();l_i14_1();l_i15_1();l_i16_1();l_i17_1();l_i18_1();l_i19_1();l_i20_1();l_i21_1();l_i22_1();l_i23_1();}</script></head><body><iframe id="
cto_sub_ifr_px " src="
javascript: false " style="
width: 1 px;
height: 1 px;
display: none;
"><div id='cto_pc' style='display:none'></div></iframe><script type="
text / javascript ">document.body.onload = function(){ if(window.cto_run) cto_run(); };window.setTimeout(function(){ if(typeof(cto_loaded)==='undefined' || cto_loaded<cto_tot) {edcTimeout();var redirectLocation=location.protocol+'//static.criteo.net/empty.html'; location.replace(redirectLocation);}}, 5000);</script></body></html>
                                    


HTTP Transactions (198)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 21:06:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VAGTxB3yEwXKshkg1h0nUqI8uXo-58hbZ-wLxPd4tstRd3ZMMX4v9g==
Age: 2411


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16615
Expires: Thu, 08 Sep 2022 02:23:50 GMT
Date: Wed, 07 Sep 2022 21:46:55 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 05:03:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qWtRakrbJ1J8aKxSWggKySX84xlA8Io9y0Gm_dG7H47-UyUtTAfKxg==
age: 64821
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 07 Sep 2022 21:46:55 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /6738/186/2/?subid=tismm7 HTTP/1.1 
Host: mwebnice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.67.146.245
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 07 Sep 2022 21:46:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=3600, private
pragma: no-cache
location: https://trk.legendaff.com/aff_c?offer_id=67&aff_id=1143&aff_click_id=6738_sessid20220907214630904&aff_sub=186
expires: Wed, 07 Sep 2022 22:46:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7472a3ccbc26b515-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 07 Sep 2022 21:38:18 GMT
Expires: Wed, 07 Sep 2022 22:05:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zAqhBIJDEKFwu6FCZ8hRbG8RpE0uPTVUsdZONy6foUr9bU2W3ybZxw==
Age: 517


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4399
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 21:46:55 GMT
Last-Modified: Wed, 07 Sep 2022 20:33:36 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uLFz/0Rm8PhYdFNa/7N3Ow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.88.220.109
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IeeJvtcgx1yClxwlLf6UICkNUr4=

                                        
                                            GET /hosted/images/ed/8afffddd394e8d8023a2236d06f56b/joint-restore-gummies-6-pack.png HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043&affiliate_id=&click_id=6738_sessid20220907214630904&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=10289321eb29ffddf6e1f2dc03c043
Cookie: __cf_bm=wrlaS5N51xDEWMY_F8gHNcV8X.zz.xj.gzt42a_kCdU-1662587215-0-AUEbbNrKIoVuZeHyUHClYHe6SVAwaoZTSKsmObDKjOmDSJPRK4xnQKBllArspBG0+rwxGKmaol3FL9/ys5dDtCW8R0z/PCCInVYH1TTT9cfx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 07 Sep 2022 21:46:56 GMT
content-length: 341245
cf-ray: 7472a3d62b240b39-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "ccd66439e790bb40a687ea93e7563a63"
last-modified: Wed, 11 Nov 2020 12:28:09 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=341393
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1018 x 564, 8-bit/color RGBA, non-interlaced\012- data
Size:   341245
Md5:    a2e34c3ae57383e15887e5680d0badff
Sha1:   6e2913e84cd0a3549e044c545b93524550e1f170
Sha256: 6ef63fae9358d66f9130a085044c84f1ec67ede5a7efe5fa32a36894912f92fd
                                        
                                            GET /hosted/images/80/33a6d622c245f0be7ce955e69f8b94/jointrestore-gummies.png HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043&affiliate_id=&click_id=6738_sessid20220907214630904&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=10289321eb29ffddf6e1f2dc03c043
Cookie: __cf_bm=wrlaS5N51xDEWMY_F8gHNcV8X.zz.xj.gzt42a_kCdU-1662587215-0-AUEbbNrKIoVuZeHyUHClYHe6SVAwaoZTSKsmObDKjOmDSJPRK4xnQKBllArspBG0+rwxGKmaol3FL9/ys5dDtCW8R0z/PCCInVYH1TTT9cfx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 07 Sep 2022 21:46:56 GMT
content-length: 78418
cf-ray: 7472a3d62b2c0b39-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "391f6e1eb952adcfdd76231a4c0fb0e1"
last-modified: Thu, 12 Nov 2020 06:12:49 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=78566
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 275 x 339, 8-bit/color RGBA, non-interlaced\012- data
Size:   78418
Md5:    6ac43691fbbef0a73508aca781e38145
Sha1:   41b3c98f446e95430fcc62da38cdc7b92409c231
Sha256: 71da7fea00c24cdff5371bdda93015e107a55700efba4cef98d28ee413566824
                                        
                                            GET /hosted/images/10/56a652960b4e47a2fcd84cd77bd3d1/Group-6890.png HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043&affiliate_id=&click_id=6738_sessid20220907214630904&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=10289321eb29ffddf6e1f2dc03c043
Cookie: __cf_bm=wrlaS5N51xDEWMY_F8gHNcV8X.zz.xj.gzt42a_kCdU-1662587215-0-AUEbbNrKIoVuZeHyUHClYHe6SVAwaoZTSKsmObDKjOmDSJPRK4xnQKBllArspBG0+rwxGKmaol3FL9/ys5dDtCW8R0z/PCCInVYH1TTT9cfx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 07 Sep 2022 21:46:56 GMT
content-length: 22343
cf-ray: 7472a3d62b2f0b39-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "4cddd1a405fcfe2a5b5eeeb50ac6fcff"
last-modified: Tue, 27 Oct 2020 13:36:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=22865
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 350 x 58, 8-bit/color RGBA, non-interlaced\012- data
Size:   22343
Md5:    371b09a6308c1cf5c90fdc625f894471
Sha1:   4326d9e8ab4f0cc68350044d070c4c9f03eebf66
Sha256: 0d8e069d00f8da07dbf10221a46db459be4c7e8edae88446728fe1cf8811b767
                                        
                                            GET /hosted/images/a8/7722bc4d3b48b19638ac52da9e58a9/design-f5b0667e-6ab9-478a-8460-8d665f99455c-1.png HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043&affiliate_id=&click_id=6738_sessid20220907214630904&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=10289321eb29ffddf6e1f2dc03c043
Cookie: __cf_bm=wrlaS5N51xDEWMY_F8gHNcV8X.zz.xj.gzt42a_kCdU-1662587215-0-AUEbbNrKIoVuZeHyUHClYHe6SVAwaoZTSKsmObDKjOmDSJPRK4xnQKBllArspBG0+rwxGKmaol3FL9/ys5dDtCW8R0z/PCCInVYH1TTT9cfx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 07 Sep 2022 21:46:56 GMT
content-length: 60796
cf-ray: 7472a3d62b310b39-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "f62bc6fe8d98125d91b9b7aef151a1f8"
last-modified: Mon, 28 Mar 2022 20:03:49 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=61050
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 350 x 447, 8-bit colormap, non-interlaced\012- data
Size:   60796
Md5:    3ba9bbf8b96770b459429940d92d7a79
Sha1:   00acbaaa9078346c74da3cf94d09e2b692bff5ef
Sha256: b1ee42c7737ae65389682b1879a8d2e14b8a1c3574aae0a923ebe1f33c1773ac
                                        
                                            GET /hosted/images/38/1f4ea064214882ad58073240f9cdb6/Screen-Shot-2022-03-22-at-10.16.08-AM.png HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043&affiliate_id=&click_id=6738_sessid20220907214630904&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=10289321eb29ffddf6e1f2dc03c043
Cookie: __cf_bm=wrlaS5N51xDEWMY_F8gHNcV8X.zz.xj.gzt42a_kCdU-1662587215-0-AUEbbNrKIoVuZeHyUHClYHe6SVAwaoZTSKsmObDKjOmDSJPRK4xnQKBllArspBG0+rwxGKmaol3FL9/ys5dDtCW8R0z/PCCInVYH1TTT9cfx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 07 Sep 2022 21:46:56 GMT
content-length: 674934
cf-ray: 7472a3d63b3b0b39-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "b17091089aa100beb2adf1cb4b57087a"
last-modified: Tue, 22 Mar 2022 16:16:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=679821
x-amz-cf-pop: OSL50-C1
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=NyEnLgx1sFYfC6Tc5SiPEOSnveF_XsFGyju7CRxtyUM-1662587216-0-AZvzB0useygLhdqoJKlj6-h6N_Rgqa1kKY6nDUqAGaR4s6tVdJYrEGyjiAvXSlfJZpJ_oLMRxguxqcKJgr2tDS_IVp5Ls6IMEpH8GZXGcE2P"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=NyEnLgx1sFYfC6Tc5SiPEOSnveF_XsFGyju7CRxtyUM-1662587216-0-AZvzB0useygLhdqoJKlj6-h6N_Rgqa1kKY6nDUqAGaR4s6tVdJYrEGyjiAvXSlfJZpJ_oLMRxguxqcKJgr2tDS_IVp5Ls6IMEpH8GZXGcE2P; report-to cf-csp-endpoint
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 968 x 848, 8-bit/color RGB, non-interlaced\012- data
Size:   674934
Md5:    83fc6873518fe469af1fd3e13bf992c4
Sha1:   a08e1e3a49bf9df824db3ae7f62dc4aece355b93
Sha256: 6b47b4323d80411f07887e2af731d53764f1f86c46a633532463ce735d3edf36
                                        
