Report - bzdyuso.health-carereform.com/rd/u20400IAQIW116818tQOy590Ebp1127ajJN1244

Report Overview

Submitted URL
bzdyuso.health-carereform.com/rd/u20400IAQIW116818tQOy590Ebp1127ajJN1244
IP
162.253.215.194
ASN
#398646 SECURENET
Submitted
2023-01-14 20:56:48
Access
Website Title
Final URL
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
3
Network Intrusion Detection
4
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	3.7 kB	172.217.21.162
www.clickfunnels.com	51002	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	2.1 kB	172.64.148.75
c.bing.com	247	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	795 B	13.107.21.200
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	799 B	1.7 kB	172.64.133.15
www.clarity.ms	1404	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.7 kB	13.107.238.53
gum.criteo.com	381	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	988 B	178.250.0.157
t.paypal.com	3487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	984 B	1.0 kB	192.229.221.25
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	31 kB	69.16.175.42
dnacdn.net	3760	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	887 B	1.3 kB	178.250.0.157
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.39.122.167
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	7.7 kB	142.250.74.131
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	563 B	74.125.131.155
bam.nr-data.net	630	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	904 B	509 B	162.247.241.14
gem.gbc.criteo.com	6039	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	493 B	178.250.6.159
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.5 kB	93.184.220.29
classic.clickfunnels.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	600 B	1.5 kB	104.16.13.194
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	457 B	7.8 kB	104.16.56.101
bat.bing.com	387	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	3.7 kB	13.107.21.200
rp.liadm.com	2705	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	1.8 kB	3.222.5.8
b.clarity.ms	3462	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	912 B	570 B	20.75.32.255
c.clarity.ms	803	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	555 B	20.234.93.27
assets.clickfunnels.com	64830	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	597 B	62 kB	104.16.13.194
getneuropure.com	461661	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	83 kB	104.16.12.194
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	127 kB	142.250.74.168
cdn.bttrack.com	6727	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	292 B	69.16.175.42
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	1.5 kB	142.250.74.132
js-agent.newrelic.com	378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	15 kB	151.101.194.137
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
www.paypal.com	2583	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	885 B	9.5 kB	192.229.221.25
region1.analytics.google.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	727 B	563 B	216.239.32.36
app.clickfunnels.com	34727	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.6 kB	16 kB	104.16.13.194
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ag.gbc.criteo.com	5925	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	617 B	178.250.6.162
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	688 B	746 B	142.250.74.106
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	1.8 kB	104.17.24.14
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	58 kB	34.120.237.76
www.paypalobjects.com	1467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	17 kB	151.101.130.133
b-code.liadm.com	3597	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	28 kB	143.204.55.112
dynamic.criteo.com	4826	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	15 kB	178.250.0.147
amplify.outbrain.com	2255	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	5.9 kB	2.18.173.74
bzdyuso.health-carereform.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	899 B	572 B	162.253.215.194
tr.outbrain.com	2017	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	415 B	70.42.32.255
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	2.2 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-14 20:56:37	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.health-carereform .com
2023-01-14 20:56:37	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.health-carereform .com
2023-01-14 20:56:37	medium	Client IP	162.253.215.194	ET INFO DYNAMIC_DNS HTTP Request to a *.health-carereform .com Domain
2023-01-14 20:56:38	medium	Client IP	162.253.215.194	ET INFO DYNAMIC_DNS HTTP Request to a *.health-carereform .com Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (59)

	URL	Size	First Seen	Last Seen
	dynamic.criteo.com/js/ld/ld.js?a=%2093796	43 kB	2023-03-12	2023-03-13
Pretty URL dynamic.criteo.com/js/ld/ld.js?a=%2093796 IP 178.250.0.147 ASN #44788 Criteo SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:30:41 Last Seen2023-03-13 02:11:59 Times Seen1 Hash 50c1b2c69d20c13a4fc2b19a79ab11fb 2f3fe066d0bf2b23f98f7f86c307e821c9f19266 b5a1e6bbf861bdd330cab99353c522994216c7dd3a726461d69f5f53a61e8f5d Loading...

	amplify.outbrain.com/cp/obtp.js	17 kB	2023-03-12	2023-03-13
Pretty URL amplify.outbrain.com/cp/obtp.js IP 2.18.173.74 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:25:04 Last Seen2023-03-13 03:02:27 Times Seen1 Hash 2b39cf4b5b36810a615ee712f89afb45 8bf9ea241c3d5747f7820866f7292e719255840c f272bf29bb69bb40e7fdf2ca3b04f40826aba99879d618dc2c07568e4d92646b Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/10890968454/?random=1673729799175&cv=11&fst=1673729799175&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&auid=1851481178.1673729799&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/10890968454/?random=1673729799175&cv=11&fst=1673729799175&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&auid=1851481178.1673729799&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 172.217.21.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:30:41 Last Seen2023-03-12 23:30:41 Times Seen1 Hash e3511c6e90f584d0d4a7199ebfc27324 d1566bb4531c43ad28ac8e20a9ca5cf006f85e77 2c96369cc5f29dbc886d7c4b69083ed87402af76350ff534ccbd8054a3756f65 Loading...

	bat.bing.com/bat.js	39 kB	2023-03-08	2024-01-01
Pretty URL bat.bing.com/bat.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:52:15 Last Seen2024-01-01 05:01:16 Times Seen16 Hash 258ac0be54e333a28d69bfd394fcde90 daecd0687e8b00f5d67a7732ccbe9174326821d9 f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244 Loading...

	getneuropure.com/opt-out-np-1	341 B	2023-03-11	2023-03-13
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:46:11 Last Seen2023-03-13 02:11:59 Times Seen1 Hash b77eefc779220b5231760c0d625468aa ce40d05f5268dd8b71aeb2fcf0ea1a8de48e3dcc 3dd5ee3ba9b0b86f9c110a6b8ebb19533e4ac9802e1039df53f3a925a3b482a2 Loading...

	getneuropure.com/opt-out-np-1	155 B	2023-03-11	2023-03-13
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:46:11 Last Seen2023-03-13 02:11:59 Times Seen1 Hash e1a0177bf2368bca97cb97456e880895 8dfdacdd05c1b9edc732db8964e08958d7ea4d3f 9025a06fa9022e913076c27e1d1463707e1a85ea647baa45f3b644a209de80a0 Loading...

	www.paypal.com/tagmanager/pptm.js?id=5df07869-3aca-48d2-a2ee-8f56d12d068c	14 kB	2023-03-12	2023-03-12
Pretty URL www.paypal.com/tagmanager/pptm.js?id=5df07869-3aca-48d2-a2ee-8f56d12d068c IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:30:41 Last Seen2023-03-12 23:30:41 Times Seen1 Hash 1c0688a3d4733d6d03d96ac6188324f9 15d50abb3d363addef7033fa60f7cfa2fdd11cb3 0bd5b58930ab63d5286e18813df7a96c792e1c37a838faec32cc0e04e23cfc89 Loading...

	getneuropure.com/vendor.js	18 kB	2023-03-07	2024-04-21
Pretty URL getneuropure.com/vendor.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:03 Times Seen1311 Hash bf2a8a168c0be1544c34f363c276586e 581e49c9b7bdd06dab54c00931f4256b223e620e 7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d Loading...

	js-agent.newrelic.com/775.2d6a2503-1220.js	1.2 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/775.2d6a2503-1220.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash 1dfdb74c0491489bf04c6deadb56add2 09c28f9e93c01cb3870d7a8083658c594d5ee42b 321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3 Loading...

	cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/js.cookie.min.js	1.7 kB	2023-03-07	2024-04-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/js.cookie.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:54:44 Last Seen2024-04-19 16:01:29 Times Seen553 Hash 77171e2314cd3ff8454b4dacd8ac5965 97f9e549e3ceac5b9fc75af34343dcd48a17c61d f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682 Loading...

	getneuropure.com/opt-out-np-1	1.0 kB	2023-03-07	2024-04-21
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1074 Hash 7e04d8a0aac6ab1ec08163bd215a5711 f425cd8bab39529985cf2a9cf866a877b4fca17a 4e3d5220213c311337410362a4654f5ea226e71707a85229385cec6d871cc05a Loading...

	www.clarity.ms/eus2/s/0.7.1/clarity.js	57 kB	2023-03-09	2023-11-05
Pretty URL www.clarity.ms/eus2/s/0.7.1/clarity.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:22:27 Last Seen2023-11-05 22:32:51 Times Seen3 Hash b9b253f431c87fd6d386778bb4f53db8 7e1615b8e242a06e0631ed4e0662cc3fb6487fc6 da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf Loading...

	js-agent.newrelic.com/290.2d6a2503-1220.js	8.6 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/290.2d6a2503-1220.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash 13898fbb4d7a1f83fc6722c4c12faf40 4be4e86a3b56733c67c789223989450b6d0ef351 e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b Loading...

	getneuropure.com/assets/lander.js	2.3 MB	2023-03-08	2023-03-13
Pretty URL getneuropure.com/assets/lander.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:43 Last Seen2023-03-13 14:38:11 Times Seen1 Hash 782dfbe397d6236d5a908001175772fe 9765f2d4c7e22c3a99721bf9ee79de8bf785c16a 67db2759b5232a9d482f04cc7bb4d4014c65b01dcd565e069d9adc911ef58bbb Loading...

	static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993	17 kB	2023-03-08	2024-02-28
Pretty URL static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP 104.16.56.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:00 Last Seen2024-02-28 12:44:37 Times Seen1362 Hash 33100f2355611b2375f05486299abf05 0b2d1b75f6695e67b884bee2eb72165d6e881a26 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Loading...

	bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3617&ck=0&s=8cc3cc6592737187&ref=https://getneuropure.com/opt-out-np-1&ap=320&be=1138&fe=2210&dc=1091&perf=%7B%22timing%22:%7B%22of%22:1673729797688,%22n%22:0,%22f%22:895,%22dn%22:895,%22dne%22:895,%22c%22:895,%22s%22:895,%22ce%22:895,%22rq%22:897,%22rp%22:1108,%22rpe%22:1110,%22dl%22:1118,%22di%22:2207,%22ds%22:2227,%22de%22:2325,%22dc%22:3348,%22l%22:3348,%22le%22:3465%7D,%22navigation%22:%7B%22ty%22:255%7D%7D&fcp=1712&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3617&ck=0&s=8cc3cc6592737187&ref=https://getneuropure.com/opt-out-np-1&ap=320&be=1138&fe=2210&dc=1091&perf=%7B%22timing%22:%7B%22of%22:1673729797688,%22n%22:0,%22f%22:895,%22dn%22:895,%22dne%22:895,%22c%22:895,%22s%22:895,%22ce%22:895,%22rq%22:897,%22rp%22:1108,%22rpe%22:1110,%22dl%22:1118,%22di%22:2207,%22ds%22:2227,%22de%22:2325,%22dc%22:3348,%22l%22:3348,%22le%22:3465%7D,%22navigation%22:%7B%22ty%22:255%7D%7D&fcp=1712&jsonp=NREUM.setToken IP 162.247.241.14 ASN #23467 NEWRELIC-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	bat.bing.com/p/action/134632104.js	3.6 kB	2023-03-12	2023-03-13
Pretty URL bat.bing.com/p/action/134632104.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:30:41 Last Seen2023-03-13 02:11:59 Times Seen1 Hash eada3fb258f030c1e8faa1bc35960570 27cddefd0158f861779ad50d4be0327a3e80fb9f a6543f354b3b4abd1d0c0ec5c8c2c2e4ea9d5135a8e75aa4a54b5157a3cd45cb Loading...

	js-agent.newrelic.com/552.2d6a2503-1220.js	22 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/552.2d6a2503-1220.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen6 Hash 777ac0df4dba632ad1b2955c88dd51ac bd51770555ea92df71f7d5d102dbf8cdc583abf6 2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc Loading...

	code.jquery.com/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-24
Pretty URL code.jquery.com/jquery-3.3.1.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-24 07:44:25 Times Seen105805 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	getneuropure.com/opt-out-np-1	1.6 kB	2023-03-11	2024-01-10
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:46:11 Last Seen2024-01-10 03:49:28 Times Seen118 Hash 2d81c85ae0caf2e4d8eadb4f67f255b0 5e9127a5de563ca04429f7576f2d5527ea9e7f60 bf1471df764608e4373c555134e16744c5a42e32934bd973fa1afa63bb9e02b1 Loading...

	getneuropure.com/opt-out-np-1	1.6 kB	2023-03-07	2024-04-21
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1073 Hash 9695240da93eaffb74ee6d46ae6ea5da f545f6cec4b5da6fb0a50a17ee0bc878030c5047 88533b116813899d4cf0751961b7568763677a97033cfb35180d523e2cf2cfd1 Loading...

	b-code.liadm.com/a-07go.min.js	31 kB	2023-03-12	2023-03-12
Pretty URL b-code.liadm.com/a-07go.min.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:30:41 Last Seen2023-03-12 23:34:17 Times Seen1 Hash d4669b68e0a8455650fe352117f186a6 9da4a775c9a1e0c01a2541969722829be15c63d0 7a428446cb45b65def46167abbc1a6abcfe1cc0cb5721ad6d954c7a0e0919a5d Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5SX3QL4	158 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5SX3QL4 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:30:41 Last Seen2023-03-12 23:30:41 Times Seen1 Hash 5cbfab68707a788b3bfeffe9b8b71b4a 6f7bfeb058874d95a167b7e4c97f86267750866a 34c79b3dd666d70f16ed3cfb2a33af5bfb0691bbf6a98ac1baef867a3391c2e6 Loading...

	getneuropure.com/opt-out-np-1	33 kB	2023-03-08	2023-05-25
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:24 Last Seen2023-05-25 13:21:02 Times Seen2 Hash 7a6e48fa2f28217e152210f063f54cda a61d9802c8e5073333147413c1d5feb9af847295 a70270c5b1c4584b9d67505008b63a575976418d22bf6bb85c8525d879511cfa Loading...

	www.paypalobjects.com/muse/analytics/index.html#frameId=88a58fe6-b6c6-4d19-ac2c-27a916946c7a&propertyId=8QDXYAD82LT2Y-1&flow=visitor-info&variant=analytics&mrid=8QDXYAD82LT2Y&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info	56 kB	2023-03-07	2023-04-05
Pretty URL www.paypalobjects.com/muse/analytics/index.html#frameId=88a58fe6-b6c6-4d19-ac2c-27a916946c7a&propertyId=8QDXYAD82LT2Y-1&flow=visitor-info&variant=analytics&mrid=8QDXYAD82LT2Y&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:11 Last Seen2023-04-05 02:03:48 Times Seen72 Hash 3c29376a5e6e42c2a04a42f5fa0c43b7 3054d744752ccd677d4ffe6958859bfadd1b3454 937c6942350fbbabece20ae53e721191611773f69ed63347b08b6e34fd909534 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/10890968454/?random=1673729800530&cv=11&fst=1673729800530&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&auid=1851481178.1673729799&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/10890968454/?random=1673729800530&cv=11&fst=1673729800530&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&auid=1851481178.1673729799&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 172.217.21.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:30:41 Last Seen2023-03-12 23:30:41 Times Seen1 Hash e2c4da0d74105d3714ee597f6dbbc96b 092e2edf118dad0ec54426c195398e63845eac33 8bae604e292e16dd83e3bceb42bb315d426f35500b6dd28068c4c79364486e17 Loading...