                                            GET /hosted/images/0f/dc7ebd7889437e93b4d189b856a842/Screen-Shot-2021-05-19-at-7.50.12-AM.png HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043&affiliate_id=&click_id=6738_sessid20220907214630904&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=10289321eb29ffddf6e1f2dc03c043
Cookie: __cf_bm=wrlaS5N51xDEWMY_F8gHNcV8X.zz.xj.gzt42a_kCdU-1662587215-0-AUEbbNrKIoVuZeHyUHClYHe6SVAwaoZTSKsmObDKjOmDSJPRK4xnQKBllArspBG0+rwxGKmaol3FL9/ys5dDtCW8R0z/PCCInVYH1TTT9cfx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 07 Sep 2022 21:46:56 GMT
content-length: 246109
cf-ray: 7472a3d63b3c0b39-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "bfce0f070b1cb993f2fac933823896c0"
last-modified: Wed, 19 May 2021 13:50:46 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=249933
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1322 x 1522, 8-bit/color RGB, non-interlaced\012- data
Size:   246109
Md5:    8048cc0d6dbd055f000dce6d9d0d0657
Sha1:   f9a8acff4f374b3aaf19166a6f98ac34c158de7f
Sha256: ad0619a0f61a25a4a8fffd18bc38112fa5a47ac2e73ce618523c336ae2761bd1
                                        
                                            GET /tracking/prosperwellness_lander.js HTTP/1.1 
Host: cdn1.lockerdomecdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.43
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 733
last-modified: Fri, 21 May 2021 18:48:24 GMT
x-amz-version-id: IXK4sDg7IhH.._0LH9j...5boykFnEd9
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 09:41:39 GMT
etag: "ded6fc3d3fa4c08bd8c3184513a12513"
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B0YDzgR2ySD_eo0JughNn_o4zn3MBIMhCNTMI9ZXm2oVMufbzglLUw==
age: 43518
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   733
Md5:    ded6fc3d3fa4c08bd8c3184513a12513
Sha1:   aac0d0a584bef69586142ff02496d06bc641494f
Sha256: aba9ceb251ecd2af35adf37daa0a2d64760fd399c91c2c332cc30f7d315c3650
                                        
                                            GET /assets/up.js?um=1 HTTP/1.1 
Host: cdn01.basis.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.140.228.46
HTTP/2 200 OK
content-type: application/javascript
                                        
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
server: AC1.1
x-llid: 01661bfa15982544fa67457f9f1a6bdd
age: 136029
date: Wed, 07 Sep 2022 21:46:56 GMT
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
content-length: 1550
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3275)
Size:   1550
Md5:    745340d954663bbef59f3e65c8aa728b
Sha1:   0af5bfef26b3eeec2000086014638c4d11821220
Sha256: 71bfd4fead77b57be5c1ffa6a3c49e4c5defba58cbcabf255a1757a4579c53e6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/lander.css HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043&affiliate_id=&click_id=6738_sessid20220907214630904&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=10289321eb29ffddf6e1f2dc03c043
Cookie: __cf_bm=wrlaS5N51xDEWMY_F8gHNcV8X.zz.xj.gzt42a_kCdU-1662587215-0-AUEbbNrKIoVuZeHyUHClYHe6SVAwaoZTSKsmObDKjOmDSJPRK4xnQKBllArspBG0+rwxGKmaol3FL9/ys5dDtCW8R0z/PCCInVYH1TTT9cfx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 07 Sep 2022 21:46:56 GMT
cf-ray: 7472a3d60ae60b39-OSL
access-control-allow-origin: *
age: 881
cache-control: public, max-age=1200
etag: W/"630e9cfc-6a514"
expires: Wed, 07 Sep 2022 22:06:56 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (53232)
Size:   72075
Md5:    199e1a4d2d6a7db87a9b04c2afbd38f5
Sha1:   47ec940a7ded6aa138b121c8cb9e3dc143e5a2bf
Sha256: cc41987b3cf8fced2578310afb50f4645fb7aa6ed7a3a487edbf8c705504a1c0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/userevents/application.js HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043&affiliate_id=&click_id=6738_sessid20220907214630904&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=10289321eb29ffddf6e1f2dc03c043
Cookie: __cf_bm=wrlaS5N51xDEWMY_F8gHNcV8X.zz.xj.gzt42a_kCdU-1662587215-0-AUEbbNrKIoVuZeHyUHClYHe6SVAwaoZTSKsmObDKjOmDSJPRK4xnQKBllArspBG0+rwxGKmaol3FL9/ys5dDtCW8R0z/PCCInVYH1TTT9cfx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Wed, 07 Sep 2022 21:46:56 GMT
cf-ray: 7472a3d61b0c0b39-OSL
access-control-allow-origin: *
age: 849
cache-control: public, max-age=1200
etag: W/"630e9cfc-1353"
expires: Wed, 07 Sep 2022 22:06:56 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4947), with no line terminators
Size:   2211
Md5:    087f7f3947104e1bfe0fb089f2e5a424
Sha1:   548e90575d3100beeed917cc31b0dbb53530e4e7
Sha256: dab5355de89e63273f5c500f7a8f3bf6fb17c9de3119d7ae41ce7181164bbac5
                                        
                                            GET /images/closemodal.png HTTP/1.1 
Host: www.clickfunnels.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.13.194
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 07 Sep 2022 21:46:56 GMT
cf-ray: 7472a3d72e1f1c0e-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 536712
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "630e9cfc-314"
expires: Sat, 08 Oct 2022 21:46:56 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
set-cookie: __cf_bm=.zXz3EMG.iqltdOkO868tcH9vkdWC.Ino_HLBQrYlQ0-1662587216-0-AY/wVOnOxk8sQ7ZcZiIBBpQYpN6reMZLpMEcQpowVwOLsCcb6amOrRJjderLddR2YqAyPTFpoZsjRZk6dJc1zasHb+/L8wFgG8euKrMvZjqL; path=/; expires=Wed, 07-Sep-22 22:16:56 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1144
Md5:    e022ab0d53337f7a0fb2792f51325e04
Sha1:   5999e65cc12d61001f3e930cac21f76a3994c20a
Sha256: 704a949f4f61e94abbbf95822668386c66fc91849c8f8de4f6d22ca49d50d6c3
                                        
                                            GET /hosted/images/55/7d443214c54c46999cd7600e665dac/top-header-bg.jpg HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043&affiliate_id=&click_id=6738_sessid20220907214630904&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=10289321eb29ffddf6e1f2dc03c043
Cookie: __cf_bm=wrlaS5N51xDEWMY_F8gHNcV8X.zz.xj.gzt42a_kCdU-1662587215-0-AUEbbNrKIoVuZeHyUHClYHe6SVAwaoZTSKsmObDKjOmDSJPRK4xnQKBllArspBG0+rwxGKmaol3FL9/ys5dDtCW8R0z/PCCInVYH1TTT9cfx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 07 Sep 2022 21:46:56 GMT
content-length: 2747
cf-ray: 7472a3d7fcf30b39-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "d016079a401645969522294fd89712cf"
last-modified: Tue, 10 Nov 2020 05:45:25 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x108, components 1\012- data
Size:   2747
Md5:    d016079a401645969522294fd89712cf
Sha1:   6a8ff7bf7514b355d7aafd404987018c218416e1
Sha256: 536dd1c2b04b2009bf25904cfb7725c846ff4f85328d09d8a77f24f350e330fd
                                        
                                            GET /hosted/images/b6/4851f3c59f469bb592ce71c9c00b4c/hero-background.jpg HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043&affiliate_id=&click_id=6738_sessid20220907214630904&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=10289321eb29ffddf6e1f2dc03c043
Cookie: __cf_bm=wrlaS5N51xDEWMY_F8gHNcV8X.zz.xj.gzt42a_kCdU-1662587215-0-AUEbbNrKIoVuZeHyUHClYHe6SVAwaoZTSKsmObDKjOmDSJPRK4xnQKBllArspBG0+rwxGKmaol3FL9/ys5dDtCW8R0z/PCCInVYH1TTT9cfx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 07 Sep 2022 21:46:56 GMT
content-length: 17918
cf-ray: 7472a3d7fcf60b39-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "2607b786029ba4eeec16a43b4bf8ea3c"
last-modified: Tue, 10 Nov 2020 07:02:09 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x816, components 3\012- data
Size:   17918
Md5:    2607b786029ba4eeec16a43b4bf8ea3c
Sha1:   eb2cb30099d29811b1f03ee9959a8f025a1a82a6
Sha256: e3430fb01b0a96fa0c9a1a3619135ed8666f60eb36da4d70bd212717d72b163d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:10:21 GMT
expires: Wed, 06 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 102995
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 22:17:40 GMT
expires: Wed, 06 Sep 2023 22:17:40 GMT
cache-control: public, max-age=31536000
age: 84556
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Size:   15660
Md5:    d7b0b953a50fddaa88089b5b787cf719
Sha1:   2f85bc568b27659a3d6452f58f9fd7678450326d
Sha256: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
                                        
                                            GET /gtm.js?id=GTM-M7VBKSB HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Sep 2022 21:46:56 GMT
expires: Wed, 07 Sep 2022 21:46:56 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37051
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1615)
Size:   37051
Md5:    4745b861e14081a35b5bab788ea8ede6
Sha1:   f1326f61916b42347d576a220aea71e6ed8f27ad
Sha256: f65b73a9ac31140541f35d3277d304d92b0dffd3cfad5022b42aecaf45a2b1d0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /analytics.min.js HTTP/1.1 
Host: assets.mantisadnetwork.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.50
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 22 Aug 2020 16:12:44 GMT
x-amz-version-id: Ck1Ya2WWYBt8azQIxoUFopCW7mWWtikS
server: AmazonS3
content-encoding: gzip
date: Wed, 07 Sep 2022 21:02:21 GMT
cache-control: max-age=3600
etag: W/"d982d874969783cad1711ce501e9f999"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _phuspma29PvczXpz4ceZo53FEoAX4AibOkf5cF4VzyfKtcBQ2YFtw==
age: 2675
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   22292
Md5:    9110fc04ea45396f132b8977fedf33b9
Sha1:   0238feac13a1dc27652ec115e5f977878a233883
Sha256: bd0e3d77cf3e672f3b96ff096583e119d46fd633c6386afc615e79cdcd89c9eb
                                        
                                            GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 16:04:44 GMT
expires: Sat, 02 Sep 2023 16:04:44 GMT
cache-control: public, max-age=31536000
age: 452532
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Size:   15700
Md5:    3d7f7413fca69bff4d231ebdc50aaab0
Sha1:   cb18e7943b6a8a0e3672d7242197c19a226b92e8
Sha256: 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 7968
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:56 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 11 Sep 2022 18:37:18 GMT
ETag: "b2e2bea7f5c0a8771f183bfccd0636e7ea838de1"
Last-Modified: Wed, 07 Sep 2022 18:37:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 766
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7472a3d9ce40b523-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    7a9d6d572aa459340d033566d9475c51
Sha1:   b2e2bea7f5c0a8771f183bfccd0636e7ea838de1
Sha256: 944a997e1bc6593c186c8ff5b5d85d90626ce6e8bb4fa023b8a7820057cabdb6
                                        
                                            GET /tags/7D22114E-F0D5-FF42-AC61-EED931FFF4E1/btp.js HTTP/1.1 
Host: www.rtb123.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         67.225.220.126
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
last-modified: Thu, 01 Aug 2019 19:17:17 GMT
accept-ranges: bytes
etag: "bd3d9ebb9d48d51:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
access-control-allow-origin: *
date: Wed, 07 Sep 2022 21:46:56 GMT
content-length: 60
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   60
Md5:    d7ccb5dc7f9d9fcf48ca4602cc089ea9
Sha1:   4ee87a669ab38ab3cab7bbd7384527ed7c769c8d
Sha256: ca07fa3313b5e3a483c08d111fdb61b9d2f9bb49203ca8d865d3d20beaba10ca
                                        
                                            GET /embeds/Gzq_USs6/pBrrlABfvNSTASm0/loader.min.js HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.229.220.49
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type
age: 1696159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=300, s-maxage=2592000
date: Wed, 07 Sep 2022 21:46:57 GMT
etag: "4531414b85a3c054437c2c3d1d2d5f5d"
expires: Fri, 07 Oct 2022 21:46:57 GMT
last-modified: Fri, 19 Aug 2022 06:16:37 GMT
server: ECAcc (ska/F6E8)
vary: Accept-Encoding
x-cache: HIT
x-goog-generation: 1660889797497485
x-goog-hash: crc32c=UGf3Sg==, md5=RTFBS4WjwFRDfCw9HS1fXQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 9740
x-guploader-uploadid: ADPycdvp1wk7UKQ9FX3Q0jm4GfxR1sKmRV2oj18cGMZTnVUgEj7KZcTtQPYtDfDKeNqbHUjUazKs6xaU2lC08EjP5l-ulCiolcvK
content-length: 9740
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40367), with no line terminators
Size:   9740
Md5:    4531414b85a3c054437c2c3d1d2d5f5d
Sha1:   224749701b80d2cc47a0c48d77b20f24f8500935
Sha256: fe0ce1e65c04eec591ca94f13b56fdd8d975c1a356e62461cec1c0091999bdf4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11447
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 21:46:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11447
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 21:46:57 GMT
Connection: keep-alive

                                        
                                            GET /vendor.js HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043&affiliate_id=&click_id=6738_sessid20220907214630904&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=10289321eb29ffddf6e1f2dc03c043
Cookie: __cf_bm=wrlaS5N51xDEWMY_F8gHNcV8X.zz.xj.gzt42a_kCdU-1662587215-0-AUEbbNrKIoVuZeHyUHClYHe6SVAwaoZTSKsmObDKjOmDSJPRK4xnQKBllArspBG0+rwxGKmaol3FL9/ys5dDtCW8R0z/PCCInVYH1TTT9cfx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 07 Sep 2022 21:46:57 GMT
cf-ray: 7472a3da3fbf0b39-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: 07380e95ad5bd79f63341849d7a5903e
x-runtime: 0.019901
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   5933
Md5:    f8c9520b889c08736e291c6b0120fc45
Sha1:   a04b7fd1825d4c567b1541a156f9d13e9470ff8b
Sha256: 095e6593e7b115d67ba4114e7e065598640d3f7486938712d5de0be2268c5be1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11447
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 21:46:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11447
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 21:46:57 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8462
x-amzn-requestid: 1a501a0a-2671-468b-885b-2a2efb73bc2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDq64HbCIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317beab-395f6d1436b027ee60d00abd;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:42:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZWf6CXKcClMXAXmFXNp0sxVCMUFyZqhhh7B83tJMX_jvteLRDzG8QA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:42:06 GMT
age: 291
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8462
Md5:    70c964498818242b742575cfa1769b67
Sha1:   cde85fbe83c9e29618edf4e05002bd623e3ab965
Sha256: bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605
                                        
                                            GET /userevents/?funnel_id=UmUxOXRmdnFkWlN2eGdkRndvc0V4UT09LS1RaVQvMnJLOHp3bHJVVS94aFp4SHJRPT0%3D--876e5a957bcd001d5cce41a4fd851b012e29194b&page_id=WFRsNFpHRTg2bU1HTFlZaittVW02UT09LS15L0M0cVo4Q242MEh6M09MR3lsUGh3PT0%3D--7ae70bc719c9a801894231095a6e2fc37a4a9dd5&funnel_step_id=QmM0c3Bic2lUaGxzbW9qV3UyTGJuUT09LS1GTmdBbjBIemZUKzNFbFkwWEdwMG9RPT0%3D--be04bf2ed65461defb95b250f6b6efde4d6b095c&user_id=djUvaFlBZGlXbHNLMW5QQUNDbVFiQT09LS1hRjFwa1dJSU1JNkQrRFVZaGgwcGxRPT0%3D--a5fbe712bd46740d163344c80157997d73153aa6&account_id=cUV6SE9aeGJXWFJsZEpKVVJieWk0dz09LS1zQm8rTEoxUWVDN2krQ28xRFhmdjF3PT0%3D--74d4e0cdb0ee1de99f127f83cf59a5a3eeeb7e38&page_code=NTQ0NDAwNDc%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=10289321eb29ffddf6e1f2dc03c043&aff_sub3=&aff_sub=1143&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=106bfadf-cb90-4cbc-8b4c-c1c234254b6a&url=https%3A%2F%2Frenewyourknees.com%2Fvsl1651652599068bb%3Faff_sub%3D1143%26aff_sub2%3D10289321eb29ffddf6e1f2dc03c043%26affiliate_id%3D%26click_id%3D6738_sessid20220907214630904%26cookiepreview%3Dfalse%26fix%3D186%26ho_aff_id%3D1143%26noautoplay%3Dfalse%26nopopup%3Dfalse%26trans_id%3D10289321eb29ffddf6e1f2dc03c043 HTTP/1.1 
Host: app.clickfunnels.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.14.194
HTTP/2 202 Accepted
content-type: text/html
                                        
date: Wed, 07 Sep 2022 21:46:57 GMT
cf-ray: 7472a3da782c0b3d-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 4830eb4da8a1bd8e17b9abad028e8605
x-runtime: 0.032796
set-cookie: __cf_bm=T.CtTgXCvN49UMy31LnvKYQQyRTy0XyeTwt3KdfV6Vk-1662587217-0-ASMJeayo10vAmmbcSs3LFCNf73noiyDJqYo/9sUXErViGfIYDZIg10wA3nWv/OnSCAU7nK7uXIf3Uz8QXWekpzP3RO/mY5MsFMr7AImPvRHV; path=/; expires=Wed, 07-Sep-22 22:16:57 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   494001
Md5:    59f046391fc67d18cca2ce7b6a3f30fb
Sha1:   9166bb7b3256f204f94e13e2782f7633063b2eb6
Sha256: 1f13680288ec19d3c3987f1ba7a482c7b853c52a018ce4cd612616cec835dd32
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:14:32 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
age: 84745
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12661
Md5:    79f4356c488498012cc7fc03be21e3df
Sha1:   dd9cd9b711d7112efa85eff8a798346dbd7d5f5f
Sha256: ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 05:12:06 GMT
age: 59691
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6214
Md5:    f922505178de0cea92eedcfda85a9f67
Sha1:   50f1459de01174e594e03e7df4dfaa8eb1798672
Sha256: 981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4805
x-amzn-requestid: 270858f2-c94d-4047-8e3b-c49a5a603610
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjbiJHuZoAMFpSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ad940-3ba2164762e4f74227b6a23b;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 02:56:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: do30zKZmrP_j4feGGu8G39ibskE4dXxTL8YzpAR7PCFpQuJalYeJqA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:57:13 GMT
age: 85784
etag: "5200b601017ce86614783b76fd2a775c1c48d4e9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4805
Md5:    4f29d8aaae2d67c27c58001e7553dea7
Sha1:   5200b601017ce86614783b76fd2a775c1c48d4e9
Sha256: 6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11778
x-amzn-requestid: 2956f23c-8907-48de-b82a-73da9ae1d75e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYVHnLoAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdce-5d76bbe82dc2823407fe67f3;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:22 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rcz0dXiOQ0dlgTR6GZw4nINUg-2UhWSI5zqNaafUhzYxtoYPhKz3kg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:41:10 GMT
age: 347
etag: "55154c3878e9650f463805c3829f03a1603f14c1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11778
Md5:    1462b0c8fff091f29c7c5145031c08aa
Sha1:   55154c3878e9650f463805c3829f03a1603f14c1
Sha256: 62f913a6498b21da33451e7cf0e37c5fdef565324bcd35d93cb536527394a3d5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3604
x-amzn-requestid: 193380c8-0d3a-4b81-9429-fa4cb4cf136e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDq26FI7oAMFpOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317be92-2f435ce33c4469de425b11a3;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:41:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6MhayVPx_iJ_mgJzUfuOsFeBgAK21RktvWOwrX3Rvk3WIElEek1LFA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:49:33 GMT
etag: "b95ee99dafca1695d6b86763fce0ceb058f40ef3"
age: 86244
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3604
Md5:    932f4d99fb1927aae3010e00472b38c3
Sha1:   b95ee99dafca1695d6b86763fce0ceb058f40ef3
Sha256: da9dbade65f50c1f9ca10956dc863759dd1e0cdf7e28721c79831c288d3ae24e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 21:46:57 GMT
Last-Modified: Wed, 07 Sep 2022 20:03:26 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Zx3_-buz7wc5Jz_TuG00LHTPz0SQnfiZyHMyfq0-Ca34pm9UFw5m7A==
Age: 6211