	getneuropure.com/assets/userevents/application.js	5.2 kB	2023-03-08	2024-04-21
Pretty URL getneuropure.com/assets/userevents/application.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:42 Last Seen2024-04-21 22:38:03 Times Seen1323 Hash 4849819314b7c1be4146a39b52c5c502 3e09f90cb42c04ff19f66dbbd83e3dbb544b50bf a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b Loading...

	www.googletagmanager.com/gtag/js?id=G-551J33Q7R1&l=dataLayer&cx=c	224 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=G-551J33Q7R1&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:30:41 Last Seen2023-03-12 23:30:41 Times Seen1 Hash 1af510130337c1fc0520c1b5e036b277 2d454e72adb70a1906ab086c700f1fd6c64e066e 18d267b07282ea65357607c67dd02807ece3612c928dea37e79e42b34160fa58 Loading...

	getneuropure.com/opt-out-np-1	395 B	2023-03-07	2024-04-21
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1084 Hash b2c93212afb38693d023d97f822acd42 a971c75819436a7c7d9c3b388b8be10f1286fdcb dbde09f9e5cc2ecdeffe30752eac8756ca637e0c524bdbd5b1c7e5704aae004f Loading...

	getneuropure.com/opt-out-np-1	271 B	2023-03-07	2024-04-21
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1080 Hash c0d8faa83b4d63e92f56614251d001d4 4377d94b43b83ca010c78aa4c482d86ca19a9593 1d35b00811c224b9c83537f23634d9e7b07f75841c3d99e6ded3c759571f45a7 Loading...

	getneuropure.com/opt-out-np-1	575 B	2023-03-11	2024-01-20
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:46:11 Last Seen2024-01-20 14:49:37 Times Seen18 Hash 08ff60fbd11c9e87397cb2f986160ac3 896a45d636e69adf0ef6590f787a0f53039291ad bacc2eb6a3d8c8578e625917603be936dd00b0af70894866f2a525e876425178 Loading...

	getneuropure.com/opt-out-np-1	425 B	2023-03-11	2024-01-20
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:46:11 Last Seen2024-01-20 14:49:38 Times Seen17 Hash 68d1fbb38adf695a7f938751eb1d9d71 7e1af4acf2ccb5c8fd70ad791bb0d4d779afdf84 6385f1e64a9bcbf2a03ea0436e6122c4dacef0555560786865f7eec4abcf1173 Loading...

	getneuropure.com/opt-out-np-1	368 B	2023-03-11	2023-09-17
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:46:11 Last Seen2023-09-17 19:59:14 Times Seen11 Hash 843c40de5c607d6afe51dd1ecd36af28 cf73d5e68542654bbf52d28f4eaf11390f2d6c20 a3cb7f20b538f05726dd5a123c59391d0d3030346217c7ae094a63ac17f3025e Loading...

	getneuropure.com/assets/pushcrew.js	637 B	2023-03-07	2024-04-21
Pretty URL getneuropure.com/assets/pushcrew.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1406 Hash 0a67c27615e7d2202f261dcc0a82d744 0fa0a8ca56efded583bd4201821015a63c623d44 f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422 Loading...

	app.clickfunnels.com/mailcheck.min.js	2.7 kB	2023-03-07	2024-03-13
Pretty URL app.clickfunnels.com/mailcheck.min.js IP 104.16.13.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-13 20:33:05 Times Seen1044 Hash 199756d42d03ff6741642748ea00028d b5c4f6fd1b0e5d1bac97870b3885d08ccb7d2ac1 e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982 Loading...

	cdn.bttrack.com/universal/44843	0 B	2023-03-07	2024-04-24
Pretty URL cdn.bttrack.com/universal/44843 IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 07:44:38 Times Seen37034309 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.clarity.ms/tag/8kie2pvajy?ref=gtm2	1.0 kB	2023-03-12	2023-03-13
Pretty URL www.clarity.ms/tag/8kie2pvajy?ref=gtm2 IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:30:42 Last Seen2023-03-13 02:12:00 Times Seen1 Hash 43a2270e5716685ad302125bc0db6a0f 73a648167406b6a7e2fde87227423a80f2f46cfb 456aaa40ee0a4d75cf81418146dd68df61f6d22523abdf4ea50a89110756f388 Loading...

	www.clarity.ms/tag/uet/134632104	852 B	2023-03-12	2023-03-13
Pretty URL www.clarity.ms/tag/uet/134632104 IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:30:42 Last Seen2023-03-13 02:11:59 Times Seen1 Hash eb3f49c821d25a82bf776235f91a0a6d 245660ce779b38fe0e9cc35d535555cd8313dd78 cec56b63f494dc44cb6d76800bd427cdc8d7dbf40eed07335c9a99d07eb9c388 Loading...

	getneuropure.com/opt-out-np-1	3 B	2023-03-07	2024-04-21
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-04-21 22:38:00 Times Seen1138 Hash f67be96ce768fb5b40aecf0438f97886 d27fecd03a022cc6f670ca42ef1b99d5f5bcc74c 3441b5696d6abf2bd959d18bcb31dde8239a6ad8185bfa659af60bc764c238a8 Loading...

	getneuropure.com/opt-out-np-1	589 B	2023-03-11	2023-03-12
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:46:11 Last Seen2023-03-12 23:34:18 Times Seen1 Hash ad21fddf59b01a31923e94e73fd0644b 03f0098f4ad8fd3055aa6796a88206c3a264ba0a 646d34b919784ea13239a59c1ff4d27771a8df536849ccdb9e2891a27c0c4726 Loading...

	www.paypalobjects.com/muse/muse.js	56 kB	2023-03-07	2023-08-16
Pretty URL www.paypalobjects.com/muse/muse.js IP 151.101.130.133 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:11 Last Seen2023-08-16 09:35:07 Times Seen1745 Hash c57b001cc29f9dc12eed8bb15c327839 f3eff6ad21ec9d5c51b21754e04f5cb02cc0f5cb 64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566 Loading...

	js-agent.newrelic.com/768.2d6a2503-1220.js	5.6 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/768.2d6a2503-1220.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash d6cc8b42eda6fd7734014b03b87b5787 c0e66d0f7274bbb6404012b6b57ff74333818a13 2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5 Loading...

	getneuropure.com/opt-out-np-1	132 B	2023-03-11	2024-01-20
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:46:11 Last Seen2024-01-20 14:49:38 Times Seen17 Hash cfc42ae62eb64ebb8c4bc663e0acaaea bb928ebb9b1c70412080bec633dbecf8415ebe65 bede497f19b85df8917fa0f662f6f89fee6254cc9f9ce6c50c528aa1cd32a798 Loading...

	gum.criteo.com/syncframe?topUrl=getneuropure.com&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22pm%22:0,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22getneuropure.com%22,%22topUrl%22:%22getneuropure.com%22,%22version%22:%225_12_3%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true%7D	14 kB	2023-03-07	2023-05-06
Pretty URL gum.criteo.com/syncframe?topUrl=getneuropure.com&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22pm%22:0,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22getneuropure.com%22,%22topUrl%22:%22getneuropure.com%22,%22version%22:%225_12_3%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:36 Last Seen2023-05-06 00:14:31 Times Seen2035 Hash 49e65b540d43d40997ce3844d41b2dd0 b7331c5edc086ee2c7731b1b36e937e7c44450a7 f185c1b78d87a007d9492a85c6ce64c06cc851ef9f13ca3caf8aaafe243b0ac2 Loading...

	www.googletagmanager.com/gtag/js?id=AW-10890968454	191 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=AW-10890968454 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:30:42 Last Seen2023-03-12 23:30:42 Times Seen1 Hash b2c6dcd8a84e497a2fafe8e81dac9078 6acb2a3a94f004e2918bf99f561ee1337e3130ae 1e1b5624bf7d0b63e85d69b71be6946fc1b996c59468afe69f716f859eff63f1 Loading...

	gum.criteo.com/syncframe?topUrl=getneuropure.com&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22pm%22:0,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22getneuropure.com%22,%22topUrl%22:%22getneuropure.com%22,%22version%22:%225_12_3%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true%7D	418 B	2023-03-07	2023-04-01
Pretty URL gum.criteo.com/syncframe?topUrl=getneuropure.com&origin=onetag#%7B%22bundle%22:%7B%22origin%22:0,%22value%22:null%7D,%22cw%22:true,%22optout%22:%7B%22origin%22:0,%22value%22:null%7D,%22origin%22:%22onetag%22,%22pm%22:0,%22sid%22:%7B%22origin%22:0,%22value%22:null%7D,%22tld%22:%22getneuropure.com%22,%22topUrl%22:%22getneuropure.com%22,%22version%22:%225_12_3%22,%22ifa%22:%7B%22origin%22:0,%22value%22:null%7D,%22lsw%22:true%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:37 Last Seen2023-04-01 10:34:33 Times Seen447 Hash 755b312976dc0edb23fa08bed999c482 6685710ba04dc63e4122ec3ce89f3adfe479adf4 663197a6a8353d989cdc65d4f3112e425a00839c85a3fde99bbe451a9c604a6f Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/10890968454/?random=1673729801451&cv=11&fst=1673729801451&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&auid=1851481178.1673729799&data=2805096382%3Dhttps%3A%2F%2Fclarity.microsoft.com%2Fga%2F8kie2pvajy%2F1qmbdit%2Fp4w5ep%3Bevent%3DClarity%3BeventCategory%3DClarity%3BeventAction%3Dp4w5ep%3BnonInteraction%3Dtrue&rfmt=3&fmt=4	2.3 kB	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/10890968454/?random=1673729801451&cv=11&fst=1673729801451&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&auid=1851481178.1673729799&data=2805096382%3Dhttps%3A%2F%2Fclarity.microsoft.com%2Fga%2F8kie2pvajy%2F1qmbdit%2Fp4w5ep%3Bevent%3DClarity%3BeventCategory%3DClarity%3BeventAction%3Dp4w5ep%3BnonInteraction%3Dtrue&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:30:42 Last Seen2023-03-12 23:30:42 Times Seen1 Hash cc0fd1f811507ce58eea662b95f874ab 9bfc9f6a7805cdff9d9eb0c058f9c6b3f55d6f68 5c8cbcb4043a7ed9ae644a143084d33e696937d55fe2ddaa92fd6c14e45474c1 Loading...

	getneuropure.com/opt-out-np-1	104 B	2023-03-07	2024-04-21
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1185 Hash 00b5ba65cbf82b44301e01048b806055 3be24afc94edb8de2099ccafa2bfcdbfbef301cd 699e1188e23d8be696d8ca3b45d7eba8c1c97f6ce4e9da4051cce63907ea8442 Loading...

	getneuropure.com/opt-out-np-1	575 B	2023-03-11	2024-01-20
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:46:11 Last Seen2024-01-20 14:49:38 Times Seen17 Hash 965258afd1a7cbc8776d3be80a6b12e3 44694605bc9c93c16af279a4ce4305dada278bad 8ddc1b775ecbda1910b577ebbd95ff0408ae19f74978cd4007e36e4d4c15bbb8 Loading...

	bzdyuso.health-carereform.com/rd/u20400IAQIW116818tQOy590Ebp1127ajJN1244	217 B	2023-03-07	2023-04-05
Pretty URL bzdyuso.health-carereform.com/rd/u20400IAQIW116818tQOy590Ebp1127ajJN1244 IP 162.253.215.194 ASN #398646 SECURENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:55 Last Seen2023-04-05 01:31:42 Times Seen43 Hash dab1c97c86c570601bc960e209f5260c 4a964507fdb0738a3e201708fa7a2f1a37d5169b 777f796cae5e7814b388c3404e71f5c2e08653ede8b4492d7b681316981d4639 Loading...

	getneuropure.com/opt-out-np-1	281 B	2023-03-11	2024-01-20
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:46:11 Last Seen2024-01-20 14:49:38 Times Seen17 Hash 84dd144878cc5ef06b6fe476d5a0d4e5 87a5a1dbb4d9349ff892a55bba062d2c6755f6f3 9835c8b50c158e67568aec634641543237d2fecae5e76261e4c246a7cfa77f57 Loading...

	js-agent.newrelic.com/368.2d6a2503-1220.js	3.5 kB	2023-03-08	2023-04-10
Pretty URL js-agent.newrelic.com/368.2d6a2503-1220.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:22 Last Seen2023-04-10 08:37:00 Times Seen3 Hash 16b4f3676c3859e1378a2ccdebbad675 e08f86ca1dc56c2ed885404d2819f540c7905cae b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56 Loading...

	getneuropure.com/opt-out-np-1	280 B	2023-03-10	2023-05-28
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 17:26:20 Last Seen2023-05-28 00:16:08 Times Seen3 Hash f3025ae87f0d7b699d37054daa5e9906 c3f1d94d6acfe93298988744741233302e31271f 05ff51c227ac9df39e7b327bbae46613764506bc2969d86b259a1922efc03149 Loading...

	getneuropure.com/opt-out-np-1	24 B	2023-03-07	2023-09-17
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:40 Last Seen2023-09-17 19:59:14 Times Seen14 Hash adcac616e8b6752189aa8274445afdac 0bdfea4bb1d88abd9abe81f3c6a7251241f3bea7 82d24ee6078e1b933091f9aac1423c16b9c342bbe3ced8c6f69853ab5a13f315 Loading...

	tr.outbrain.com/cachedClickId?marketerId=undefined	35 B	2023-03-07	2024-02-13
Pretty URL tr.outbrain.com/cachedClickId?marketerId=undefined IP 70.42.32.255 ASN #22075 AS-OUTBRAIN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-02-13 00:48:29 Times Seen1372 Hash 75c843c7b717e7b722777907475c67a3 983d1c9a05b315288039b9d4694ce3b402259240 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580 Loading...

	getneuropure.com/opt-out-np-1	101 B	2023-03-07	2024-04-21
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1073 Hash 58d9451139b4d777d43d7c3e074a944a 58dbf64854e67993dd579ecc78d1a32fea9266ed 85f043b5d0590f154a02cf29f549340485f0e6dd78c70ab8746555092fc9d493 Loading...

	getneuropure.com/opt-out-np-1	1.2 kB	2023-03-07	2024-03-13
Pretty URL getneuropure.com/opt-out-np-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-13 20:33:05 Times Seen718 Hash f53804c0abbd5d0ead0a41ca2dd89599 39d28f2df6171e4847aafb50cff964da0b33aef0 1dfb574d71b367cdf50909a035c1865d63381accb868b60d395d6ad71c426821 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2aa74ac3a264c3e10ae463a262aaf72c	20 kB	2023-03-07	2024-04-21
Pretty Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:01 Times Seen1093 Hash 2aa74ac3a264c3e10ae463a262aaf72c c5ff579cf0cc2ba1d98711b366ec148152abbaf5 9c1ea695852f01d2fc6027d572b126b740a9c4634540fb0d39ea3656377eef77 Loading...