                                        
                                            GET /cp/obtp.js HTTP/1.1 
Host: amplify.outbrain.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.201.81
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Accept-Ranges: bytes
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Wed, 07 Sep 2022 22:06:57 GMT
Date: Wed, 07 Sep 2022 21:46:57 GMT
Content-Length: 3249
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (8072), with no line terminators
Size:   3249
Md5:    9b19340ef7db3cbb26aa923adb8dbe6e
Sha1:   082e699bca6e80ca6c72a43f2894f4a32e785e26
Sha256: c042b8b199b2c08fa66f90753998544860e3f64c3a1f47754a66970b3b8c5b2a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2957
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 21:46:57 GMT
Last-Modified: Wed, 07 Sep 2022 20:57:40 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/uploads/2018/06/2018-06-08_0911.png HTTP/1.1 
Host: www.prosperwellness.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.95.133
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 07 Sep 2022 21:46:57 GMT
content-length: 88111
last-modified: Fri, 08 Jun 2018 15:12:16 GMT
etag: "1582f-56e22d345470a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 194
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaZKgz3QhUfz3foqj449DrwKZ5ncQA2kUZtz9FB47DfJG5LaCWuTWzmArmAJB2pG%2FLeiwaBckuG%2BDUs%2BBGtPuHaH%2FJCdJ2%2FRN3geQGnZE6EhWc525hBwN%2Bf18E%2F7G%2Bg8k3F3ZJOldtrD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7472a3dd9bb10b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1518 x 1496, 8-bit/color RGBA, non-interlaced\012- data
Size:   88111
Md5:    e57817426681b6646dcfe95823f7f8c6
Sha1:   6d396e821718c0aedb62e2cc6ebf0669de500d3b
Sha256: dbe8a2099e602f4f0055133f84e970ef2d01f5ff33428d575aeebc697f27575a
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Wed, 07 Sep 2022 20:41:12 GMT
expires: Wed, 07 Sep 2022 22:41:12 GMT
cache-control: public, max-age=7200
age: 3945
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: XLb2FKTDCHZDZH6FP15KgnaICOLJHT525MxkWMfkwaepAWyLbRxBONCSGk3+n+ExCUtKM/hfeDZd/eFaxkNlTw==
content-length: 26737
x-fb-trip-id: 1904183273
date: Wed, 07 Sep 2022 21:46:57 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26737
Md5:    8e7e24fb3539746aa8b869558f589615
Sha1:   d8086d86bbd5cfacc3b6a5ef14aa917830e137dd
Sha256: 7304497ee417a664bdea67d7307ca36a36013556b927c3ea5bca6c04b66236ef
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6218
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 21:46:57 GMT
Last-Modified: Wed, 07 Sep 2022 20:03:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2957
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 21:46:57 GMT
Last-Modified: Wed, 07 Sep 2022 20:57:40 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /embeds/Gzq_USs6/G6i2TCj8FIK2j19d/player.settings.json?ac=1662587210134 HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.229.220.49
HTTP/2 200 OK
content-type: application/json
                                        
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=300, s-maxage=2592000
date: Wed, 07 Sep 2022 21:46:57 GMT
etag: "45ed67d8f1e56274a06e86182ba7ab4c"
expires: Fri, 07 Oct 2022 21:46:57 GMT
last-modified: Fri, 19 Aug 2022 06:14:21 GMT
server: UploadServer
x-goog-generation: 1660889661605651
x-goog-hash: crc32c=NH+fgg==, md5=Re1n2PHlYnSgboYYK6erTA==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2753
x-guploader-uploadid: ADPycdtkUvl32wGuJ6EuUUbnKXT2ldtPHegY9rSEYAgLFPrqVj2o5eHelirI_bxNTCZGQqjQ5aNOo2-_lgTijuG3Th_zwQ
content-length: 2753
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2753), with no line terminators
Size:   2753
Md5:    45ed67d8f1e56274a06e86182ba7ab4c
Sha1:   f1cc3c2f943a7599d62078ae0a69367225701af8
Sha256: 9fee8d7d2f4a62e81227375abee428660d1549ca2803bd733c8b743fb2858137
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2769
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 21:46:57 GMT
Last-Modified: Wed, 07 Sep 2022 21:00:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /jsstore/a/150HK5G/ge.js HTTP/1.1 
Host: s3-us-west-2.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.92.146.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: hqZ9x3Plz2ISm6eHJEkkgjwHwOsCWQ8JtEYnTvG2q2sk2SBb0/qf8cHeP82DKcI9gwRAi/oMT20=
x-amz-request-id: 343WB1MCWPZJ00Y0
Date: Wed, 07 Sep 2022 21:46:58 GMT
Last-Modified: Mon, 08 Nov 2021 15:43:30 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 0

                                        
                                            GET /dmp/asyncPixelSync HTTP/1.1 
Host: pixel.sitescout.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         66.155.71.25
HTTP/2 302 Found
                                        
set-cookie: ssi=350f9cc3-215e-44bf-9ed3-93fa49af731c#1662587217675; Domain=.sitescout.com; Expires=Thu, 07-Sep-2023 21:46:57 GMT; Path=/; Secure; SameSite=None
location: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
content-length: 0
date: Wed, 07 Sep 2022 21:46:57 GMT
server: AC1.1
X-Firefox-Spdy: h2

                                        
                                            GET /up/48a921ade243f6f2?cntr_url=https%3A%2F%2Frenewyourknees.com%2Fvsl1651652599068bb%3Faff_sub%3D1143%26aff_sub2%3D10289321eb29ffddf6e1f2dc03c043%26affiliate_id%3D%26click_id%3D6738_sessid20220907214630904%26cookiepreview%3Dfalse%26fix%3D186%26ho_aff_id%3D1143%26noautoplay%3Dfalse%26nopopup%3Dfalse%26trans_id%3D10289321eb29ffddf6e1f2dc03c043 HTTP/1.1 
Host: pixel.sitescout.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         66.155.71.25
HTTP/2 302 Found
                                        
set-cookie: ssi=9386b1d2-8136-40ba-bbf7-d1a32ec89426#1662587217697; Domain=.sitescout.com; Expires=Thu, 07-Sep-2023 21:46:57 GMT; Path=/; Secure; SameSite=None
location: https://pixel.sitescout.com/up/48a921ade243f6f2?cookieQ=1&cntr_url=https%3A%2F%2Frenewyourknees.com%2Fvsl1651652599068bb%3Faff_sub%3D1143%26aff_sub2%3D10289321eb29ffddf6e1f2dc03c043%26affiliate_id%3D%26click_id%3D6738_sessid20220907214630904%26cookiepreview%3Dfalse%26fix%3D186%26ho_aff_id%3D1143%26noautoplay%3Dfalse%26nopopup%3Dfalse%26trans_id%3D10289321eb29ffddf6e1f2dc03c043
content-length: 0
date: Wed, 07 Sep 2022 21:46:57 GMT
server: AC1.1
X-Firefox-Spdy: h2

                                        
                                            GET /dmp/asyncPixelSync?cookieQ=1 HTTP/1.1 
Host: pixel.sitescout.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://renewyourknees.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         66.155.71.25
HTTP/2 204 No Content
                                        
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Wed, 07 Sep 2022 21:46:57 GMT
server: AC1.1
X-Firefox-Spdy: h2

                                        
                                            GET /assets/lander.js HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043&affiliate_id=&click_id=6738_sessid20220907214630904&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=10289321eb29ffddf6e1f2dc03c043
Cookie: __cf_bm=wrlaS5N51xDEWMY_F8gHNcV8X.zz.xj.gzt42a_kCdU-1662587215-0-AUEbbNrKIoVuZeHyUHClYHe6SVAwaoZTSKsmObDKjOmDSJPRK4xnQKBllArspBG0+rwxGKmaol3FL9/ys5dDtCW8R0z/PCCInVYH1TTT9cfx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Wed, 07 Sep 2022 21:46:56 GMT
cf-ray: 7472a3d63b3d0b39-OSL
access-control-allow-origin: *
age: 849
cache-control: public, max-age=1200
etag: W/"630e9d40-238fd1"
expires: Wed, 07 Sep 2022 22:06:56 GMT
last-modified: Tue, 30 Aug 2022 23:29:04 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32752)
Size:   677953
Md5:    cc529898c4c67431a7d60c636dac8c6a
Sha1:   d932c2e4298980cca492f42b74a1942e0bfc0003
Sha256: fe40ad6c2270fea7d7a5c01633242d011d6bb11ff16dc4bc096b5d271e2f9312
                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4939
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 21:46:57 GMT
Last-Modified: Wed, 07 Sep 2022 20:24:38 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4939
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 21:46:57 GMT
Last-Modified: Wed, 07 Sep 2022 20:24:38 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2423
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 21:46:57 GMT
Last-Modified: Wed, 07 Sep 2022 21:06:34 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 312

                                        
                                            GET /syncframe?topUrl=renewyourknees.com&origin=onetag HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         178.250.2.146
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Wed, 07 Sep 2022 21:46:57 GMT
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=949d52a7-fefc-40f7-ab81-0a0b41805faf; expires=Mon, 02 Oct 2023 21:46:57 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 608968
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13316)
Size:   5005
Md5:    181c25894e51d690724137e6ef8c8edb
Sha1:   cdd752d270f4b063b042e6ddbd3d0d7a33a15b2f
Sha256: 8fa0090c8a85ec34d05870f6b3ffd5e913fa64c00df8a3be9329e87e26a4877b
                                        
                                            GET /tr/?id=228562807555133&ev=PageView&dl=https%3A%2F%2Frenewyourknees.com%2Fvsl1651652599068bb%3Faff_sub%3D1143%26aff_sub2%3D10289321eb29ffddf6e1f2dc03c043%26affiliate_id%3D%26click_id%3D6738_sessid20220907214630904%26cookiepreview%3Dfalse%26fix%3D186%26ho_aff_id%3D1143%26noautoplay%3Dfalse%26nopopup%3Dfalse%26trans_id%3D10289321eb29ffddf6e1f2dc03c043&rl=&if=false&ts=1662587210993&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662587210991.1744442996&it=1662587210640&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 07 Sep 2022 21:46:58 GMT
expires: Wed, 07 Sep 2022 21:46:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   44
Md5:    b798f4ce7359fd815df4bdf76503b295
Sha1:   f8cc6addf1707ad236ad9970b0a48f9733d07da5
Sha256: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6447
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 21:46:58 GMT
Last-Modified: Wed, 07 Sep 2022 19:59:31 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 312

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 481
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 21:46:58 GMT
Last-Modified: Wed, 07 Sep 2022 21:38:57 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 312

                                        
                                            GET /cachedClickId?marketerId=00de1cc9c95c123adccf27fd149b0b8388 HTTP/1.1 
Host: tr.outbrain.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.202.112.223
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 07 Sep 2022 21:46:58 GMT
Content-Length: 56
X-TraceId: c766380ad5a5ea70d233b264768f8b63
content-encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   56
Md5:    77fbe8ab311fa20557d95906363035ed
Sha1:   5806df80f09a37e070d5f37c49f19797c2763fd0
Sha256: 4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
                                        
                                            GET /unifiedPixel?marketerId=00de1cc9c95c123adccf27fd149b0b8388&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Frenewyourknees.com%2Fvsl1651652599068bb%3Faff_sub%3D1143%26aff_sub2%3D10289321eb29ffddf6e1f2dc03c043%26affiliate_id%3D%26click_id%3D6738_sessid20220907214630904%26cookiepreview%3Dfalse%26fix%3D186%26ho_aff_id%3D1143%26noautoplay%3Dfalse%26nopopup%3Dfalse%26trans_id%3D10289321eb29ffddf6e1f2dc03c043&optOut=false&bust=005641788345029097&referrer= HTTP/1.1 
Host: tr.outbrain.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.202.112.223
HTTP/1.1 200 OK
Content-Type: image/gif;
                                        
Date: Wed, 07 Sep 2022 21:46:58 GMT
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 86a90b16ab64b3859ebc810208955603
content-encoding: gzip


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   60
Md5:    fb0fc5c090282e372b8bf8ff13ae3ee2
Sha1:   2de3834253ece606ce4d2a6f10a59654b6fa378b
Sha256: 90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
                                        
                                            GET /newidsd HTTP/1.1 
Host: ag.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         185.235.84.36
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Wed, 07 Sep 2022 21:46:57 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 96757
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            GET /js/ld/ld.js HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.0.130
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Wed, 07 Sep 2022 21:46:57 GMT
last-modified: Wed, 29 Jun 2022 07:49:23 GMT
etag: W/"62bc0403-a792"
expires: Thu, 08 Sep 2022 21:46:57 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   14053
Md5:    066a2ce754f334ddae28ef2aad5543fc
Sha1:   b9d288c77a7c2828de8834ad21d1f7ac87213234
Sha256: bf3850bce7a4c40b1408d109794fb1f83cf1597ba9332a9d36f24edb40f02e12
                                        
                                            GET /nr-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Sep 2022 21:46:58 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 644
x-timer: S1662587218.343442,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32022)
Size:   14391
Md5:    b7c09cc097b2847f9edc784adba62dcb
Sha1:   5aa648623cf5e3b4b215fe5d068a7904c59f2925
Sha256: 6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 07 Sep 2022 21:46:59 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 07 Sep 2022 21:16:43 GMT
Expires: Thu, 08 Sep 2022 21:16:43 GMT
ETag: "65b8e851d4e204a63fe078569cb3341d0abb7e7d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    a33b0c1981c2e5a934b35a4e14c7ac55
Sha1:   65b8e851d4e204a63fe078569cb3341d0abb7e7d
Sha256: 1d109b906a001a2929070fee948c0dbb00e7aa87697d9814bd4dbbb66d3603ea
                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/stream.mpd HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.229.220.49
HTTP/2 200 OK
content-type: application/dash+xml
                                        
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 12883691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
date: Wed, 07 Sep 2022 21:46:59 GMT
etag: "814f641dd619cf540cb27f001ce4bc38"
expires: Sat, 02 Sep 2023 21:46:59 GMT
last-modified: Mon, 11 Apr 2022 18:52:17 GMT
server: ECAcc (ska/F737)
x-cache: HIT
x-goog-generation: 1649703137121846
x-goog-hash: crc32c=2Ike4A==, md5=gU9kHdYZz1QMsn8AHOS8OA==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5842
x-guploader-uploadid: ADPycdvXSUvqwh9h133vD8V2TtX_gCjvFlwMQ_n0TemC1Ebm-wEgDuSZlpyVq21KgCUIkgC7ofn5HeIKkNuBEaFM-n7ll54XTEgn
content-length: 5842
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text
Size:   5842
Md5:    814f641dd619cf540cb27f001ce4bc38
Sha1:   ad3ada9f5cd36098dc48116ba3e8458ea37ffb8a
Sha256: 3e124cdf2182ed6112e6e9feaf75aa4dd2b7f3d6dca829e44ef23647535f8483
                                        
                                            POST /licensing HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 105
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.27.197
HTTP/2 200 OK
content-type: application/json
                                        
server: v1.53.0
date: Wed, 07 Sep 2022 21:46:58 GMT
content-length: 117
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   117
Md5:    f90d2c53623621471228392bf3047e2a
Sha1:   b9f0bb5e8fd5fd97cb47a25edb9b6950ad51627e
Sha256: 5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 07 Sep 2022 21:46:59 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 07 Sep 2022 21:16:43 GMT
Expires: Thu, 08 Sep 2022 21:16:43 GMT
ETag: "65b8e851d4e204a63fe078569cb3341d0abb7e7d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    a33b0c1981c2e5a934b35a4e14c7ac55
Sha1:   65b8e851d4e204a63fe078569cb3341d0abb7e7d
Sha256: 1d109b906a001a2929070fee948c0dbb00e7aa87697d9814bd4dbbb66d3603ea
                                        
                                            POST /licensing HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 105
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.27.197
HTTP/2 200 OK
content-type: application/json
                                        
server: v1.53.0
date: Wed, 07 Sep 2022 21:46:59 GMT
content-length: 117
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   117
Md5:    f90d2c53623621471228392bf3047e2a
Sha1:   b9f0bb5e8fd5fd97cb47a25edb9b6950ad51627e
Sha256: 5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
                                        