	#2 Eval - 876d5aecc35d243819f080672691e0eb	120 B	2023-03-11	2023-03-12
Pretty Observations First Seen2023-03-11 09:46:11 Last Seen2023-03-12 23:34:18 Times Seen1 Hash 876d5aecc35d243819f080672691e0eb 309499923bfe2c08be46100824a0c3b6ad89106e 0a6b4c12fe0def1eb086221ead2507508d4ccddf9d98598d96cce6fc16699167 Loading...

HTTP Transactions (102)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6883
Expires: Sat, 14 Jan 2023 22:51:20 GMT
Date: Sat, 14 Jan 2023 20:56:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3063227f59d1935298b0620fa7919145
478e1d8bef04b1f95381cac01829c03b6779d420
619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17219
Expires: Sun, 15 Jan 2023 01:43:36 GMT
Date: Sat, 14 Jan 2023 20:56:37 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 20:42:03 GMT
content-type: application/json
age: 874
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7bd85a261739c122eefb74ffddaec99
e2e059b0740592e8591d432249aafe5fcb8af23c
71bdd130b8d143f228542f678e91c98ab4e5844fb9f47b036e15372660be25fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71BDD130B8D143F228542F678E91C98AB4E5844FB9F47B036E15372660BE25FD"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8998
Expires: Sat, 14 Jan 2023 23:26:35 GMT
Date: Sat, 14 Jan 2023 20:56:37 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 5a+xD9I3VfjiBgBY97lEiH2wtmywphjcAPMw7lOQuxiafOcxE7LJWSEMh2ACzMqXu/OCMXmXFjc=
x-amz-request-id: M6W7306WH3DWZ0ZY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 20:55:05 GMT
age: 92
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

bzdyuso.health-carereform.com/rd/u20400IAQIW116818tQOy590Ebp1127ajJN1244

162.253.215.194

200 OK

235 B

URL HTTP/1.1
bzdyuso.health-carereform.com/rd/u20400IAQIW116818tQOy590Ebp1127ajJN1244
IP
162.253.215.194:0
ASN
#398646 SECURENET

File type
HTML document, ASCII text
Size
235 B (235 bytes)
Hash
98c9bcb423acc9b6168657c6ebc350ac
734f738abfc9792d059ec004adbec0daef1356e4
e46f3127e1d2d73084efc503b86c3c5ab7091677b493e10d59f0cf4375b9a1e7

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.health-carereform .com Domain

HTTP Headers

GET /rd/u20400IAQIW116818tQOy590Ebp1127ajJN1244 HTTP/1.1
Host: bzdyuso.health-carereform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Sat, 14 Jan 2023 20:56:37 GMT
Content-Length: 235

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 20:56:37 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 14 Jan 2023 20:17:25 GMT
age: 2352
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

bzdyuso.health-carereform.com/track/u20400IAQIW116818tQOy590Ebp1127ajJN1244

162.253.215.194

302 Found

58 B

URL HTTP/1.1
bzdyuso.health-carereform.com/track/u20400IAQIW116818tQOy590Ebp1127ajJN1244
IP
162.253.215.194:0
ASN
#398646 SECURENET

File type
HTML document, ASCII text
Size
58 B (58 bytes)
Hash
11b04318e8e3c177a24c7358a4f5308d
e6fb553c0d846dd709d9323dd5e6a847c5932319
4a8f5402c717b774dfcd6ee1ccf412e1a6feddf9856850916e5f169ccd6f119a

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.health-carereform .com Domain

HTTP Headers

GET /track/u20400IAQIW116818tQOy590Ebp1127ajJN1244 HTTP/1.1
Host: bzdyuso.health-carereform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bzdyuso.health-carereform.com/rd/u20400IAQIW116818tQOy590Ebp1127ajJN1244
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: https://getneuropure.com/opt-out-np
Date: Sat, 14 Jan 2023 20:56:37 GMT
Content-Length: 58

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c01ec61f7ca77158f474b3ab519c12fa
fc82ae0fcd73a83a980b75709a08e65239894e4a
f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 712
Cache-Control: max-age=130921
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:38 GMT
Etag: "63c270a7-1d7"
Expires: Mon, 16 Jan 2023 09:18:39 GMT
Last-Modified: Sat, 14 Jan 2023 09:06:47 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.39.122.167

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.122.167:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6BnK7FB4z4MeJCHpxXhfrg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Cx8eVcaShpxpv37xtsWL67NSRBk=

cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/js.cookie.min.js

104.17.24.14

200 OK

746 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/js.cookie.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1689), with no line terminators
Size
746 B (746 bytes)
Hash
c7aa19d4df3072191003257d7afa3476
8b205902361f13e2c86b4ef810ed123322364908
b70572d447d0e34f939d5f6fc58e6df16c1972e48ef6acd419f0ff05bd12fd96

HTTP Headers

GET /ajax/libs/js-cookie/2.2.0/js.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 746
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec5-699"
last-modified: Mon, 04 May 2020 16:11:49 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2057623
expires: Thu, 04 Jan 2024 20:56:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTiitLccgiUQ1D%2FJCX72GG%2BFx5Ry0Q6IaWaqrFcT6e0QWCZzl%2F2h%2B3oDftlMg%2B5smSz%2BlwVPPXIu15i7J4v%2FC4Vfg2ogR1kTjdSxGwLWeM5G5K6hX7M7MdUlf1%2FPDIGyNRPO9HEx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7899478a48e0b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

getneuropure.com/assets/pushcrew.js

104.16.12.194

200 OK

627 B

URL HTTP/2
getneuropure.com/assets/pushcrew.js
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (637), with no line terminators
Size
627 B (627 bytes)
Hash
335adf8ad98ac64bd6356476a44b3ce2
2ac66a9922a96c66440e8535f0bdef8bc63a6447
d587ca4198f4f42b127410c55b9626e9ccd4233be688c32fe9d8fb71f2dddfb1

HTTP Headers

GET /assets/pushcrew.js HTTP/1.1
Host: getneuropure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/opt-out-np-1
Cookie: __cf_bm=S.blsVeRos2_mmhBBW7PIBPaColCIwPN0_eSaEsqoZ0-1673729798-0-ASuGuXbUHUJ/KewjvyFOIffm+3YrQv5L+8yBMRjlHt21J2i/fz0YsdW71OC1jyU+k7m0NNFEHCSb7nMikierbfzz47hTF+gHKCXhkRnr2/1O
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:38 GMT
content-type: application/x-javascript
cf-ray: 7899478a0a60b4f9-OSL
access-control-allow-origin: *
age: 860
cache-control: public, max-age=1200
etag: W/"63bc4244-27d"
expires: Sat, 14 Jan 2023 21:16:38 GMT
last-modified: Mon, 09 Jan 2023 16:35:16 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.3.1.min.js

69.16.175.42

200 OK

30 kB

URL HTTP/2
code.jquery.com/jquery-3.3.1.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65451)
Size
30 kB (30288 bytes)
Hash
d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44

HTTP Headers

GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getneuropure.com
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:38 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CJbKjJ4GEocBCiQxZDBiMzhiOS04ZTg1LTRiOTktYjJhMy1jNmQ5NDZiYjMwOWMQ+OiCoKvU+wIaBgiGroyeBiIMOTEuOTAuNDIuMTU0KPHUAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkZDk1NTg2NjYtMTU2MC00OTE3LWIzN2UtZWRhOTA0MTk1NjMyGNDsASIYCAISFGNkczI0MC5zazEuaHdjZG4ubmV0.u2oWd2+PX3/WNZCmXfuCMFKzwh3wSovuy8FGmLdc2Mo=
x-hw: 1673729798.dop206.sk1.t,1673729798.cds068.sk1.hn,1673729798.cds240.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e804586be26c88b95d554afe0ef24d5c
6f99b1fe2330c4661608f17819a4490a92ca296c
38894b7977e8f8e790a71eedf8144799a77ccceb49771e7458392ad7916293db

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=AW-10890968454

142.250.74.168

200 OK

70 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-10890968454
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3630)
Size
70 kB (69469 bytes)
Hash
2db4ee86d6dc391ed56f24891a6d154f
66b85b68ed03b8205b49b9450bcaa0a84cf1b759
acf5d5372d0264e4932a7f3a3839e91e089a45a65e500dee057d5224486fab48

HTTP Headers

GET /gtag/js?id=AW-10890968454 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Jan 2023 20:56:38 GMT
expires: Sat, 14 Jan 2023 20:56:38 GMT
cache-control: private, max-age=900
last-modified: Sat, 14 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69469
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e804586be26c88b95d554afe0ef24d5c
6f99b1fe2330c4661608f17819a4490a92ca296c
38894b7977e8f8e790a71eedf8144799a77ccceb49771e7458392ad7916293db

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-5SX3QL4

142.250.74.168

200 OK

56 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-5SX3QL4
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (11483)
Size
56 kB (56112 bytes)
Hash
e78e906bc26e1a49ef002b8026046e1c
1f5c310f25a966cb7b36777364aa8de1d1891a43
27381d4f06d2de60e9fc41dffa8f3be213659c1b48ff354db078a8f4f7ed509c

HTTP Headers

GET /gtm.js?id=GTM-5SX3QL4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Jan 2023 20:56:38 GMT
expires: Sat, 14 Jan 2023 20:56:38 GMT
cache-control: private, max-age=900
last-modified: Sat, 14 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 56112
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

assets.clickfunnels.com/images/grey-geo.png

104.16.13.194

200 OK

62 kB

URL HTTP/2
assets.clickfunnels.com/images/grey-geo.png
IP
104.16.13.194:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
62 kB (61666 bytes)
Hash
44cf780c1aa4d29cee2c5b47fc451c77
26e32c819082778f9986f3002dc90a41824f200f
9a5a0fb29649a77fea6dceb0028d96ca7cd1dbd795bce58d52ee9da25ea645ea

HTTP Headers

GET /images/grey-geo.png HTTP/1.1
Host: assets.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Cookie: __cf_bm=DhKhWklzTDkSzVanfRZrrsFYf2HstN9i_VuHDdTYQDA-1673729798-0-ASB8bqwD88SmAfPGXNRzyKHyZ9B+O56HAO3ryicxPCOKop+lVQ/oIHrYbzidcf6Wi3U0jKG3O6RU7i+fsY8cuCrgGdhHVXaAMfdkJ7epHw0E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:39 GMT
content-type: image/webp
content-length: 61666
cf-ray: 7899478cfd661c0a-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 690611
cache-control: public, max-age=2678400
content-disposition: inline; filename="grey-geo.webp"
etag: "63b5de41-fd59"
expires: Tue, 14 Feb 2023 20:56:39 GMT
last-modified: Wed, 04 Jan 2023 20:14:57 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=64857
server: cloudflare
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
87c8a3ea91f7ebb7004e49751388d97e
87d7d590351bb950974dddef62a3c7886392b9f4
5d679f5ab0e6103155ffdacac5b4ed76c7a3e4828ad40354a020e8a4e450f98d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2721
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:39 GMT
Etag: "63c235b8-118"
Last-Modified: Sat, 14 Jan 2023 20:11:18 GMT
Server: ECS (amb/6BC7)
X-Cache: HIT
Content-Length: 280

getneuropure.com/assets/lander.css

104.16.12.194

200 OK

72 kB

URL HTTP/2
getneuropure.com/assets/lander.css
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (53232)
Size
72 kB (71944 bytes)
Hash
a477464b716658e28d87e6e6eb654ea1
4f409da3ffa2a7600bee40a762bb419c15b16e91
f1ef5c552c8f57665df34db7376cf63331f1df6765ac9c37a878f7c7fdcb7b2f

HTTP Headers

GET /assets/lander.css HTTP/1.1
Host: getneuropure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/opt-out-np-1
Cookie: __cf_bm=S.blsVeRos2_mmhBBW7PIBPaColCIwPN0_eSaEsqoZ0-1673729798-0-ASuGuXbUHUJ/KewjvyFOIffm+3YrQv5L+8yBMRjlHt21J2i/fz0YsdW71OC1jyU+k7m0NNFEHCSb7nMikierbfzz47hTF+gHKCXhkRnr2/1O
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:38 GMT
content-type: text/css
cf-ray: 78994789ea39b4f9-OSL
access-control-allow-origin: *
age: 497
cache-control: public, max-age=1200
etag: W/"63bc4244-6a514"
expires: Sat, 14 Jan 2023 21:16:38 GMT
last-modified: Mon, 09 Jan 2023 16:35:16 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.paypal.com/tagmanager/pptm.js?id=5df07869-3aca-48d2-a2ee-8f56d12d068c

192.229.221.25

200 OK

5.0 kB

URL HTTP/2
www.paypal.com/tagmanager/pptm.js?id=5df07869-3aca-48d2-a2ee-8f56d12d068c
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (14469)
Size
5.0 kB (5014 bytes)
Hash
50b74af73cd4b91581d63e1084d802c3
c026d7a306c377fa9e2bf8ce2ea429e2d34e32dc
270a7c3dfc7572d6194b69aba6d7d23b52edf4b0e84a48b9328948df77a3bffd

HTTP Headers

GET /tagmanager/pptm.js?id=5df07869-3aca-48d2-a2ee-8f56d12d068c HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-expose-headers: Server-Timing
age: 84212
cache-control: public, max-age=3600
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-TUKyf2pSxVnbnqxY9tKYEl738ZdJDSRMfgR4g0iHvqrNdU+v' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type: application/x-javascript; charset=utf-8
date: Sat, 14 Jan 2023 20:56:39 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"38b0-FdUKuz02Ot3vcDP6YPfPov3RHLM"
last-modified: Fri, 13 Jan 2023 21:33:08 GMT
paypal-debug-id: 0626ba67b6789
server: ECAcc (ska/F79C)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000626ba67b6789-4c4968ed4e455fdf-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 5014
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
87c8a3ea91f7ebb7004e49751388d97e
87d7d590351bb950974dddef62a3c7886392b9f4
5d679f5ab0e6103155ffdacac5b4ed76c7a3e4828ad40354a020e8a4e450f98d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2721
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:39 GMT
Last-Modified: Sat, 14 Jan 2023 20:11:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11122
Expires: Sun, 15 Jan 2023 00:02:01 GMT
Date: Sat, 14 Jan 2023 20:56:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11122
Expires: Sun, 15 Jan 2023 00:02:01 GMT
Date: Sat, 14 Jan 2023 20:56:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11122
Expires: Sun, 15 Jan 2023 00:02:01 GMT
Date: Sat, 14 Jan 2023 20:56:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11122
Expires: Sun, 15 Jan 2023 00:02:01 GMT
Date: Sat, 14 Jan 2023 20:56:39 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5201aa-c0a6-43a3-b371-9091b021b171.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5201aa-c0a6-43a3-b371-9091b021b171.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8681 bytes)
Hash
5b6f9fd45fe3dfe1bc0ee610925c385d
4ab08950008a4ab0a52091bb6f186c12814276e9
3dab6a58e53155e44117fbd9d40c4f38a7586efe1e69db1a064d2bbc5bbf185a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5201aa-c0a6-43a3-b371-9091b021b171.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8681
x-amzn-requestid: 1060e7e7-3864-4ce5-b0aa-cfe24bb1a21a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0qdGvqoAMF57g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce42-3cf8e4535d417e6f5142f23d;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fn6fJcMooAv0V8MKuIM5EMGIEBijeoPBv5VWPtEz0j7LbfLoWw_soA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:49:01 GMT
age: 83258
etag: "4ab08950008a4ab0a52091bb6f186c12814276e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0a5cc8b-8d62-447a-a39c-733e1afdd415.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7447 bytes)
Hash
2363dbe7bb6a459853d8d19cab50e70b
ded76de1dd453e40dbf6eaa8607cf19fac7f71a4
f96da6354cec52143768014c36ba2b298224a58b0bf38bd2aa5f3bfce69d8670

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0a5cc8b-8d62-447a-a39c-733e1afdd415.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7447
x-amzn-requestid: dd3543b7-4e6b-4605-acea-a21d39af02ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0qSFjAIAMF7HQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce41-56e2ccc63669032d70cba0ba;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AYaeawnEmwHkyx3h-yliVx-ARcRB3W5kbtFH5tARnL3YMD6e4WYAQw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:49:01 GMT
age: 83258
etag: "ded76de1dd453e40dbf6eaa8607cf19fac7f71a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8181 bytes)
Hash
d24ea1f095f492934a1f1c63f5d8590c
dade37148c9b9a941f93a8535d8ddc5de3952623
2d8e3f90eb347eb3479a6c5d20a1c2ca6a0560f335a6c6800948db2640e4c878

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8181
x-amzn-requestid: 7ada8fbd-58e6-4433-a532-b4a4ef93ac9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0paH-OIAMFg5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce3c-582529522dbb67ee728484f8;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AHjOmYxva5avyA3gt9DvYLas_B2ACimer5QRQOi919HDtSjnKq22lw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:36:45 GMT
age: 83994
etag: "dade37148c9b9a941f93a8535d8ddc5de3952623"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9539 bytes)
Hash
a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: eb427fd6-c342-4a22-af45-ecc528cf4a8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: epfDqEAZIAMFudQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0787d-4f61ecd2422081224869da76;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:15:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RRMRT2BC5p1x0Vh20ut0Kjbz2mnaNToUIbzIg9oczduvzYCckvFORA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 05:58:29 GMT
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
age: 53890
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9154 bytes)
Hash
b1378f107c1996ade14a8fe7fd728072
f52d98d9a0d1d343a539689ea14acf99e148cf8c
4be994757ec7ec42929590169de199e927889261334e258903a0929a1055047d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9154
x-amzn-requestid: fbb1140d-7ec2-4f86-8761-5d04601af70e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAkCEN2IAMFuMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7ae6-4baebf1104f9cf2a0ee8a538;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:13:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jlRcVyQppaQaPPMKaqadtaEHfdOYXXXbnfrr44l_2E2qaOoh_O0Mog==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 04:21:52 GMT
age: 59687
etag: "f52d98d9a0d1d343a539689ea14acf99e148cf8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9135 bytes)
Hash
64ba27a2f0a3bc61bd325f1fb317b755
c65c58476b66cbb6269ba1d8412d270a0a003ae3
5f7f03752f8a7c8c08d92512ae93b193ea37f59354503c3129d33fd2910f87e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9135
x-amzn-requestid: 2c5e9de0-9244-43ac-b7c4-712cbcf7038c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAnoG6roAMFzgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7afd-7fb640b30bab63bc1979a173;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:14:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RnAGo4OuBl5UjyOlUOJqu2nlFLHTOe0ETxokWtbI4frbpkNVnIBSew==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 01:41:40 GMT
age: 69299
etag: "c65c58476b66cbb6269ba1d8412d270a0a003ae3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-551J33Q7R1&gtm=2oe1a1&_p=106084074&_gaz=1&cid=1974498552.1673729799&ul=en-us&sr=1280x1024&_s=1&sid=1673729799&sct=1&seg=0&dl=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&dr=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&dt=Kachin%20Diabetes%20Opt-Out%20Page&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-551J33Q7R1&gtm=2oe1a1&_p=106084074&_gaz=1&cid=1974498552.1673729799&ul=en-us&sr=1280x1024&_s=1&sid=1673729799&sct=1&seg=0&dl=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&dr=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&dt=Kachin%20Diabetes%20Opt-Out%20Page&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-551J33Q7R1&gtm=2oe1a1&_p=106084074&_gaz=1&cid=1974498552.1673729799&ul=en-us&sr=1280x1024&_s=1&sid=1673729799&sct=1&seg=0&dl=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&dr=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&dt=Kachin%20Diabetes%20Opt-Out%20Page&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getneuropure.com
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://getneuropure.com
date: Sat, 14 Jan 2023 20:56:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2f8ae4ab9ee17e2598e9299bdc0f44c0
ab4c7d1750edf513359218ab6d0b81cdd4dcb90c
75e680ab62ee77f0811fdb770d1c913dd41a911e7efb4ca99bc4cfe7fcb432c7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/g/collect?v=2&tid=G-551J33Q7R1&cid=1974498552.1673729799&gtm=2oe1a1&aip=1

74.125.131.155

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-551J33Q7R1&cid=1974498552.1673729799&gtm=2oe1a1&aip=1
IP
74.125.131.155:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-551J33Q7R1&cid=1974498552.1673729799&gtm=2oe1a1&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getneuropure.com
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://getneuropure.com
date: Sat, 14 Jan 2023 20:56:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

classic.clickfunnels.com/images/closemodal.png

104.16.13.194

200 OK

672 B

URL HTTP/2
classic.clickfunnels.com/images/closemodal.png
IP
104.16.13.194:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
672 B (672 bytes)
Hash
19754ed4d508cf576c80cf36e0db8c50
f459beac714e5be68aa75349fa806a5642af456a
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

HTTP Headers

GET /images/closemodal.png HTTP/1.1
Host: classic.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getneuropure.com/
Connection: keep-alive
Cookie: __cf_bm=DhKhWklzTDkSzVanfRZrrsFYf2HstN9i_VuHDdTYQDA-1673729798-0-ASB8bqwD88SmAfPGXNRzyKHyZ9B+O56HAO3ryicxPCOKop+lVQ/oIHrYbzidcf6Wi3U0jKG3O6RU7i+fsY8cuCrgGdhHVXaAMfdkJ7epHw0E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:39 GMT
content-type: image/webp
content-length: 672
cf-ray: 789947914a061c0a-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 186784
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "63bc4244-314"
expires: Tue, 14 Feb 2023 20:56:39 GMT
last-modified: Mon, 09 Jan 2023 16:35:16 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2f8ae4ab9ee17e2598e9299bdc0f44c0
ab4c7d1750edf513359218ab6d0b81cdd4dcb90c
75e680ab62ee77f0811fdb770d1c913dd41a911e7efb4ca99bc4cfe7fcb432c7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.paypalobjects.com/muse/muse.js

151.101.130.133

200 OK

16 kB

URL HTTP/2
www.paypalobjects.com/muse/muse.js
IP
151.101.130.133:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (55891)
Size
16 kB (16464 bytes)
Hash
6aebbe482c72000aea20895991f70478
eff1d3370786f9ee4ea539776bc43ab9bece89ba
2acb950bc7678b9e6c265194821fac386bf555db582ee8c0e2d9e68ff3eaa862

HTTP Headers

GET /muse/muse.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: application/javascript
etag: W/"6271663d-da91"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 84840867de170
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 14 Jan 2023 20:56:40 GMT
x-served-by: cache-sjc10029-SJC, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 207441
x-timer: S1673729800.045187,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 16464
X-Firefox-Spdy: h2

b-code.liadm.com/a-07go.min.js

143.204.55.112

200 OK

28 kB

URL HTTP/2
b-code.liadm.com/a-07go.min.js
IP
143.204.55.112:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (34034)
Size
28 kB (27992 bytes)
Hash
4798016873ccb7fde30afeb0f3edd6ae
66986f2a6933da815318da302ade1f62cf4ecfbe
f97f2fce3a513951f0402087c6b811b9058fd4ca8a04e0eb8223801f4bfc58b4

HTTP Headers

GET /a-07go.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Sat, 14 Jan 2023 07:54:12 GMT
cache-control: "public, max-age=86400"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: X98OWC_jZJGvG5g-_-vKd0Gf-CslMP2_AOyebKp-fxs-y-_eldenLQ==
age: 46948
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=bHhEWVB4Nm5JUGJiYjR6bzlEYnRmdz09LS1PMUhGYmdHMElrNHc0a1hodVVxSkJBPT0%3D--846254693e0c5c626f70360fdf846f5ad8a4b839&page_id=d2h2SExkcTdpbG1xaHpTV1FUZzl1Zz09LS1aYU00d1FYMTRrZnVlMWtpZWZWQS9nPT0%3D--0c1a9f3cf5e4cc8c9b82430899b43ab0f96f5ddb&funnel_step_id=cmRNOE1McHNURVFzQXMzWjVuNysyUT09LS0wRXZLYWRSd1N2Y2FyYm91TzVleUhnPT0%3D--0cfe3ba528cf3af16772ff1eb55b5708458d019a&user_id=em5wYk43NnhRYTlvZkU0MXdvTFlFQT09LS1ra1NCaHpJZDZhckRsMzdISHpGVGlBPT0%3D--b3cd29e912b259523a5f8796de5bc202917beaa0&account_id=RlNGbnhVeXpuamhUMDRtZi9YQmp2UT09LS1iZU92cXQ3WDhqeUpLMjRkbGE1WHZnPT0%3D--b08ce0dd10c1ff17d5e611f33cd46c5168fe09e9&page_code=NTAxNDM2MDY%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1152&type=Userevents::PageviewsCreatedSummary&nonce=f960e6ca-3a98-4a42-baff-7dfb4999b989&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1

104.16.13.194

202 Accepted

312 B

URL HTTP/2
app.clickfunnels.com/userevents/?funnel_id=bHhEWVB4Nm5JUGJiYjR6bzlEYnRmdz09LS1PMUhGYmdHMElrNHc0a1hodVVxSkJBPT0%3D--846254693e0c5c626f70360fdf846f5ad8a4b839&page_id=d2h2SExkcTdpbG1xaHpTV1FUZzl1Zz09LS1aYU00d1FYMTRrZnVlMWtpZWZWQS9nPT0%3D--0c1a9f3cf5e4cc8c9b82430899b43ab0f96f5ddb&funnel_step_id=cmRNOE1McHNURVFzQXMzWjVuNysyUT09LS0wRXZLYWRSd1N2Y2FyYm91TzVleUhnPT0%3D--0cfe3ba528cf3af16772ff1eb55b5708458d019a&user_id=em5wYk43NnhRYTlvZkU0MXdvTFlFQT09LS1ra1NCaHpJZDZhckRsMzdISHpGVGlBPT0%3D--b3cd29e912b259523a5f8796de5bc202917beaa0&account_id=RlNGbnhVeXpuamhUMDRtZi9YQmp2UT09LS1iZU92cXQ3WDhqeUpLMjRkbGE1WHZnPT0%3D--b08ce0dd10c1ff17d5e611f33cd46c5168fe09e9&page_code=NTAxNDM2MDY%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1152&type=Userevents::PageviewsCreatedSummary&nonce=f960e6ca-3a98-4a42-baff-7dfb4999b989&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1
IP
104.16.13.194:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
312 B (312 bytes)
Hash
2c432ddf3c09643969b5936593a758e9
a778f65d71595297ac10a445249b82bd9bf3dfa8
020992335fc2224fbc13c760c5bef08c6cd02be82be697a444cdc32702d4d71a

HTTP Headers

GET /userevents/?funnel_id=bHhEWVB4Nm5JUGJiYjR6bzlEYnRmdz09LS1PMUhGYmdHMElrNHc0a1hodVVxSkJBPT0%3D--846254693e0c5c626f70360fdf846f5ad8a4b839&page_id=d2h2SExkcTdpbG1xaHpTV1FUZzl1Zz09LS1aYU00d1FYMTRrZnVlMWtpZWZWQS9nPT0%3D--0c1a9f3cf5e4cc8c9b82430899b43ab0f96f5ddb&funnel_step_id=cmRNOE1McHNURVFzQXMzWjVuNysyUT09LS0wRXZLYWRSd1N2Y2FyYm91TzVleUhnPT0%3D--0cfe3ba528cf3af16772ff1eb55b5708458d019a&user_id=em5wYk43NnhRYTlvZkU0MXdvTFlFQT09LS1ra1NCaHpJZDZhckRsMzdISHpGVGlBPT0%3D--b3cd29e912b259523a5f8796de5bc202917beaa0&account_id=RlNGbnhVeXpuamhUMDRtZi9YQmp2UT09LS1iZU92cXQ3WDhqeUpLMjRkbGE1WHZnPT0%3D--b08ce0dd10c1ff17d5e611f33cd46c5168fe09e9&page_code=NTAxNDM2MDY%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1152&type=Userevents::PageviewsCreatedSummary&nonce=f960e6ca-3a98-4a42-baff-7dfb4999b989&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getneuropure.com
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Sat, 14 Jan 2023 20:56:39 GMT
content-type: text/html
cf-ray: 7899479099361c0a-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 8905c1b24158180bfa954dd49e8be31d
x-runtime: 0.038640
set-cookie: __cf_bm=EbN_0qwwvyNSUYcEw6TqvBW5Nfip_RYknUnaVYKC4BA-1673729799-0-AZIygA5YBHimjiZIqGTCmtMv/jQv8k4tKwIEDz2Jea+xv6gNZEuvuwh2XB3ZeRbjZaDBKD/JcsQMvTxec1865tFZJndX+o0c8qsFAtZROaMj; path=/; expires=Sat, 14-Jan-23 21:26:39 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics%3A%3A8QDXYAD82LT2Y-1&page=muse%3Athird-party%3Aanalytics%3A%3A8QDXYAD82LT2Y-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=5df07869-3aca-48d2-a2ee-8f56d12d068c&fltp=analytics&mrid=8QDXYAD82LT2Y&code=HAWK_TAGMANAGER&partner_name=HAWK_TAGMANAGER&flag_consume=yes&pt=Kachin%20Diabetes%20Opt-Out%20Page&dh=1024&dw=1280&bh=836&bw=1152&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1673729800017&g=0&completeurl=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ru=http%3A%2F%2Fbzdyuso.health-carereform.com%2F