                                            GET /images/background.png?_unique=0.9297495632437148&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//renewyourknees.com/vsl1651652599068bb%3Faff_sub%3D1143%26aff_sub2%3D10289321eb29ffddf6e1f2dc03c043%26affiliate_id%3D%26click_id%3D6738_sessid20220907214630904%26cookiepreview%3Dfalse%26fix%3D186%26ho_aff_id%3D1143%26noautoplay%3Dfalse%26nopopup%3Dfalse%26trans_id%3D10289321eb29ffddf6e1f2dc03c043&_title=JointRestore&_key=kt9q4hed&_page_key=6k37lq76vuqjyyzr&_fid=12069231&_fspos=1&_fvrs=4&_funnel_stat=1&_location=https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043&affiliate_id=&click_id=6738_sessid20220907214630904&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=10289321eb29ffddf6e1f2dc03c043&_referrer=&affiliate_id=true&aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043 HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043&affiliate_id=&click_id=6738_sessid20220907214630904&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=10289321eb29ffddf6e1f2dc03c043
Cookie: __cf_bm=wrlaS5N51xDEWMY_F8gHNcV8X.zz.xj.gzt42a_kCdU-1662587215-0-AUEbbNrKIoVuZeHyUHClYHe6SVAwaoZTSKsmObDKjOmDSJPRK4xnQKBllArspBG0+rwxGKmaol3FL9/ys5dDtCW8R0z/PCCInVYH1TTT9cfx; cf:aff_sub2=10289321eb29ffddf6e1f2dc03c043; cf:aff_sub3=; cf:aff_sub=1143; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ0NDAwNDc=:visited=true; cf:visitor_id=90134aa2-fe2f-40ed-b523-0ac1ec8f2e35; aff_sub=1143; aff_sub2=10289321eb29ffddf6e1f2dc03c043; affiliate_id=; click_id=6738_sessid20220907214630904; cookiepreview=false; fix=186; ho_aff_id=1143; noautoplay=false; nopopup=false; trans_id=10289321eb29ffddf6e1f2dc03c043; addevent_track_cookie=b20fa0f8-cd79-4e74-4ec0-eaf5b80fb829; _ga=GA1.2.1552927422.1662587211; _gid=GA1.2.13572163.1662587211; _gat=1; _fbp=fb.1.1662587210991.1744442996; outbrain_cid_fetch=true; _jsuid=4030215933; _no_tracky_101126271=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Wed, 07 Sep 2022 21:46:58 GMT
cf-ray: 7472a3e2881b0b39-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store, private
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 57134ab440e7c3e6ab44fa4cd9bf73b7
x-runtime: 0.017233
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=N4_FL3647lga9MnVN9Fc_YxDSYvfqAb_.KoIUg6roAI-1662587218-0-AcWWu-zUAhsna34ata2__jA4P314CFFpCME3kGy5kQP3fvbdiIXv1-joce6mns0h2GRpHlUVrR4ksRGYscJmwg0cHtNaqoBYsTfL136n4MKW"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=N4_FL3647lga9MnVN9Fc_YxDSYvfqAb_.KoIUg6roAI-1662587218-0-AcWWu-zUAhsna34ata2__jA4P314CFFpCME3kGy5kQP3fvbdiIXv1-joce6mns0h2GRpHlUVrR4ksRGYscJmwg0cHtNaqoBYsTfL136n4MKW; report-to cf-csp-endpoint
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   548
Md5:    3b69bc423b2b75f96d04acf11fe38f99
Sha1:   7bf67fbfaf82b1b2b4da4bef249ebffbec84ea60
Sha256: 10724c7e7a68d7c5c78af632314b7d6cb24a51fd43a2e0bff148c1e5d350634c
                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1253
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.0
date: Wed, 07 Sep 2022 21:46:58 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1247
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.0
date: Wed, 07 Sep 2022 21:46:58 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /cdn-cgi/rum? HTTP/1.1 
Host: renewyourknees.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 23373
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/vsl1651652599068bb?aff_sub=1143&aff_sub2=10289321eb29ffddf6e1f2dc03c043&affiliate_id=&click_id=6738_sessid20220907214630904&cookiepreview=false&fix=186&ho_aff_id=1143&noautoplay=false&nopopup=false&trans_id=10289321eb29ffddf6e1f2dc03c043
Cookie: __cf_bm=wrlaS5N51xDEWMY_F8gHNcV8X.zz.xj.gzt42a_kCdU-1662587215-0-AUEbbNrKIoVuZeHyUHClYHe6SVAwaoZTSKsmObDKjOmDSJPRK4xnQKBllArspBG0+rwxGKmaol3FL9/ys5dDtCW8R0z/PCCInVYH1TTT9cfx; cf:aff_sub2=10289321eb29ffddf6e1f2dc03c043; cf:aff_sub3=; cf:aff_sub=1143; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQ0NDAwNDc=:visited=true; cf:visitor_id=90134aa2-fe2f-40ed-b523-0ac1ec8f2e35; aff_sub=1143; aff_sub2=10289321eb29ffddf6e1f2dc03c043; affiliate_id=; click_id=6738_sessid20220907214630904; cookiepreview=false; fix=186; ho_aff_id=1143; noautoplay=false; nopopup=false; trans_id=10289321eb29ffddf6e1f2dc03c043; addevent_track_cookie=b20fa0f8-cd79-4e74-4ec0-eaf5b80fb829; _ga=GA1.2.1552927422.1662587211; _gid=GA1.2.13572163.1662587211; _gat=1; _fbp=fb.1.1662587210991.1744442996; outbrain_cid_fetch=true; _jsuid=4030215933; _no_tracky_101126271=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.12.194
HTTP/2 200 OK
content-type: text/plain
                                        
date: Wed, 07 Sep 2022 21:46:58 GMT
access-control-allow-origin: https://renewyourknees.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7472a3e369070b39-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   85949
Md5:    6adc150e5fdacf9eb9cc594b73ad245d
Sha1:   18e2897ea3fe50d973a47cfb33b0c5e5c202091b
Sha256: 0c417bceb0f3b853358a61ebf4f7d5dbbafa2d77c4909aeed7bc3c3d37074232
                                        
                                            GET /awesome-log?cid=Gzq_USs6 HTTP/1.1 
Host: stats.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.107.158.93
HTTP/2 200 OK
content-type: image/gif
                                        
server: istio-envoy
date: Wed, 07 Sep 2022 21:46:59 GMT
content-length: 43
cache-control: no-cache, public, max-age=2592000
etag: "Gzq_USs6/uU6s04akBO5d6Wo5"
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
x-envoy-upstream-service-time: 267
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    57f187c7a868faeac558007a8eb6cb2e
Sha1:   11ab10ab109fdb53d91d444ac781101f5a6360c6
Sha256: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
                                        
                                            POST /licensing HTTP/1.1 
Host: licensing.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 149
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.227.229.24
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
date: Wed, 07 Sep 2022 21:46:59 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   165
Md5:    bad32d07dc1ad9e3d334785067afbf34
Sha1:   653f8f612c6646daae0122b3b27e2c11486f86a4
Sha256: 41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 07 Sep 2022 21:46:59 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 07 Sep 2022 21:16:43 GMT
Expires: Thu, 08 Sep 2022 21:16:43 GMT
ETag: "65b8e851d4e204a63fe078569cb3341d0abb7e7d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    a33b0c1981c2e5a934b35a4e14c7ac55
Sha1:   65b8e851d4e204a63fe078569cb3341d0abb7e7d
Sha256: 1d109b906a001a2929070fee948c0dbb00e7aa87697d9814bd4dbbb66d3603ea
                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/webm/video/1920x1080_vp9_1500000/s_0.webm HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.229.220.49
HTTP/2 200 OK
content-type: video/mp4
                                        
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 12883605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
date: Wed, 07 Sep 2022 21:46:59 GMT
etag: "3aed4d4dfbfafb94c8b7f604debdde09"
expires: Sat, 02 Sep 2023 21:46:59 GMT
last-modified: Mon, 11 Apr 2022 18:42:19 GMT
server: ECAcc (ska/F791)
x-cache: HIT
x-goog-generation: 1649702538998897
x-goog-hash: crc32c=zg1RTw==, md5=Ou1NTfv6+5TIt/YE3r3eCQ==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 771696
x-guploader-uploadid: ADPycdsxkMyPOY2HYEGGIpbFbObK2MEAwZ5TJ5vlQv0L5QIoJkj0LgMZMF5Oxau6T38Flw51u4RfFHJAavdhoS0214F49YAV5oJd
content-length: 771696
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   771696
Md5:    3aed4d4dfbfafb94c8b7f604debdde09
Sha1:   7f41a42da1c3ebb56759f73c38e235f1b2f19b14
Sha256: 57c08776588a9bfb1136670e9978ee996989447a0fbacc3cc10082e7d7e6ceaa
                                        
                                            POST /scribe HTTP/1.1 
Host: stats.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 577
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.107.158.93
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-methods: POST,OPTIONS
date: Wed, 07 Sep 2022 21:46:59 GMT
content-length: 16
x-envoy-upstream-service-time: 4
server: istio-envoy
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   16
Md5:    a1cbd35d4488ac8cc6f959d4c633dc37
Sha1:   11844023759429ec785ae1c18e6a9c69803ee2bd
Sha256: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:59 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 13:41:36 GMT
Expires: Wed, 14 Sep 2022 13:41:35 GMT
Etag: "31997bc2337ea2ac58e23fb644dc4161b5bb2a3a"
Cache-Control: max-age=575075,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7472a3e908c1fabc-OSL

                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/webm/video/1920x1080_vp9_1500000/s_1.webm HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.229.220.49
HTTP/2 200 OK
content-type: video/mp4
                                        
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 12883604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
date: Wed, 07 Sep 2022 21:46:59 GMT
etag: "a11558ba4743166ca45739c6e13291e1"
expires: Sat, 02 Sep 2023 21:46:59 GMT
last-modified: Mon, 11 Apr 2022 18:42:16 GMT
server: ECAcc (ska/F770)
x-cache: HIT
x-goog-generation: 1649702536148023
x-goog-hash: crc32c=DJTVMw==, md5=oRVYukdDFmykVznG4TKR4Q==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 733510
x-guploader-uploadid: ADPycds5CxsLwFSU_XCAI-PTZGBXesY-ZvocSD_SxvjxyCb9zid3VtBOTa69pnSUZ2VWZLUMg4XIT632u6G1onpyiJGeoTvKosiI
content-length: 733510
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   733510
Md5:    a11558ba4743166ca45739c6e13291e1
Sha1:   3415369fc1f4b4e37fc12b29edda60035a0ee2c2
Sha256: 20ddfe88b7dbd1bced84e1bfc4d9e88958c903a223765b31ea925fc2b2def7d3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-66238646-1&cid=1552927422.1662587211&jid=353202888&gjid=1066438076&_gid=13572163.1662587211&_u=IEBAAEAAAAAAAC~&z=1196470063 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.251.1.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://renewyourknees.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Sep 2022 21:46:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            GET /event?a=68378&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=Q5h4CV84aSUyQjVLJTJCYW9ONHlDdVpOYllmZ2pmS29xZGlTZWVuN0VMUTQ2SUN5bVpTeHB6SnRZTHRIOWNNUWMwVFNkMEFaTlFrRzFIWnpHOURwa0ZTUDQzOEszWjl0WEZVZVIlMkJVeSUyQmVsZDUwdUdYRDQlMkI3MkNrWWlKQUlTdFBMUFpKJTJCdnA5amFwREZZem5WVlIlMkI4MlF2ckwwR2xXQSUzRCUzRA&tld=renewyourknees.com&fu=https%253A%252F%252Frenewyourknees.com%252Fvsl1651652599068bb%253Faff_sub%253D1143%2526aff_sub2%253D10289321eb29ffddf6e1f2dc03c043%2526affiliate_id%253D%2526click_id%253D6738_sessid20220907214630904%2526cookiepreview%253Dfalse%2526fix%253D186%2526ho_aff_id%253D1143%2526noautoplay%253Dfalse%2526nopopup%253Dfalse%2526trans_id%253D10289321eb29ffddf6e1f2dc03c043&dtycbr=50334 HTTP/1.1 
Host: sslwidget.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.2.151
HTTP/2 302 Found
                                        
date: Wed, 07 Sep 2022 21:46:58 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.us.criteo.com/event?a=68378&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=Q5h4CV84aSUyQjVLJTJCYW9ONHlDdVpOYllmZ2pmS29xZGlTZWVuN0VMUTQ2SUN5bVpTeHB6SnRZTHRIOWNNUWMwVFNkMEFaTlFrRzFIWnpHOURwa0ZTUDQzOEszWjl0WEZVZVIlMkJVeSUyQmVsZDUwdUdYRDQlMkI3MkNrWWlKQUlTdFBMUFpKJTJCdnA5amFwREZZem5WVlIlMkI4MlF2ckwwR2xXQSUzRCUzRA&tld=renewyourknees.com&fu=https%253A%252F%252Frenewyourknees.com%252Fvsl1651652599068bb%253Faff_sub%253D1143%2526aff_sub2%253D10289321eb29ffddf6e1f2dc03c043%2526affiliate_id%253D%2526click_id%253D6738_sessid20220907214630904%2526cookiepreview%253Dfalse%2526fix%253D186%2526ho_aff_id%253D1143%2526noautoplay%253Dfalse%2526nopopup%253Dfalse%2526trans_id%253D10289321eb29ffddf6e1f2dc03c043&dtycbr=50334
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 18520321
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/webm/video/1920x1080_vp9_1500000/s_2.webm HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.229.220.49
HTTP/2 200 OK
content-type: video/mp4
                                        