192.229.221.25

200 OK

42 B

URL HTTP/2
t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics%3A%3A8QDXYAD82LT2Y-1&page=muse%3Athird-party%3Aanalytics%3A%3A8QDXYAD82LT2Y-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=5df07869-3aca-48d2-a2ee-8f56d12d068c&fltp=analytics&mrid=8QDXYAD82LT2Y&code=HAWK_TAGMANAGER&partner_name=HAWK_TAGMANAGER&flag_consume=yes&pt=Kachin%20Diabetes%20Opt-Out%20Page&dh=1024&dw=1280&bh=836&bw=1152&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1673729800017&g=0&completeurl=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ru=http%3A%2F%2Fbzdyuso.health-carereform.com%2F
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

HTTP Headers

GET /ts?pgrp=muse%3Athird-party%3Aanalytics%3A%3A8QDXYAD82LT2Y-1&page=muse%3Athird-party%3Aanalytics%3A%3A8QDXYAD82LT2Y-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=5df07869-3aca-48d2-a2ee-8f56d12d068c&fltp=analytics&mrid=8QDXYAD82LT2Y&code=HAWK_TAGMANAGER&partner_name=HAWK_TAGMANAGER&flag_consume=yes&pt=Kachin%20Diabetes%20Opt-Out%20Page&dh=1024&dw=1280&bh=836&bw=1152&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1673729800017&g=0&completeurl=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ru=http%3A%2F%2Fbzdyuso.health-carereform.com%2F HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
date: Sat, 14 Jan 2023 20:56:40 GMT
expires: Sat, 14 Jan 2023 20:56:40 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 93ddc491eeaae
pragma: no-cache
server: ECAcc (frc/4CFC)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: ts=vreXpYrS%3D1768424200%26vteXpYrS%3D1673731600%26vr%3Db211f7681850aa58a7348c48ffffffff%26vt%3Db211f7681850aa58a7348c48fffffffe; Expires=Wed, 14 Jan 2026 20:56:40 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3Db211f7681850aa58a7348c48ffffffff%26vt%3Db211f7681850aa58a7348c48fffffffe; Expires=Wed, 14 Jan 2026 20:56:40 GMT; Domain=.paypal.com; Path=/; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000093ddc491eeaae-493b57deca63d7fd-01
content-length: 42
X-Firefox-Spdy: h2

cdn.bttrack.com/universal/44843

69.16.175.42

200 OK

0 B

URL HTTP/1.1
cdn.bttrack.com/universal/44843
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /universal/44843 HTTP/1.1
Host: cdn.bttrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 20:56:40 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Cache-Control: max-age=900
Content-Length: 0
Content-Type: application/octet-stream
X-HW: 1673729800.dop231.sk1.t,1673729800.cds235.sk1.shn,1673729800.dop231.sk1.t,1673729800.cds245.sk1.p

dynamic.criteo.com/js/ld/ld.js?a=%2093796

178.250.0.147

200 OK

15 kB

URL HTTP/2
dynamic.criteo.com/js/ld/ld.js?a=%2093796
IP
178.250.0.147:0
ASN
#44788 Criteo SA

File type
ASCII text, with very long lines (43225)
Size
15 kB (14736 bytes)
Hash
c282a7570a428cceed19e01665fdb6f9
c17fef13a94c4e6d85d95c448059695d633d0316
0e81101e91a092de45335e7756563c42c8a53af809b3bcc264f00043abf4a234

HTTP Headers

GET /js/ld/ld.js?a=%2093796 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:39 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

amplify.outbrain.com/cp/obtp.js

2.18.173.74

200 OK

5.5 kB

URL HTTP/1.1
amplify.outbrain.com/cp/obtp.js
IP
2.18.173.74:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (17064), with no line terminators
Size
5.5 kB (5512 bytes)
Hash
a846d48b346dbb36790da05d37c5c664
8459c596050371032448288b832e153e5a6f3adc
ce818f7c86f8500603081fc67ab8e47bf4f2d7b4512ff2950ee14a53bee09a02

HTTP Headers

GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "2b39cf4b5b36810a615ee712f89afb45:1673520765.626306"
Last-Modified: Thu, 12 Jan 2023 07:20:52 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sat, 14 Jan 2023 21:16:40 GMT
Date: Sat, 14 Jan 2023 20:56:40 GMT
Content-Length: 5512
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e6c8f8a0e3ef850c66d344a842dfa3c3
c8475fa1d4d3d8ca3394272ade4c97c6bab3a286
58226f2841670d93086aa4dc60373f7770bfbcc11760cacd7691299b6c403efa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/10890968454/?random=1673729799175&cv=11&fst=1673729799175&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&auid=1851481178.1673729799&data=event%3Dgtag.config&rfmt=3&fmt=4

172.217.21.162

200 OK

923 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10890968454/?random=1673729799175&cv=11&fst=1673729799175&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&auid=1851481178.1673729799&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2007), with no line terminators
Size
923 B (923 bytes)
Hash
327e37959352343e138882c3942bfc9e
67d18a9a8ed30ff42a2174b5307d56d43d93dbd6
bf80cab1dc9b8d63afa50b7bece9386496fc8cb71710d7b373d7094d598852f9

HTTP Headers

GET /pagead/viewthroughconversion/10890968454/?random=1673729799175&cv=11&fst=1673729799175&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&auid=1851481178.1673729799&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 20:56:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 923
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 14-Jan-2023 21:11:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=bHhEWVB4Nm5JUGJiYjR6bzlEYnRmdz09LS1PMUhGYmdHMElrNHc0a1hodVVxSkJBPT0%3D--846254693e0c5c626f70360fdf846f5ad8a4b839&page_id=d2h2SExkcTdpbG1xaHpTV1FUZzl1Zz09LS1aYU00d1FYMTRrZnVlMWtpZWZWQS9nPT0%3D--0c1a9f3cf5e4cc8c9b82430899b43ab0f96f5ddb&funnel_step_id=cmRNOE1McHNURVFzQXMzWjVuNysyUT09LS0wRXZLYWRSd1N2Y2FyYm91TzVleUhnPT0%3D--0cfe3ba528cf3af16772ff1eb55b5708458d019a&user_id=em5wYk43NnhRYTlvZkU0MXdvTFlFQT09LS1ra1NCaHpJZDZhckRsMzdISHpGVGlBPT0%3D--b3cd29e912b259523a5f8796de5bc202917beaa0&account_id=RlNGbnhVeXpuamhUMDRtZi9YQmp2UT09LS1iZU92cXQ3WDhqeUpLMjRkbGE1WHZnPT0%3D--b08ce0dd10c1ff17d5e611f33cd46c5168fe09e9&page_code=NTAxNDM2MDY%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1152&type=Userevents::UniqueVisitorsCreatedSummary&nonce=001f9d0b-1f53-467e-abeb-f0c17a9fac57&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1

104.16.13.194

202 Accepted

12 kB

URL HTTP/2
app.clickfunnels.com/userevents/?funnel_id=bHhEWVB4Nm5JUGJiYjR6bzlEYnRmdz09LS1PMUhGYmdHMElrNHc0a1hodVVxSkJBPT0%3D--846254693e0c5c626f70360fdf846f5ad8a4b839&page_id=d2h2SExkcTdpbG1xaHpTV1FUZzl1Zz09LS1aYU00d1FYMTRrZnVlMWtpZWZWQS9nPT0%3D--0c1a9f3cf5e4cc8c9b82430899b43ab0f96f5ddb&funnel_step_id=cmRNOE1McHNURVFzQXMzWjVuNysyUT09LS0wRXZLYWRSd1N2Y2FyYm91TzVleUhnPT0%3D--0cfe3ba528cf3af16772ff1eb55b5708458d019a&user_id=em5wYk43NnhRYTlvZkU0MXdvTFlFQT09LS1ra1NCaHpJZDZhckRsMzdISHpGVGlBPT0%3D--b3cd29e912b259523a5f8796de5bc202917beaa0&account_id=RlNGbnhVeXpuamhUMDRtZi9YQmp2UT09LS1iZU92cXQ3WDhqeUpLMjRkbGE1WHZnPT0%3D--b08ce0dd10c1ff17d5e611f33cd46c5168fe09e9&page_code=NTAxNDM2MDY%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1152&type=Userevents::UniqueVisitorsCreatedSummary&nonce=001f9d0b-1f53-467e-abeb-f0c17a9fac57&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1
IP
104.16.13.194:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Size
12 kB (11460 bytes)
Hash
d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8

HTTP Headers

GET /userevents/?funnel_id=bHhEWVB4Nm5JUGJiYjR6bzlEYnRmdz09LS1PMUhGYmdHMElrNHc0a1hodVVxSkJBPT0%3D--846254693e0c5c626f70360fdf846f5ad8a4b839&page_id=d2h2SExkcTdpbG1xaHpTV1FUZzl1Zz09LS1aYU00d1FYMTRrZnVlMWtpZWZWQS9nPT0%3D--0c1a9f3cf5e4cc8c9b82430899b43ab0f96f5ddb&funnel_step_id=cmRNOE1McHNURVFzQXMzWjVuNysyUT09LS0wRXZLYWRSd1N2Y2FyYm91TzVleUhnPT0%3D--0cfe3ba528cf3af16772ff1eb55b5708458d019a&user_id=em5wYk43NnhRYTlvZkU0MXdvTFlFQT09LS1ra1NCaHpJZDZhckRsMzdISHpGVGlBPT0%3D--b3cd29e912b259523a5f8796de5bc202917beaa0&account_id=RlNGbnhVeXpuamhUMDRtZi9YQmp2UT09LS1iZU92cXQ3WDhqeUpLMjRkbGE1WHZnPT0%3D--b08ce0dd10c1ff17d5e611f33cd46c5168fe09e9&page_code=NTAxNDM2MDY%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1152&type=Userevents::UniqueVisitorsCreatedSummary&nonce=001f9d0b-1f53-467e-abeb-f0c17a9fac57&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getneuropure.com
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Sat, 14 Jan 2023 20:56:39 GMT
content-type: text/html
cf-ray: 78994790993c1c0a-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: bd94e3e09187f6e2ad58aee3b5c8ea2a
x-runtime: 0.043441
set-cookie: __cf_bm=Ab93876bDlIQ9i6SFQwO3wQYqJC9HDrt14PG6Z7VjrE-1673729799-0-AU2Wo57nCSGuI1nTzoenstiH+f/CUndxRqzcU40psRQBfwEcaehjl37EXSLiKXlujzhRHT5j/Ghez6V4Pcb7bCXcboVrhvkUPO7Uhgf1FGXD; path=/; expires=Sat, 14-Jan-23 21:26:39 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/10890968454/?random=1673729800530&cv=11&fst=1673729800530&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&auid=1851481178.1673729799&data=event%3Dgtag.config&rfmt=3&fmt=4

172.217.21.162

200 OK

924 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10890968454/?random=1673729800530&cv=11&fst=1673729800530&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&auid=1851481178.1673729799&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2009), with no line terminators
Size
924 B (924 bytes)
Hash
cb1f8b8e6d37a25748aa6406f2ef1c2e
251701e5547bda157391cb95698eec07c6e7ff12
eac3dfc09b83df5def012026189a667975f041a028064583e27d5ce82613085d

HTTP Headers

GET /pagead/viewthroughconversion/10890968454/?random=1673729800530&cv=11&fst=1673729800530&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&auid=1851481178.1673729799&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 20:56:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 924
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 14-Jan-2023 21:11:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

104.16.56.101

200 OK

7.4 kB

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
104.16.56.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
7.4 kB (7415 bytes)
Hash
0654db6371ecbebf3c441fe6c9cafdbd
ab1ce4cc3b8d53aa2e6749a7199700b24c784b29
7f818eed3b9440013dcee453de23e97812b564af220bf8386fd51455605b4495

HTTP Headers

GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getneuropure.com
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:38 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7899478a7993b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-551J33Q7R1&cid=1974498552.1673729799&gtm=2oe1a1&aip=1&z=209742312

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-551J33Q7R1&cid=1974498552.1673729799&gtm=2oe1a1&aip=1&z=209742312
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-551J33Q7R1&cid=1974498552.1673729799&gtm=2oe1a1&aip=1&z=209742312 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 20:56:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/10890968454/?random=1673729799175&cv=11&fst=1673726400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=238178185&rmt_tld=1&ipr=y

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/10890968454/?random=1673729799175&cv=11&fst=1673726400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=238178185&rmt_tld=1&ipr=y
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/10890968454/?random=1673729799175&cv=11&fst=1673726400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=238178185&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 20:56:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/10890968454/?random=1673729800530&cv=11&fst=1673726400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1445329851&rmt_tld=1&ipr=y

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/10890968454/?random=1673729800530&cv=11&fst=1673726400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1445329851&rmt_tld=1&ipr=y
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/10890968454/?random=1673729800530&cv=11&fst=1673726400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1445329851&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 20:56:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

getneuropure.com/vendor.js

104.16.12.194

200 OK

5.4 kB

URL HTTP/2
getneuropure.com/vendor.js
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text
Size
5.4 kB (5431 bytes)
Hash
f0fd2a1f169574ba46c8149e01c73379
3ada3cfc2552f80cb1d20cf14d9bd44f709805d4
860ef6c6491a81f4259b19c0f7743ccfe0f4b26325c03bd3be40127c8ce6bdae

HTTP Headers

GET /vendor.js HTTP/1.1
Host: getneuropure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/opt-out-np-1
Cookie: __cf_bm=S.blsVeRos2_mmhBBW7PIBPaColCIwPN0_eSaEsqoZ0-1673729798-0-ASuGuXbUHUJ/KewjvyFOIffm+3YrQv5L+8yBMRjlHt21J2i/fz0YsdW71OC1jyU+k7m0NNFEHCSb7nMikierbfzz47hTF+gHKCXhkRnr2/1O; _gcl_au=1.1.1851481178.1673729799; _ga_551J33Q7R1=GS1.1.1673729799.1.0.1673729799.60.0.0; _ga=GA1.1.1974498552.1673729799
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:39 GMT
content-type: application/javascript
cf-ray: 7899479069cab4f9-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: 6844caa3611f29b67c2e11e92c19926c
x-runtime: 0.030459
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4dc72ba06ace9ad5795c9de974b66afa
d56fbd77e052b69ce1eaf5e43d24596d162c45fa
f8986ca3bd2b5c850b42dc287b7ea42b02eb8dee4943344ade7a03946d6f7325

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e6c8f8a0e3ef850c66d344a842dfa3c3
c8475fa1d4d3d8ca3394272ade4c97c6bab3a286
58226f2841670d93086aa4dc60373f7770bfbcc11760cacd7691299b6c403efa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bat.bing.com/action/0?ti=134632104&tm=gtm002&Ver=2&mid=6e387257-536d-425e-bc4b-db08775717c2&sid=f1b53760944d11ed9cd87dc2112585d9&vid=f1b55350944d11edbd72030a0e5e1a7b&vids=1&msclkid=N&gtm_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Kachin%20Diabetes%20Opt-Out%20Page&kw=nodo,%20landing%20page,%20editor&p=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&r=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&lt=2325&evt=pageLoad&sv=1&rn=978090

13.107.21.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=134632104&tm=gtm002&Ver=2&mid=6e387257-536d-425e-bc4b-db08775717c2&sid=f1b53760944d11ed9cd87dc2112585d9&vid=f1b55350944d11edbd72030a0e5e1a7b&vids=1&msclkid=N&gtm_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Kachin%20Diabetes%20Opt-Out%20Page&kw=nodo,%20landing%20page,%20editor&p=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&r=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&lt=2325&evt=pageLoad&sv=1&rn=978090
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=134632104&tm=gtm002&Ver=2&mid=6e387257-536d-425e-bc4b-db08775717c2&sid=f1b53760944d11ed9cd87dc2112585d9&vid=f1b55350944d11edbd72030a0e5e1a7b&vids=1&msclkid=N&gtm_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Kachin%20Diabetes%20Opt-Out%20Page&kw=nodo,%20landing%20page,%20editor&p=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&r=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&lt=2325&evt=pageLoad&sv=1&rn=978090 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=029D3A745E7E6715285028ED5F8B662B; domain=.bing.com; expires=Thu, 08-Feb-2024 20:56:40 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 479AC3FA232E4C81872963629ADFA17D Ref B: OSL30EDGE0212 Ref C: 2023-01-14T20:56:40Z
date: Sat, 14 Jan 2023 20:56:40 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4dc72ba06ace9ad5795c9de974b66afa
d56fbd77e052b69ce1eaf5e43d24596d162c45fa
f8986ca3bd2b5c850b42dc287b7ea42b02eb8dee4943344ade7a03946d6f7325

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/1p-user-list/10890968454/?random=1673729799175&cv=11&fst=1673726400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=238178185&rmt_tld=0&ipr=y

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/10890968454/?random=1673729799175&cv=11&fst=1673726400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=238178185&rmt_tld=0&ipr=y
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/10890968454/?random=1673729799175&cv=11&fst=1673726400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=238178185&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 20:56:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/10890968454/?random=1673729800530&cv=11&fst=1673726400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1445329851&rmt_tld=0&ipr=y

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/10890968454/?random=1673729800530&cv=11&fst=1673726400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1445329851&rmt_tld=0&ipr=y
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/10890968454/?random=1673729800530&cv=11&fst=1673726400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&ref=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&tiba=Kachin%20Diabetes%20Opt-Out%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1445329851&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 20:56:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bat.bing.com/p/action/134632104.js

13.107.21.200

200 OK

1.4 kB

URL HTTP/2
bat.bing.com/p/action/134632104.js
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1447 bytes)
Hash
69466033d833589eb623d74bb9da3179
0f6135f7d1ba9d7cbada03b3deafaf6caf63b8d7
6a5bebc1d16be5ef0e7c880bd2109627009bdbb8c09492d6190f659dc1a52543

HTTP Headers

GET /p/action/134632104.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1447
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=3E765D53CD0A6D96378E4FCACCFF6C77; domain=.bing.com; expires=Thu, 08-Feb-2024 20:56:40 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A60241F55B754204B26ADE9372A9F488 Ref B: OSL30EDGE0212 Ref C: 2023-01-14T20:56:40Z
date: Sat, 14 Jan 2023 20:56:40 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ac0e204e812ce8905ac046581ff4e95
c0322d4ecff9356cca1a8e55d62e8d2f9540eca7
de65a926e0a1ce8b9724754564cef8e4bbe7709cef911e5dbd30db03211e6673

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
41208d9b89809f0a47d27e1bd4f6b25f
99a683ded7d02d876442066e5d10698c4342612e
654da389b47900d9f1a0cbed47971a234bc4ce23304393c97cddb0d867dd8cf3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5486
Cache-Control: max-age=151871
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:40 GMT
Etag: "63c2afd9-139"
Expires: Mon, 16 Jan 2023 15:07:51 GMT
Last-Modified: Sat, 14 Jan 2023 13:36:25 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313

dnacdn.net/dna

178.250.0.157

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:40 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=9glxJ180M0RITmhlJTJCZkMwOUJGQlhaMUN2czBlWEx3eVolMkZEczFKOERHWGQ3WlBuc2FOZkw1cndyc3dOZkRZU3BlemE1OQ; expires=Thu, 08 Feb 2024 20:56:40 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 404097
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
24ed8ab8a755ada6ed8c1c4f6106f027
1309cf9a8f179ea07cd275cc820664a77c103e15
0443130210f06576a9ce08b80ab9e43257d742890ca8b8915a69a36bdc169e0b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4741
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:40 GMT
Last-Modified: Sat, 14 Jan 2023 19:37:39 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
24ed8ab8a755ada6ed8c1c4f6106f027
1309cf9a8f179ea07cd275cc820664a77c103e15
0443130210f06576a9ce08b80ab9e43257d742890ca8b8915a69a36bdc169e0b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4803
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:40 GMT
Last-Modified: Sat, 14 Jan 2023 19:36:37 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313

tr.outbrain.com/cachedClickId?marketerId=undefined

70.42.32.255

200 OK

35 B

URL HTTP/1.1
tr.outbrain.com/cachedClickId?marketerId=undefined
IP
70.42.32.255:0
ASN
#22075 AS-OUTBRAIN

File type
ASCII text, with no line terminators
Size
35 B (35 bytes)
Hash
75c843c7b717e7b722777907475c67a3
983d1c9a05b315288039b9d4694ce3b402259240
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

HTTP Headers

GET /cachedClickId?marketerId=undefined HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 20:56:40 GMT
Content-Type: application/javascript
Content-Length: 35
X-TraceId: aee11e81d2b3a6200123635b17c7f89b

www.paypal.com/targeting/graphql

192.229.221.25

200 OK

289 B

URL HTTP/2
www.paypal.com/targeting/graphql
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
JSON data\012- , ASCII text, with very long lines (434)
Size
289 B (289 bytes)
Hash
861f0b6c14467537047bcca0f20618b6
9e103667d07750a8b6d7e33b25235c5e31f27523
fad167d509f405165f1a3259ca9e893e1773d4f2608238e702c8d40e7a99e74a

HTTP Headers

POST /targeting/graphql HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paypalobjects.com/
Content-Type: application/json
Origin: https://www.paypalobjects.com
Content-Length: 318
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-FARSGb8ubBX9RMPRNcmm7b5WTxv67NeQWT5KVnku26GyLCdz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-type: application/json; charset=utf-8
date: Sat, 14 Jan 2023 20:56:40 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"1b3-IUlMUB3WBNOY0S6HrvnZhfx3IkY"
paypal-debug-id: 0a26007a5230a
server: ECAcc (frc/4CAA)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Sun, 15 Jan 2023 05:42:36 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Sun, 14 Jan 2024 20:56:40 GMT; Secure
x-pp-s=eyJ0IjoiMTY3MzcyOTgwMDc3NSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=targetingnodeweb; Domain=.paypal.com; Path=/; Expires=Tue, 17 Jan 2023 20:56:40 GMT; HttpOnly; Secure; SameSite=None
nsid=s%3AEOr63WOMnIwoyeN9klzV27I22l68j_oQ.ABOd8%2Bu3kzVhyuYRQBbhB1uCd6KKEK0P57fvHKoTxr4; Path=/; HttpOnly; Secure
l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Sat, 14 Jan 2023 21:26:40 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1768424200%26vteXpYrS%3D1673731600%26vr%3Db211f9f11850ad04b914977cffe39411%26vt%3Db211f9f11850ad04b914977cffe39410%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Tue, 13 Jan 2026 20:56:40 GMT; HttpOnly; Secure
ts_c=vr%3Db211f9f11850ad04b914977cffe39411%26vt%3Db211f9f11850ad04b914977cffe39410; Path=/; Domain=paypal.com; Expires=Tue, 13 Jan 2026 20:56:40 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000a26007a5230a-ff5de0472faec6f3-01
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 289
X-Firefox-Spdy: h2

tr.outbrain.com/unifiedPixel?marketerId=00004e54d8d3829abd2f80200cca2553b5,00c0aca893dc335e41ac9e74b613e9884b&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&optOut=false&bust=014227588360494026&referrer=http%3A%2F%2Fbzdyuso.health-carereform.com%2F

70.42.32.255

200 OK

53 B

URL HTTP/1.1
tr.outbrain.com/unifiedPixel?marketerId=00004e54d8d3829abd2f80200cca2553b5,00c0aca893dc335e41ac9e74b613e9884b&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&optOut=false&bust=014227588360494026&referrer=http%3A%2F%2Fbzdyuso.health-carereform.com%2F
IP
70.42.32.255:0
ASN
#22075 AS-OUTBRAIN

File type
GIF image data, version 89a, 1 x 1\012- data
Size
53 B (53 bytes)
Hash
414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

HTTP Headers

GET /unifiedPixel?marketerId=00004e54d8d3829abd2f80200cca2553b5,00c0aca893dc335e41ac9e74b613e9884b&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&optOut=false&bust=014227588360494026&referrer=http%3A%2F%2Fbzdyuso.health-carereform.com%2F HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 20:56:40 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 4bec5875a9e80a5fe8a2522de3ae43b4

rp.liadm.com/j?dtstmp=1673729800624&aid=a-07go&se=e30&duid=9cffd4819687--01gps13y9h6ggw9q2samm53k45&tna=v2.5.5&pu=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&wpn=lc-bundle&refr=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&c=PHRpdGxlPkthY2hpbiBEaWFiZXRlcyBPcHQtT3V0IFBhZ2U8L3RpdGxlPjxtZXRhIGNsYXNzPSJtZXRhVGFnVG9wIiBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iS2FjaGluIERpYWJldGVzIE9wdC1PdXQgUGFnZSI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vZ2V0bmV1cm9wdXJlLmNvbS9vcHQtb3V0LW5wLTEiPg

3.222.5.8

302 Found

0 B

URL HTTP/2
rp.liadm.com/j?dtstmp=1673729800624&aid=a-07go&se=e30&duid=9cffd4819687--01gps13y9h6ggw9q2samm53k45&tna=v2.5.5&pu=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&wpn=lc-bundle&refr=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&c=PHRpdGxlPkthY2hpbiBEaWFiZXRlcyBPcHQtT3V0IFBhZ2U8L3RpdGxlPjxtZXRhIGNsYXNzPSJtZXRhVGFnVG9wIiBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iS2FjaGluIERpYWJldGVzIE9wdC1PdXQgUGFnZSI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vZ2V0bmV1cm9wdXJlLmNvbS9vcHQtb3V0LW5wLTEiPg
IP
3.222.5.8:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /j?dtstmp=1673729800624&aid=a-07go&se=e30&duid=9cffd4819687--01gps13y9h6ggw9q2samm53k45&tna=v2.5.5&pu=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&wpn=lc-bundle&refr=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&c=PHRpdGxlPkthY2hpbiBEaWFiZXRlcyBPcHQtT3V0IFBhZ2U8L3RpdGxlPjxtZXRhIGNsYXNzPSJtZXRhVGFnVG9wIiBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iS2FjaGluIERpYWJldGVzIE9wdC1PdXQgUGFnZSI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vZ2V0bmV1cm9wdXJlLmNvbS9vcHQtb3V0LW5wLTEiPg HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getneuropure.com
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 14 Jan 2023 20:56:40 GMT
content-length: 0
trace-id: abeb48899871f694
vary: Origin
location: /j?dtstmp=1673729800624&aid=a-07go&se=e30&duid=9cffd4819687--01gps13y9h6ggw9q2samm53k45&tna=v2.5.5&pu=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&wpn=lc-bundle&refr=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&c=PHRpdGxlPkthY2hpbiBEaWFiZXRlcyBPcHQtT3V0IFBhZ2U8L3RpdGxlPjxtZXRhIGNsYXNzPSJtZXRhVGFnVG9wIiBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iS2FjaGluIERpYWJldGVzIE9wdC1PdXQgUGFnZSI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vZ2V0bmV1cm9wdXJlLmNvbS9vcHQtb3V0LW5wLTEiPg&n3pc=true
set-cookie: lidid=3969c8c9-e820-4621-aca3-55a785524c9d; Max-Age=63072000; Expires=Mon, 13 Jan 2025 20:56:40 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://getneuropure.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2

js-agent.newrelic.com/552.2d6a2503-1220.js

151.101.194.137

200 OK

5.9 kB

URL HTTP/2
js-agent.newrelic.com/552.2d6a2503-1220.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (21423)
Size
5.9 kB (5890 bytes)
Hash
097ef34c5f5d635a147bca3721bd605b
3b31ef3cfb1d62d9884d631ec2467b9d6b0d46e2
3e05d4e42c1e87b516b525574b20d2570dccc50d1bd1b2956d6421699aa19914

HTTP Headers

GET /552.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: j+ws9dkIM4h+vTUPASZooAxBAQFaXWhONglROo/3xtmHWh9hoOBQdoLqpKfya5d1PQc6MXVhzn8=
x-amz-request-id: 33WBYEVGYWS4Q8Y4
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 14 Jan 2023 20:56:40 GMT
via: 1.1 varnish
x-served-by: cache-bma1656-BMA
x-cache: HIT
x-cache-hits: 434
x-timer: S1673729801.939248,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2

getneuropure.com/cdn-cgi/rum?