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 12883620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
date: Wed, 07 Sep 2022 21:46:59 GMT
etag: "a0125b1b78f6514b7b938b75f9798a56"
expires: Sat, 02 Sep 2023 21:46:59 GMT
last-modified: Mon, 11 Apr 2022 18:42:20 GMT
server: ECAcc (ska/F72C)
x-cache: HIT
x-goog-generation: 1649702540391015
x-goog-hash: crc32c=91vyJw==, md5=oBJbG3j2UUt7k4t1+XmKVg==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 920865
x-guploader-uploadid: ADPycdsCJzf_AFcf-tQi0c20fg3fU8zW_-1ShChOtDpQ574sq__0i6BjJK4jCidFYyt-MDK4u5m0swbhRpWN6bbP2jiiX7TeSUXk
content-length: 920865
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   920865
Md5:    a0125b1b78f6514b7b938b75f9798a56
Sha1:   f441aa5eb831ae63b7070849c796c9c319725629
Sha256: 277c7a6fbb661a151cc0f4d93e68d21c25ab0d7a57321ecd3c6c50ab48391204
                                        
                                            POST /scribe HTTP/1.1 
Host: stats.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 710
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.107.158.93
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-methods: POST,OPTIONS
date: Wed, 07 Sep 2022 21:46:59 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   16
Md5:    a1cbd35d4488ac8cc6f959d4c633dc37
Sha1:   11844023759429ec785ae1c18e6a9c69803ee2bd
Sha256: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
                                        
                                            GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4252&ck=1&ref=https://renewyourknees.com/vsl1651652599068bb&ap=364&be=1505&fe=3543&dc=2242&perf=%7B%22timing%22:%7B%22of%22:1662587207787,%22n%22:0,%22f%22:969,%22dn%22:969,%22dne%22:969,%22c%22:969,%22s%22:969,%22ce%22:969,%22rq%22:972,%22rp%22:1477,%22rpe%22:1480,%22dl%22:1485,%22di%22:2232,%22ds%22:2241,%22de%22:2388,%22dc%22:3542,%22l%22:3542,%22le%22:3660%7D,%22navigation%22:%7B%7D%7D&fcp=1904&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 07 Sep 2022 21:46:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7472a3ea0ce8b518-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=b8e852e11eeefbcf; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            POST /impression HTTP/1.1 
Host: licensing.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 114
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.227.229.24
HTTP/2 204 No Content
content-type: application/json
                                        
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
date: Wed, 07 Sep 2022 21:46:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/webm/video/1920x1080_vp9_1500000/s_3.webm HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.229.220.49
HTTP/2 200 OK
content-type: video/mp4
                                        
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 12883612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
date: Wed, 07 Sep 2022 21:46:59 GMT
etag: "ce3b66c2eb1b600e34da04480f60560f"
expires: Sat, 02 Sep 2023 21:46:59 GMT
last-modified: Mon, 11 Apr 2022 18:42:11 GMT
server: ECAcc (ska/F73A)
x-cache: HIT
x-goog-generation: 1649702531675306
x-goog-hash: crc32c=ooW/eQ==, md5=zjtmwusbYA402gRID2BWDw==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 797287
x-guploader-uploadid: ADPycduN0eJWQN-qXsRBRSxVNMmSs5BHLXXUlwRqgdKkLI8H0KzmWQRSgH6mWsRS1i3ati5VvT22kv1tNw_3baayuDc6eI0fhSbe
content-length: 797287
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   797287
Md5:    ce3b66c2eb1b600e34da04480f60560f
Sha1:   f9300e0495cd61d3eb14e86b4b5717c9702d7343
Sha256: ccc417ec371744a8a4259985f5c19b72dd7a3369942388302e97d6ddb34c98c5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-66238646-1&cid=1552927422.1662587211&jid=353202888&_u=IEBAAEAAAAAAAC~&z=611004493 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 21:46:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-66238646-1&cid=1552927422.1662587211&jid=353202888&_u=IEBAAEAAAAAAAC~&z=611004493 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 21:46:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/webm/video/1920x1080_vp9_1500000/s_4.webm HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.229.220.49
HTTP/2 200 OK
content-type: video/mp4
                                        
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 12883610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
date: Wed, 07 Sep 2022 21:46:59 GMT
etag: "853b8f0fcb4f8a593ec9bcef1bb429b1"
expires: Sat, 02 Sep 2023 21:46:59 GMT
last-modified: Mon, 11 Apr 2022 18:42:13 GMT
server: ECAcc (ska/F7B3)
x-cache: HIT
x-goog-generation: 1649702533292723
x-goog-hash: crc32c=sIBuDA==, md5=hTuPD8tPilk+ybzvG7QpsQ==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 841658
x-guploader-uploadid: ADPycduHQvsWpXRSWaEUphA1camjPcaluHgPGNcT6nwfjPO0ShUp6PvO7sa__KPbFBx29AjzuhGY-lqEGCu8GFOiTKYVKIM4m9YG
content-length: 841658
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   841658
Md5:    853b8f0fcb4f8a593ec9bcef1bb429b1
Sha1:   b6e58bf697bca3a53970bd019b7f836837855649
Sha256: 30ec524b31c42aaddc5eb8842f2a90d058c2a537ac8e8c2c1c34a79750d6eced
                                        
                                            POST /scribe HTTP/1.1 
Host: stats.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 254
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.107.158.93
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-methods: POST,OPTIONS
date: Wed, 07 Sep 2022 21:46:59 GMT
content-length: 16
x-envoy-upstream-service-time: 4
server: istio-envoy
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   16
Md5:    a1cbd35d4488ac8cc6f959d4c633dc37
Sha1:   11844023759429ec785ae1c18e6a9c69803ee2bd
Sha256: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/webm/video/1920x1080_vp9_1500000/s_5.webm HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.229.220.49
HTTP/2 200 OK
content-type: video/mp4
                                        
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 12883594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
date: Wed, 07 Sep 2022 21:46:59 GMT
etag: "9a3077170fbe1100e9a58a7b24267ed3"
expires: Sat, 02 Sep 2023 21:46:59 GMT
last-modified: Mon, 11 Apr 2022 18:42:19 GMT
server: ECAcc (ska/F748)
x-cache: HIT
x-goog-generation: 1649702539522049
x-goog-hash: crc32c=bk3SdQ==, md5=mjB3Fw++EQDppYp7JCZ+0w==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1040550
x-guploader-uploadid: ADPycduD4uIpwV5cojaT9yXIDZJ5AiB7RBM4VGuqsUKr5YW6h5KXQDVxYMZYDBCBCaMpPS-gOyKgdGM2D7RewXZHylMA3KqDflHt
content-length: 1040550
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1040550
Md5:    9a3077170fbe1100e9a58a7b24267ed3
Sha1:   3c89c5cc5c45af6101c95526d00c492fd974f53e
Sha256: 06f98769449fb648bd5699c52e9e82ac459af8937117244a29cb5b163463421b
                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1855
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.0
date: Wed, 07 Sep 2022 21:46:59 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1821
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.0
date: Wed, 07 Sep 2022 21:46:59 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1813
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.0
date: Wed, 07 Sep 2022 21:46:59 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6578
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 21:47:00 GMT
Last-Modified: Wed, 07 Sep 2022 19:57:22 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314

                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/webm/video/1920x1080_vp9_1500000/s_6.webm HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.229.220.49
HTTP/2 200 OK
content-type: video/mp4
                                        
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 12883670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
date: Wed, 07 Sep 2022 21:47:00 GMT
etag: "aa047307d417ab96b6653c2990406b76"
expires: Sat, 02 Sep 2023 21:47:00 GMT
last-modified: Mon, 11 Apr 2022 18:42:17 GMT
server: ECAcc (ska/F6CC)
x-cache: HIT
x-goog-generation: 1649702537528201
x-goog-hash: crc32c=EuHrSQ==, md5=qgRzB9QXq5a2ZTwpkEBrdg==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 808577
x-guploader-uploadid: ADPycdsA_OIFyWicxJ4p3qNpTx9Xf8AVRfraDc725uCiKKPoU_bHxxxlFmAKBR5r4snsKEOkOkoU4buFGIqUmY5lc2qiMOaE39xO
content-length: 808577
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   808577
Md5:    aa047307d417ab96b6653c2990406b76
Sha1:   81110f77c75d6e6d65d73298860c3dbeb93ab441
Sha256: c81d64f4a092fe758ee43a3c65b5bf10ae157d3ad8434303a8a24a1c5a938a02
                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/webm/video/1920x1080_vp9_1500000/s_7.webm HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.229.220.49
HTTP/2 200 OK
content-type: video/mp4
                                        