104.16.12.194

204 No Content

0 B

URL HTTP/2
getneuropure.com/cdn-cgi/rum?
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: getneuropure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 20937
Origin: https://getneuropure.com
Connection: keep-alive
Referer: https://getneuropure.com/opt-out-np-1
Cookie: __cf_bm=S.blsVeRos2_mmhBBW7PIBPaColCIwPN0_eSaEsqoZ0-1673729798-0-ASuGuXbUHUJ/KewjvyFOIffm+3YrQv5L+8yBMRjlHt21J2i/fz0YsdW71OC1jyU+k7m0NNFEHCSb7nMikierbfzz47hTF+gHKCXhkRnr2/1O; _gcl_au=1.1.1851481178.1673729799; _ga_551J33Q7R1=GS1.1.1673729799.1.0.1673729799.60.0.0; _ga=GA1.1.1974498552.1673729799; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTAxNDM2MDY=:visited=true; cf:visitor_id=956f1b4d-13ab-44fc-be31-fc18ef7c4d51; addevent_track_cookie=f8f0deec-ba7c-49bb-d34c-737bb3fdfea7; _li_dcdm_c=.getneuropure.com; _lc2_fpi=9cffd4819687--01gps13y9h6ggw9q2samm53k45; _uetsid=f1b53760944d11ed9cd87dc2112585d9; _uetvid=f1b55350944d11edbd72030a0e5e1a7b; _clck=1qmbdit|1|f89|0; outbrain_cid_fetch=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
date: Sat, 14 Jan 2023 20:56:41 GMT
access-control-allow-origin: https://getneuropure.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 789947988cfcb4f9-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

js-agent.newrelic.com/290.2d6a2503-1220.js

151.101.194.137

200 OK

3.4 kB

URL HTTP/2
js-agent.newrelic.com/290.2d6a2503-1220.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (8544)
Size
3.4 kB (3424 bytes)
Hash
b9baa2cb6a3b1a3d0fda03cd7db51631
42d37467e05182e3cab2fcb54577dc462adcf50b
31a8b4d47298cae24c66e37256a51474ae88a745fdfec79f99b2d43608e6d822

HTTP Headers

GET /290.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: hKdDHgHyERBg1nUGQlyZVgUR+RqUX7PryywrU9G+mKoJKN1D85k7Mhb42+NXxhAJFG3KEoBf8sE=
x-amz-request-id: 33WFY1GSQ3JZBFGM
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 14 Jan 2023 20:56:41 GMT
via: 1.1 varnish
x-served-by: cache-bma1656-BMA
x-cache: HIT
x-cache-hits: 425
x-timer: S1673729801.090750,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3424
X-Firefox-Spdy: h2

js-agent.newrelic.com/768.2d6a2503-1220.js

151.101.194.137

200 OK

2.2 kB

URL HTTP/2
js-agent.newrelic.com/768.2d6a2503-1220.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (5523)
Size
2.2 kB (2225 bytes)
Hash
98a96a3306b7723c0b8c4bff074cdd9f
e9070da7daa34fa2d8ac2e4ec00e3c499ea37516
a6079d50fa4c72b521fd865e67be080b5b21c336a71dbf7a1800a12ad42384f7

HTTP Headers

GET /768.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: LKNOIS6KmUy5huHEMF/CcFDhdHu/sYHjfkVSDv/Qd6ObG2fqz1GfTEdKLjkviCgj2G0S+/ErDcY=
x-amz-request-id: 33W599GS0X3J6D98
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "d6cc8b42eda6fd7734014b03b87b5787"
x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 14 Jan 2023 20:56:41 GMT
via: 1.1 varnish
x-served-by: cache-bma1656-BMA
x-cache: HIT
x-cache-hits: 427
x-timer: S1673729801.090945,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2225
X-Firefox-Spdy: h2

www.clickfunnels.com/images/closemodal.png

172.64.148.75

301 Moved Permanently

1.4 kB

URL HTTP/2
www.clickfunnels.com/images/closemodal.png
IP
172.64.148.75:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
1.4 kB (1443 bytes)
Hash
fa50a55750d1d0978fca32be5dbc3988
a7f447621d48b3ecf7fc0192b515d506d3d1ad18
c621038fb07e536af8a1ec6d260853dfe69055dc2fb526700919c53b3b7e5f20

HTTP Headers

GET /images/closemodal.png HTTP/1.1
Host: www.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Sat, 14 Jan 2023 20:56:39 GMT
location: https://classic.clickfunnels.com/images/closemodal.png
cache-control: max-age=3600
expires: Sat, 14 Jan 2023 21:56:39 GMT
set-cookie: __cf_bm=ObjCrHvV37ChVz1zPXdrXvsNKukET7cm2uWq3MB5dDc-1673729799-0-AaKD814OEVZMyWezqfqUMHAUteUmXdrQm2M8iMizzD6rd+yAYKQiqCl6QPPRkutIOQIcXvhwjqFYg33l45cP5lY=; path=/; expires=Sat, 14-Jan-23 21:26:39 GMT; domain=.www.clickfunnels.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7899478f7879b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

js-agent.newrelic.com/775.2d6a2503-1220.js

151.101.194.137

200 OK

632 B

URL HTTP/2
js-agent.newrelic.com/775.2d6a2503-1220.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (1169)
Size
632 B (632 bytes)
Hash
661520fd0dfebb919d68a69b60ca426f
b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7

HTTP Headers

GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: I1vsI/pE/c3hEsq91esc6lPX2zw/LBwa6Rk8BDDvsaxpa1r+yHM2bEzBqRAknYtryW1lHxmEih0=
x-amz-request-id: 33WD7C1PEQBHPBA5
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 14 Jan 2023 20:56:41 GMT
via: 1.1 varnish
x-served-by: cache-bma1656-BMA
x-cache: HIT
x-cache-hits: 428
x-timer: S1673729801.091029,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a610c6e51ee961edf7c34eb0f33a549e
1982532c1f2df05c5a46183ea80ea722005cabe0
5c9e7fcfc6df3915157d836bda023d9831b8b49d8cc360627e571e0ad9afbc8c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4909
Cache-Control: max-age=96979
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 20:56:41 GMT
Etag: "63c1dbaf-1d7"
Expires: Sun, 15 Jan 2023 23:53:00 GMT
Last-Modified: Fri, 13 Jan 2023 22:31:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

bat.bing.com/actionp/0?ti=134632104&tm=gtm002&Ver=2&mid=6e387257-536d-425e-bc4b-db08775717c2&sid=f1b53760944d11ed9cd87dc2112585d9&vid=f1b55350944d11edbd72030a0e5e1a7b&vids=1&msclkid=N&evt=dedup

13.107.21.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/actionp/0?ti=134632104&tm=gtm002&Ver=2&mid=6e387257-536d-425e-bc4b-db08775717c2&sid=f1b53760944d11ed9cd87dc2112585d9&vid=f1b55350944d11edbd72030a0e5e1a7b&vids=1&msclkid=N&evt=dedup
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /actionp/0?ti=134632104&tm=gtm002&Ver=2&mid=6e387257-536d-425e-bc4b-db08775717c2&sid=f1b53760944d11ed9cd87dc2112585d9&vid=f1b55350944d11edbd72030a0e5e1a7b&vids=1&msclkid=N&evt=dedup HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getneuropure.com
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2B93DAFF000A643B03C7C86601FF6565; domain=.bing.com; expires=Thu, 08-Feb-2024 20:56:41 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 80FF91DF330E4BA9ADC756ACF8E725DE Ref B: OSL30EDGE0212 Ref C: 2023-01-14T20:56:41Z
date: Sat, 14 Jan 2023 20:56:40 GMT
X-Firefox-Spdy: h2

3.222.5.8

200 OK

13 B

URL HTTP/2
rp.liadm.com/j?dtstmp=1673729800624&aid=a-07go&se=e30&duid=9cffd4819687--01gps13y9h6ggw9q2samm53k45&tna=v2.5.5&pu=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&wpn=lc-bundle&refr=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&c=PHRpdGxlPkthY2hpbiBEaWFiZXRlcyBPcHQtT3V0IFBhZ2U8L3RpdGxlPjxtZXRhIGNsYXNzPSJtZXRhVGFnVG9wIiBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iS2FjaGluIERpYWJldGVzIE9wdC1PdXQgUGFnZSI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vZ2V0bmV1cm9wdXJlLmNvbS9vcHQtb3V0LW5wLTEiPg&n3pc=true
IP
3.222.5.8:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
13 B (13 bytes)
Hash
97efe0b7ee61e154d57e80758bb797d8
810b4e115fe9f5ae697666febf2a9abf0b21c9ec
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

HTTP Headers

GET /j?dtstmp=1673729800624&aid=a-07go&se=e30&duid=9cffd4819687--01gps13y9h6ggw9q2samm53k45&tna=v2.5.5&pu=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1&wpn=lc-bundle&refr=http%3A%2F%2Fbzdyuso.health-carereform.com%2F&c=PHRpdGxlPkthY2hpbiBEaWFiZXRlcyBPcHQtT3V0IFBhZ2U8L3RpdGxlPjxtZXRhIGNsYXNzPSJtZXRhVGFnVG9wIiBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iS2FjaGluIERpYWJldGVzIE9wdC1PdXQgUGFnZSI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vZ2V0bmV1cm9wdXJlLmNvbS9vcHQtb3V0LW5wLTEiPg&n3pc=true HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getneuropure.com
Referer: https://getneuropure.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:41 GMT
content-type: application/json
content-length: 13
trace-id: e1a1da363e2119b6
vary: Origin
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: 60d55ad0-4263-4bd2-b32f-64218faf0a11
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://getneuropure.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2

ag.gbc.criteo.com/newidsd

178.250.6.162

200 OK

125 B

URL HTTP/2
ag.gbc.criteo.com/newidsd
IP
178.250.6.162:0
ASN
#44788 Criteo SA

File type
data
Size
125 B (125 bytes)
Hash
e6e46297c308ba5e40e99b2aac7c15fc
254eb915466d63bca09c34eb46c70e70d9e42be9
1628ac04da5d23b51de4190ea175bc14a0b1493e005bfe17b91ff614db113c57

HTTP Headers

GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:40 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 95995
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 633
Origin: https://getneuropure.com
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://getneuropure.com
access-control-allow-credentials: true
date: Sat, 14 Jan 2023 20:56:40 GMT
X-Firefox-Spdy: h2

c.bing.com/c.gif?CtsSyncId=906ADD795C2D4E328CC9E442DB6D4A29&RedC=c.clarity.ms&MXFR=01B35C4A3AE968D220234ED33EE966F7

13.107.21.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?CtsSyncId=906ADD795C2D4E328CC9E442DB6D4A29&RedC=c.clarity.ms&MXFR=01B35C4A3AE968D220234ED33EE966F7
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?CtsSyncId=906ADD795C2D4E328CC9E442DB6D4A29&RedC=c.clarity.ms&MXFR=01B35C4A3AE968D220234ED33EE966F7 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getneuropure.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=906ADD795C2D4E328CC9E442DB6D4A29&MUID=2A969C01198760FD23E58E9818726185
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=2A969C01198760FD23E58E9818726185; domain=c.bing.com; expires=Thu, 08-Feb-2024 20:56:41 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D551D32797CE4CE48CDBB29BC705FA7F Ref B: OSL30EDGE0212 Ref C: 2023-01-14T20:56:41Z
date: Sat, 14 Jan 2023 20:56:40 GMT
content-length: 0
X-Firefox-Spdy: h2

bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3617&ck=0&s=8cc3cc6592737187&ref=https://getneuropure.com/opt-out-np-1&ap=320&be=1138&fe=2210&dc=1091&perf=%7B%22timing%22:%7B%22of%22:1673729797688,%22n%22:0,%22f%22:895,%22dn%22:895,%22dne%22:895,%22c%22:895,%22s%22:895,%22ce%22:895,%22rq%22:897,%22rp%22:1108,%22rpe%22:1110,%22dl%22:1118,%22di%22:2207,%22ds%22:2227,%22de%22:2325,%22dc%22:3348,%22l%22:3348,%22le%22:3465%7D,%22navigation%22:%7B%22ty%22:255%7D%7D&fcp=1712&jsonp=NREUM.setToken

162.247.241.14

200 OK

72 B

URL HTTP/1.1
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3617&ck=0&s=8cc3cc6592737187&ref=https://getneuropure.com/opt-out-np-1&ap=320&be=1138&fe=2210&dc=1091&perf=%7B%22timing%22:%7B%22of%22:1673729797688,%22n%22:0,%22f%22:895,%22dn%22:895,%22dne%22:895,%22c%22:895,%22s%22:895,%22ce%22:895,%22rq%22:897,%22rp%22:1108,%22rpe%22:1110,%22dl%22:1118,%22di%22:2207,%22ds%22:2227,%22de%22:2325,%22dc%22:3348,%22l%22:3348,%22le%22:3465%7D,%22navigation%22:%7B%22ty%22:255%7D%7D&fcp=1712&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
72 B (72 bytes)
Hash
107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937

HTTP Headers

GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3617&ck=0&s=8cc3cc6592737187&ref=https://getneuropure.com/opt-out-np-1&ap=320&be=1138&fe=2210&dc=1091&perf=%7B%22timing%22:%7B%22of%22:1673729797688,%22n%22:0,%22f%22:895,%22dn%22:895,%22dne%22:895,%22c%22:895,%22s%22:895,%22ce%22:895,%22rq%22:897,%22rp%22:1108,%22rpe%22:1110,%22dl%22:1118,%22di%22:2207,%22ds%22:2227,%22de%22:2325,%22dc%22:3348,%22l%22:3348,%22le%22:3465%7D,%22navigation%22:%7B%22ty%22:255%7D%7D&fcp=1712&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 20:56:41 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 789947998ffefac4-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

c.clarity.ms/c.gif?CtsSyncId=906ADD795C2D4E328CC9E442DB6D4A29&MUID=2A969C01198760FD23E58E9818726185

20.234.93.27

200 OK

42 B

URL HTTP/2
c.clarity.ms/c.gif?CtsSyncId=906ADD795C2D4E328CC9E442DB6D4A29&MUID=2A969C01198760FD23E58E9818726185
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?CtsSyncId=906ADD795C2D4E328CC9E442DB6D4A29&MUID=2A969C01198760FD23E58E9818726185 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getneuropure.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 05 Jan 2023 17:40:42 GMT
accept-ranges: bytes
etag: "d59a6ed52c21d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sat, 14-Jan-2023 21:06:41 GMT; path=/; SameSite=None; Secure;
date: Sat, 14 Jan 2023 20:56:40 GMT
content-length: 42
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 28924
Origin: https://getneuropure.com
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://getneuropure.com
access-control-allow-credentials: true
date: Sat, 14 Jan 2023 20:56:40 GMT
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.9.0/css/v4-shims.css