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 12883667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
date: Wed, 07 Sep 2022 21:47:00 GMT
etag: "ca82f1ac80a9cb5602b2816f2c078970"
expires: Sat, 02 Sep 2023 21:47:00 GMT
last-modified: Mon, 11 Apr 2022 18:42:20 GMT
server: ECAcc (ska/F6F4)
x-cache: HIT
x-goog-generation: 1649702540110081
x-goog-hash: crc32c=bTsZBA==, md5=yoLxrICpy1YCsoFvLAeJcA==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 742774
x-guploader-uploadid: ADPycdsPEz5E9pS-00lLIjASOmeq27WCHM5MvXeSC31JXo6_CvNmqwTNPyTNLvIPcAiX3b7pMjmJOkBj3fPQYM5sSbfLhxGUHtPQ
content-length: 742774
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   742774
Md5:    ca82f1ac80a9cb5602b2816f2c078970
Sha1:   97d5ba1a4ca3ad10bd7fd96e83ead4d07990ef9f
Sha256: f4fa37a81b5bced39934ec0805b2c24085cc5d5b038c7edf0008dd8cb0c385b0
                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/webm/video/1920x1080_vp9_1500000/s_8.webm HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.229.220.49
HTTP/2 200 OK
content-type: video/mp4
                                        
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 12883664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
date: Wed, 07 Sep 2022 21:47:00 GMT
etag: "2ac7223fedb83d00be00e0db7667f113"
expires: Sat, 02 Sep 2023 21:47:00 GMT
last-modified: Mon, 11 Apr 2022 18:42:11 GMT
server: ECAcc (ska/F776)
x-cache: HIT
x-goog-generation: 1649702531436057
x-goog-hash: crc32c=ur4m/g==, md5=KsciP+24PQC+AODbdmfxEw==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 905145
x-guploader-uploadid: ADPycdsKDgYkCfpNg56TngcWlTi5gSkRi_Ou8NLdl5JCmnws0BBPyUiOnFboQANk6MdMfgujcmxHXw-AFK_bjOsDcIvcY0_TSRXs
content-length: 905145
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   905145
Md5:    2ac7223fedb83d00be00e0db7667f113
Sha1:   9e485558f361301de4013b5bf719eb1639f251f9
Sha256: a2828a33d413aa543a29af21c44682a8b5973c79d9a4e8219d399593a3a3c638
                                        
                                            POST /s/gts1d4/5KUqoLZYviA HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:47:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sync?type=host&dsp=69&dspuuid=k-I7CTnhfDIpFkAnOXgrezU_mRbOl_bv6YNtTQCQ HTTP/1.1 
Host: ad.sxp.smartclip.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.186.194.101
HTTP/2 302 Found
                                        
server: openresty/1.19.9.1
date: Wed, 07 Sep 2022 21:47:00 GMT
content-length: 0
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-I7CTnhfDIpFkAnOXgrezU_mRbOl_bv6YNtTQCQ&ang_testid=1
set-cookie: uuid=32034435-5411-1963-5db9-fbe396650fde; Domain=sxp.smartclip.net; Path=/; Expires=Fri, 07 Oct 2022 21:47:00 GMT; Max-Age=2592000; SameSite=None; Secure;
access-control-allow-credentials: true
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 21:47:00 GMT
Last-Modified: Wed, 07 Sep 2022 20:39:17 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iREXToLbl3T6PNHadNN2gUdNp2O2a8nLaydYuHKnICXdKUn42-0FzA==
Age: 4063

                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/webm/video/1920x1080_vp9_1500000/s_9.webm HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.229.220.49
HTTP/2 200 OK
content-type: video/mp4
                                        
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 12883662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
date: Wed, 07 Sep 2022 21:47:00 GMT
etag: "aeb31e1cbc7a14627280774f173ec48d"
expires: Sat, 02 Sep 2023 21:47:00 GMT
last-modified: Mon, 11 Apr 2022 18:42:14 GMT
server: ECAcc (ska/F762)
x-cache: HIT
x-goog-generation: 1649702534580047
x-goog-hash: crc32c=fTX7Lw==, md5=rrMeHLx6FGJygHdPFz7EjQ==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 645803
x-guploader-uploadid: ADPycdupIeIOC-wy1MRNT5QYubO-gY39wKzozdqXoiy2uBC4tOo3xsNWB-x2-JP6I3fExvgFp3j8D5B6LRE8J1CRWxOX5wjqZKsD
content-length: 645803
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   645803
Md5:    aeb31e1cbc7a14627280774f173ec48d
Sha1:   ec0ae18897bc6b58b72e0bf1f0f3400d17470f5b
Sha256: 9d4b0eef58290fc24017861d6f9c70756c5842a4ab2cfdee3ad4ba7032c1ede2
                                        
                                            GET /sync?type=host&dsp=69&dspuuid=k-I7CTnhfDIpFkAnOXgrezU_mRbOl_bv6YNtTQCQ&ang_testid=1 HTTP/1.1 
Host: ad.sxp.smartclip.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: uuid=32034435-5411-1963-5db9-fbe396650fde
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.186.194.101
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty/1.19.9.1
date: Wed, 07 Sep 2022 21:47:00 GMT
content-length: 42
set-cookie: dspuuid=69.k-I7CTnhfDIpFkAnOXgrezU_mRbOl_bv6YNtTQCQ; Domain=sxp.smartclip.net; Path=/; Expires=Fri, 07 Oct 2022 21:47:00 GMT; Max-Age=2592000; SameSite=None; Secure; psyn=19242.69; Domain=sxp.smartclip.net; Path=/; Expires=Fri, 07 Oct 2022 21:47:00 GMT; Max-Age=2592000; SameSite=None; Secure; uuid=32034435-5411-1963-5db9-fbe396650fde; Domain=sxp.smartclip.net; Path=/; Expires=Fri, 07 Oct 2022 21:47:00 GMT; Max-Age=2592000; SameSite=None; Secure;
access-control-allow-credentials: true
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /s/gts1d4/5KUqoLZYviA HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 21:47:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.2.146
HTTP/2 302 Found
                                        
date: Wed, 07 Sep 2022 21:46:59 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 314816
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            GET /cksync.php?cs=3&type=crt&ovsid=k-Jz8-DRfDIpFkAnOXgrezU_mRbOn7z6cDjnbyWA HTTP/1.1 
Host: contextual.media.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.22
HTTP/2 200 OK
content-type: image/gif
                                        
server: Apache
content-length: 45
set-cookie: visitor-id=3055888203580288000V10; Expires=Thu, 07 Sep 2023 21:47:00 GMT; domain=.media.net; Path=/; data-c-ts=1662587220;Expires=Fri, 07 Oct 2022 21:47:00 GMT;path=/;domain=.media.net; data-c=k-Jz8-DRfDIpFkAnOXgrezU_mRbOn7z6cDjnbyWA~~3;Expires=Fri, 07 Oct 2022 21:47:00 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Wed, 07 Sep 2022 21:47:00 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 07 Sep 2022 21:47:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 87a, 1 x 1\012- data
Size:   45
Md5:    99cceceaed4d575484b69ddaf9ed66a7
Sha1:   1e3a3b15296b585833a22d987a387aa58aa1642d
Sha256: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4984
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 21:47:00 GMT
Last-Modified: Wed, 07 Sep 2022 20:23:56 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /video/Gzq_USs6/Uw1YNG0oadpgEfiu/62568/53424/webm/video/1920x1080_vp9_1500000/s_10.webm HTTP/1.1 
Host: quick.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://renewyourknees.com
Connection: keep-alive
Referer: https://renewyourknees.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         192.229.220.49
HTTP/2 200 OK
content-type: video/mp4
                                        
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 12883660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
date: Wed, 07 Sep 2022 21:47:00 GMT
etag: "628e3a3d96c6ba8918438f6f3ecb5f96"
expires: Sat, 02 Sep 2023 21:47:00 GMT
last-modified: Mon, 11 Apr 2022 18:42:22 GMT
server: ECAcc (ska/F78B)
x-cache: HIT
x-goog-generation: 1649702542378552
x-goog-hash: crc32c=BEOoyA==, md5=Yo46PZbGuokYQ49vPstflg==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 841654
x-guploader-uploadid: ADPycdvScgcuTFZv21oqP5E3W8rR_Va_n_xcRYJFmbVHbElNKqIUmgA_xTZVky9XRnXX3emNZY_zE3AstFeY9relyYnMUN3KzJYt
content-length: 841654
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   841654
Md5:    628e3a3d96c6ba8918438f6f3ecb5f96
Sha1:   e8f318efd7e297506d91803d31333f73b85fc63a
Sha256: b89a2b6ef985458c8a063b879b8922f75bd243b5f8c4a00f49f3f36ae7fa9eca
                                        
                                            GET /rum?cm_dsp_id=20&external_user_id=k-X2Xk_hfDIpFkAnOXgrezU_mRbOlioRZ6ph7sRQ HTTP/1.1 
Host: r.casalemedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.19.126
HTTP/2 302 Found
                                        
date: Wed, 07 Sep 2022 21:47:00 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-X2Xk_hfDIpFkAnOXgrezU_mRbOlioRZ6ph7sRQ&C=1
cf-ray: 7472a3f068df1bfe-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YxkRVB9nyqnD6MViMj9BUQAA; Path=/; Domain=casalemedia.com; Expires=Thu, 07 Sep 2023 21:47:00 GMT; Max-Age=31536000; Secure; SameSite=None CMPS=4435; Path=/; Domain=casalemedia.com; Expires=Tue, 06 Dec 2022 21:47:00 GMT; Max-Age=7776000; Secure; SameSite=None CMPRO=4435; Path=/; Domain=casalemedia.com; Expires=Tue, 06 Dec 2022 21:47:00 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRqaYacHtjGthvky8oe6t%2BQjbzOe4ZyXD0B0UL%2BGZLz0rxn1TbarQCbE%2BQtPnNORDUfG5OzdQ%2F2kMCD4m8BoEgI3%2B5%2FxU0LZ40fsLsVPcv51exOwRxvWukXeIkg3CkJYrf8%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2