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:38 GMT
content-type: text/css
x-amz-id-2: WpVlr9E4LNAdFsXi6U7ITEvBAF0od/nY8z13ckAJA/I/wFoGHyoSwlXOyhWr8pqbj6dB1MeQp5k=
x-amz-request-id: CN86A7VHSM61Q680
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 30901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GO5x9XAlv5H8h4FkfSH4xUM7Lk9ztqg6Mxl4MN6BvJ1HCf%2FMcUAw7zElePC2GSwj5a9lt6vWr0NAjSp1WeDq2Y8e8cP%2F1H8iegeY7u7%2BMQM3iEmqj5OmDaRLbAdqTwtfb4oOd%2FI4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7899478ab9200726-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.clarity.ms/tag/uet/134632104

13.107.238.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/tag/uet/134632104
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/uet/134632104 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=6c18955768c94717a357d864317e0540.20230114.20240114; expires=Sun, 14 Jan 2024 20:56:40 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-cache: CONFIG_NOCACHE
x-azure-ref: 0CBfDYwAAAAC85kvprekmT5XcnI6Cah5QQ1BIMzBFREdFMDQxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 14 Jan 2023 20:56:40 GMT
X-Firefox-Spdy: h2

www.clarity.ms/eus2/s/0.7.1/clarity.js

13.107.238.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/eus2/s/0.7.1/clarity.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /eus2/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9162aa06b059e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0TgbCYwAAAAA20j9a1t17QpEp+WYUv8vxQU1TMDRFREdFMTgxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0CBfDYwAAAABxHyfo/YneTZRnesI0x3KaQ1BIMzBFREdFMDQxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 14 Jan 2023 20:56:40 GMT
X-Firefox-Spdy: h2

gem.gbc.criteo.com/newidsd

178.250.6.159

200 OK

0 B

URL HTTP/2
gem.gbc.criteo.com/newidsd
IP
178.250.6.159:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:39 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 121373
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

dnacdn.net/dna

178.250.0.157

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=9glxJ180M0RITmhlJTJCZkMwOUJGQlhaMUN2czBlWEx3eVolMkZEczFKOERHWGQ3WlBuc2FOZkw1cndyc3dOZkRZU3BlemE1OQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:40 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=raH_jl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBlWEx3eVolMkZEczFKOERHWGQ3WlBuc3V4WWRHVDdhJTJGdVhMaUhmJTJGSlFUSU8; expires=Thu, 08 Feb 2024 20:56:41 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 275482
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

getneuropure.com/opt-out-np

104.16.12.194

302 Found

0 B

URL HTTP/2
getneuropure.com/opt-out-np
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /opt-out-np HTTP/1.1
Host: getneuropure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bzdyuso.health-carereform.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 14 Jan 2023 20:56:38 GMT
content-type: text/html; charset=utf-8
location: https://getneuropure.com/opt-out-np-1
cf-ray: 789947869e17b4f9-OSL
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 302 Found
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 6ca9651d17aba46600af970e3a752148
x-runtime: 0.116056
set-cookie: __cf_bm=S.blsVeRos2_mmhBBW7PIBPaColCIwPN0_eSaEsqoZ0-1673729798-0-ASuGuXbUHUJ/KewjvyFOIffm+3YrQv5L+8yBMRjlHt21J2i/fz0YsdW71OC1jyU+k7m0NNFEHCSb7nMikierbfzz47hTF+gHKCXhkRnr2/1O; path=/; expires=Sat, 14-Jan-23 21:26:38 GMT; domain=.getneuropure.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

gum.criteo.com/syncframe?topUrl=getneuropure.com&origin=onetag

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/syncframe?topUrl=getneuropure.com&origin=onetag
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /syncframe?topUrl=getneuropure.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:39 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=fa897379-f733-4fbf-95f9-cd5a5be78e32; expires=Thu, 08 Feb 2024 20:56:39 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 716204
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

app.clickfunnels.com/mailcheck.min.js

104.16.13.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/mailcheck.min.js
IP
104.16.13.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:38 GMT
content-type: application/x-javascript
cf-ray: 7899478a9b221c0a-OSL
access-control-allow-origin: *
age: 2006
etag: W/"63bc4244-a8d"
last-modified: Mon, 09 Jan 2023 16:35:16 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=DhKhWklzTDkSzVanfRZrrsFYf2HstN9i_VuHDdTYQDA-1673729798-0-ASB8bqwD88SmAfPGXNRzyKHyZ9B+O56HAO3ryicxPCOKop+lVQ/oIHrYbzidcf6Wi3U0jKG3O6RU7i+fsY8cuCrgGdhHVXaAMfdkJ7epHw0E; path=/; expires=Sat, 14-Jan-23 21:26:38 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

gum.criteo.com/sid/json?origin=onetag&domain=getneuropure.com&sn=FirefoxSyncframe&so=0&topUrl=getneuropure.com&info=raH_jl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBlWEx3eVolMkZEczFKOERHWGQ3WlBuc3V4WWRHVDdhJTJGdVhMaUhmJTJGSlFUSU8&idsd=288348345,1278227866&cw=1&lsw=1

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sid/json?origin=onetag&domain=getneuropure.com&sn=FirefoxSyncframe&so=0&topUrl=getneuropure.com&info=raH_jl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBlWEx3eVolMkZEczFKOERHWGQ3WlBuc3V4WWRHVDdhJTJGdVhMaUhmJTJGSlFUSU8&idsd=288348345,1278227866&cw=1&lsw=1
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sid/json?origin=onetag&domain=getneuropure.com&sn=FirefoxSyncframe&so=0&topUrl=getneuropure.com&info=raH_jl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBlWEx3eVolMkZEczFKOERHWGQ3WlBuc3V4WWRHVDdhJTJGdVhMaUhmJTJGSlFUSU8&idsd=288348345,1278227866&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=getneuropure.com&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:40 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1335133
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=bHhEWVB4Nm5JUGJiYjR6bzlEYnRmdz09LS1PMUhGYmdHMElrNHc0a1hodVVxSkJBPT0%3D--846254693e0c5c626f70360fdf846f5ad8a4b839&page_id=d2h2SExkcTdpbG1xaHpTV1FUZzl1Zz09LS1aYU00d1FYMTRrZnVlMWtpZWZWQS9nPT0%3D--0c1a9f3cf5e4cc8c9b82430899b43ab0f96f5ddb&funnel_step_id=cmRNOE1McHNURVFzQXMzWjVuNysyUT09LS0wRXZLYWRSd1N2Y2FyYm91TzVleUhnPT0%3D--0cfe3ba528cf3af16772ff1eb55b5708458d019a&user_id=em5wYk43NnhRYTlvZkU0MXdvTFlFQT09LS1ra1NCaHpJZDZhckRsMzdISHpGVGlBPT0%3D--b3cd29e912b259523a5f8796de5bc202917beaa0&account_id=RlNGbnhVeXpuamhUMDRtZi9YQmp2UT09LS1iZU92cXQ3WDhqeUpLMjRkbGE1WHZnPT0%3D--b08ce0dd10c1ff17d5e611f33cd46c5168fe09e9&page_code=NTAxNDM2MDY%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1152&type=Userevents::UniquePageviewsCreatedSummary&nonce=bf3bd31c-dbfe-46dd-bb81-5f789dc4c8ab&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1

104.16.13.194

202 Accepted

0 B

URL HTTP/2
app.clickfunnels.com/userevents/?funnel_id=bHhEWVB4Nm5JUGJiYjR6bzlEYnRmdz09LS1PMUhGYmdHMElrNHc0a1hodVVxSkJBPT0%3D--846254693e0c5c626f70360fdf846f5ad8a4b839&page_id=d2h2SExkcTdpbG1xaHpTV1FUZzl1Zz09LS1aYU00d1FYMTRrZnVlMWtpZWZWQS9nPT0%3D--0c1a9f3cf5e4cc8c9b82430899b43ab0f96f5ddb&funnel_step_id=cmRNOE1McHNURVFzQXMzWjVuNysyUT09LS0wRXZLYWRSd1N2Y2FyYm91TzVleUhnPT0%3D--0cfe3ba528cf3af16772ff1eb55b5708458d019a&user_id=em5wYk43NnhRYTlvZkU0MXdvTFlFQT09LS1ra1NCaHpJZDZhckRsMzdISHpGVGlBPT0%3D--b3cd29e912b259523a5f8796de5bc202917beaa0&account_id=RlNGbnhVeXpuamhUMDRtZi9YQmp2UT09LS1iZU92cXQ3WDhqeUpLMjRkbGE1WHZnPT0%3D--b08ce0dd10c1ff17d5e611f33cd46c5168fe09e9&page_code=NTAxNDM2MDY%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1152&type=Userevents::UniquePageviewsCreatedSummary&nonce=bf3bd31c-dbfe-46dd-bb81-5f789dc4c8ab&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1
IP
104.16.13.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /userevents/?funnel_id=bHhEWVB4Nm5JUGJiYjR6bzlEYnRmdz09LS1PMUhGYmdHMElrNHc0a1hodVVxSkJBPT0%3D--846254693e0c5c626f70360fdf846f5ad8a4b839&page_id=d2h2SExkcTdpbG1xaHpTV1FUZzl1Zz09LS1aYU00d1FYMTRrZnVlMWtpZWZWQS9nPT0%3D--0c1a9f3cf5e4cc8c9b82430899b43ab0f96f5ddb&funnel_step_id=cmRNOE1McHNURVFzQXMzWjVuNysyUT09LS0wRXZLYWRSd1N2Y2FyYm91TzVleUhnPT0%3D--0cfe3ba528cf3af16772ff1eb55b5708458d019a&user_id=em5wYk43NnhRYTlvZkU0MXdvTFlFQT09LS1ra1NCaHpJZDZhckRsMzdISHpGVGlBPT0%3D--b3cd29e912b259523a5f8796de5bc202917beaa0&account_id=RlNGbnhVeXpuamhUMDRtZi9YQmp2UT09LS1iZU92cXQ3WDhqeUpLMjRkbGE1WHZnPT0%3D--b08ce0dd10c1ff17d5e611f33cd46c5168fe09e9&page_code=NTAxNDM2MDY%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1152&type=Userevents::UniquePageviewsCreatedSummary&nonce=bf3bd31c-dbfe-46dd-bb81-5f789dc4c8ab&url=https%3A%2F%2Fgetneuropure.com%2Fopt-out-np-1 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getneuropure.com
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Sat, 14 Jan 2023 20:56:39 GMT
content-type: text/html
cf-ray: 7899479099391c0a-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 1ca5fb67b94a343c324447e23110dd31
x-runtime: 0.050257
set-cookie: __cf_bm=TJ37Rcro0grvv1PMKH7whavdNzimmAdW8vx7OhKshjg-1673729799-0-Aacpt0pHTYHxgNL1HbVIS7uQxeAVVt6dpzmO8fkr3A2NTOpw2BJJQ/XKXDU4IMkrlEbgaFsG25WhDVw8eebWEmKPhrJ33eBwHbcXxWjS3T84; path=/; expires=Sat, 14-Jan-23 21:26:39 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

getneuropure.com/assets/lander.js

104.16.12.194

200 OK

0 B

URL HTTP/2
getneuropure.com/assets/lander.js
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/lander.js HTTP/1.1
Host: getneuropure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/opt-out-np-1
Cookie: __cf_bm=S.blsVeRos2_mmhBBW7PIBPaColCIwPN0_eSaEsqoZ0-1673729798-0-ASuGuXbUHUJ/KewjvyFOIffm+3YrQv5L+8yBMRjlHt21J2i/fz0YsdW71OC1jyU+k7m0NNFEHCSb7nMikierbfzz47hTF+gHKCXhkRnr2/1O
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:38 GMT
content-type: application/x-javascript
cf-ray: 7899478a0a5fb4f9-OSL
access-control-allow-origin: *
age: 497
cache-control: public, max-age=1200
etag: W/"63bc4289-2391a3"
expires: Sat, 14 Jan 2023 21:16:38 GMT
last-modified: Mon, 09 Jan 2023 16:36:25 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.9.0/css/all.css

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.9.0/css/all.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:38 GMT
content-type: text/css
x-amz-id-2: cIB7RJR8YNkOt3c5odVNIsPWGanLxokh1zS2YvTVv7QSgKdKXNOroM5eyN2MvPjoE855Z9I1sPM=
x-amz-request-id: BCPBKD6BGPB27GGJ
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1583088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8mz9KyVECkX9qxB%2FxUNtJ9fDkyoTIIqzt3ZhZjqT%2FQgP9vRfRijvJKmzJsrjLqPg%2F0OgWsqUyYBJesGvHCXw6SNpvCOUTmG1b9bcBfLasMwRKQAk7BxmSiC%2BaPcRgO1O%2BqdnZHn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7899478a89070726-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 14 Jan 2023 20:56:38 GMT
date: Sat, 14 Jan 2023 20:56:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.clarity.ms/tag/8kie2pvajy?ref=gtm2

13.107.238.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/tag/8kie2pvajy?ref=gtm2
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/8kie2pvajy?ref=gtm2 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=13bda66917a8497196072ad5699c960d.20230114.20240114; expires=Sun, 14 Jan 2024 20:56:40 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
x-cache: CONFIG_NOCACHE
x-azure-ref: 0CBfDYwAAAADzp+M9/qQ7SLeueoTTePz8Q1BIMzBFREdFMDQxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 14 Jan 2023 20:56:40 GMT
X-Firefox-Spdy: h2

getneuropure.com/assets/userevents/application.js

104.16.12.194

200 OK

0 B

URL HTTP/2
getneuropure.com/assets/userevents/application.js
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/userevents/application.js HTTP/1.1
Host: getneuropure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getneuropure.com/opt-out-np-1
Cookie: __cf_bm=S.blsVeRos2_mmhBBW7PIBPaColCIwPN0_eSaEsqoZ0-1673729798-0-ASuGuXbUHUJ/KewjvyFOIffm+3YrQv5L+8yBMRjlHt21J2i/fz0YsdW71OC1jyU+k7m0NNFEHCSb7nMikierbfzz47hTF+gHKCXhkRnr2/1O
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Jan 2023 20:56:38 GMT
content-type: application/x-javascript
cf-ray: 78994789fa4ab4f9-OSL
access-control-allow-origin: *
age: 520
cache-control: public, max-age=1200
etag: W/"63bc4244-147c"
expires: Sat, 14 Jan 2023 21:16:38 GMT
last-modified: Mon, 09 Jan 2023 16:35:16 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (59)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML