Report - split.to/lanta

Report Overview

Submitted URL
split.to/lanta
IP
104.21.19.163
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-08 04:52:01
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	326 B	728 B	23.36.76.226
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	11 kB	104.17.24.14
analytics-ingress-global.bitmovin.com	47119	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	1.9 kB	35.190.27.197
seal-boise.bbb.org	116015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	4.8 kB	82.102.27.18
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	68 kB	34.120.237.76
cbtb.clickbank.net	103233	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360 B	1.5 kB	52.33.226.99
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.0 kB	142.250.74.10
go.maxweb.com	389866	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	517 B	566 B	172.66.43.113
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
hop.clickbank.net	71951	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	629 B	54.191.125.20
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	964 B	18 kB	142.250.74.163
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.9 kB	143.204.42.158
stats.vidalytics.com	153185	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	1.9 kB	34.107.158.93
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	4.6 kB	192.124.249.23
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.191.251.76
analytics.tiktok.com	1182	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	73 kB	104.84.152.241
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
prod.cbstatic.net	108120	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	9.9 kB	143.204.55.111
licensing.bitmovin.com	19299	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	918 B	1.2 kB	35.227.229.24
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	104.18.32.68
split.to	543598	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	764 B	1.6 kB	172.67.186.247
flatbellyshake.com	500493	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	19 kB	2.9 MB	172.66.43.176
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
fast.vidalytics.com	218005	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.4 kB	1.1 MB	192.229.220.49

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-08	medium	split.to/lanta	Phishing
2022-09-08	medium	split.to/lanta	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	analytics.tiktok.com/i18n/pixel/identify.js	117 kB	2023-03-07	2024-01-08
Pretty URL analytics.tiktok.com/i18n/pixel/identify.js IP 104.84.152.241 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:47 Last Seen2024-01-08 01:34:59 Times Seen8 Hash 8cc3a5ef0c6328c374cfedc8f908c973 7a509c434a7538c527dc10cd1145f126d5a855ed b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0 Loading...

	flatbellyshake.com/js/bootstrap.js	37 kB	2023-03-07	2024-05-10
Pretty URL flatbellyshake.com/js/bootstrap.js IP 172.66.43.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:27 Last Seen2024-05-10 12:17:19 Times Seen980 Hash fb0e635db142b1b9fce20fe2370ec6cc c5c481ca5a263031d938f6c12abd2fe5fb4b6a83 5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459 Loading...

	flatbellyshake.com/discovery?hop=mamaia	917 B	2023-03-07	2023-03-07
Pretty URL flatbellyshake.com/discovery?hop=mamaia IP 172.66.43.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:55 Last Seen2023-03-07 13:48:55 Times Seen1 Hash b0b96fe4575002cd99f4875d2b895014 a5ea434f74693863f157c0ca1fda2c710451a8f3 31da5dee10cff6cd99fe5fba04a8d0b542bf07776bf65c5db6945c01d365e19e Loading...

	flatbellyshake.com/discovery?hop=mamaia	2.0 MB	2023-03-07	2023-03-07
Pretty URL flatbellyshake.com/discovery?hop=mamaia IP 172.66.43.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:55 Last Seen2023-03-07 13:48:55 Times Seen1 Hash 3294bb14e4ca1b0623b4468827a9ece1 521866c7f200512b9afceb8fa3df1039fe976fd8 633bb34ee56933e1ead986d3da601ca84ece66d94196e47829f9566d91ae94de Loading...

	flatbellyshake.com/discovery?hop=mamaia	293 B	2023-03-07	2023-03-07
Pretty URL flatbellyshake.com/discovery?hop=mamaia IP 172.66.43.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:55 Last Seen2023-03-07 13:48:55 Times Seen1 Hash b3090f984332e8f9fae33ede31bd2dfa 45f5c049da9eed2a274ff018254207a9869e09d5 0c8df82db3199b7a9426b350686d6eb0c2b804cae0444d564a34bfc689bdf363 Loading...

	flatbellyshake.com/discovery?hop=mamaia	2.4 kB	2023-03-07	2023-09-16
Pretty URL flatbellyshake.com/discovery?hop=mamaia IP 172.66.43.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:55 Last Seen2023-09-16 14:50:49 Times Seen16 Hash fc9e616aa042f6884a2b56729f0e5333 c0c030e861fcf7481da16314f0bb875764d659b0 28b57009d5b9171f19bb30dc5f74697a493452f2f1875b4cc50136e6002f5f22 Loading...

	cbtb.clickbank.net/?vendor=fbshake	936 B	2023-03-07	2024-02-29
Pretty URL cbtb.clickbank.net/?vendor=fbshake IP 52.33.226.99 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:47 Last Seen2024-02-29 04:29:12 Times Seen288 Hash 6c0b964b273d662f25b84cd29e51b607 6bef26208ee6a1d7105720e5cc54f273868630a9 a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c Loading...

	flatbellyshake.com/discovery?hop=mamaia	1.4 kB	2023-03-07	2023-03-07
Pretty URL flatbellyshake.com/discovery?hop=mamaia IP 172.66.43.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:55 Last Seen2023-03-07 13:48:55 Times Seen1 Hash 1f5a121a326bfad16a235a8e936a2424 3db4cf0b7bda274c89ea065f5c74d0b89c344618 4422020241e358a4a189ac6c4558f0408075789c646bc842cd8bee55bcf73588 Loading...

	flatbellyshake.com/discovery/js/scripts.min.js	15 kB	2023-03-07	2024-01-22
Pretty URL flatbellyshake.com/discovery/js/scripts.min.js IP 172.66.43.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:24 Last Seen2024-01-22 09:47:46 Times Seen88 Hash b0deb2b2ca80fca9394672f31fe78b01 f0b3c0ce8a461c805833df93f17223229de014d2 c9f3260d8a884f093404d4d4480fbaf9009c16d21ff2e15caf32b7cd1b89023c Loading...

	flatbellyshake.com/discovery?hop=mamaia	2.0 MB	2023-03-07	2023-03-07
Pretty URL flatbellyshake.com/discovery?hop=mamaia IP 172.66.43.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:55 Last Seen2023-03-07 13:48:55 Times Seen1 Hash aec934fe46af335e979cc0411d6c0542 391c732c7a206cba88ad7e0b258b9849af0a48d9 105e3273c8336928e20a2010e22f8311977d830c9ffbc415cabe0f1a657d38b6 Loading...

	analytics.tiktok.com/i18n/pixel/config.js?sdkid=CBUEFNBC77U1OJP1HD90&hostname=go.maxweb.com	60 kB	2023-03-07	2023-03-07
Pretty URL analytics.tiktok.com/i18n/pixel/config.js?sdkid=CBUEFNBC77U1OJP1HD90&hostname=go.maxweb.com IP 104.84.152.241 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:55 Last Seen2023-03-07 13:48:55 Times Seen1 Hash ac7091f733da9f571e1fbdaf41b2d49a 5dc77217757a7ae318b4f698aee78a537474459c 61f48cf966777649ec7e9f71cb07051fb2d32c03143be8d8fec7f73f613e1ec1 Loading...

	flatbellyshake.com/discovery?hop=mamaia	679 B	2023-03-07	2023-03-07
Pretty URL flatbellyshake.com/discovery?hop=mamaia IP 172.66.43.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:55 Last Seen2023-03-07 13:48:55 Times Seen1 Hash fe292b48aff34e2f995dd8bb554e6ce5 14e93fae306cb544bd658ccde9950bb5fdab940a 416a8e3a5e4aaf506baf81b27638181d1b1f3cbea4f94bf87abb7ae9f941905a Loading...

	flatbellyshake.com/discovery/js/jquery.js	97 kB	2023-03-07	2024-02-29
Pretty URL flatbellyshake.com/discovery/js/jquery.js IP 172.66.43.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:47 Last Seen2024-02-29 04:29:11 Times Seen174 Hash f4c7b82252f4175adef7692ccaa42c14 1a0281d2117cd52e00ae9ff32c405e041e8deb92 cde2e5c8bf73b290cef56ece81d2ef89292517b75efa8bf50efebc9e1872a55b Loading...

	fast.vidalytics.com/embeds/QrADs9TA/kJ8EJv87sNTUM9q0/loader.min.js	40 kB	2023-03-07	2023-03-08
Pretty URL fast.vidalytics.com/embeds/QrADs9TA/kJ8EJv87sNTUM9q0/loader.min.js IP 192.229.220.49 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:16 Last Seen2023-03-08 03:22:08 Times Seen1 Hash 1e619dd735e8755ce105b90ccdd6b02f e789b2e32afba49f1cc2c67713c70ed42d59747e e633458cf56f5243aacbf54f90aff9c7d2cd0b4b93f26b4ec9bfb51bb5ea9b4d Loading...

	flatbellyshake.com/discovery/js/bounceback.min.js	2.8 kB	2023-03-07	2024-02-29
Pretty URL flatbellyshake.com/discovery/js/bounceback.min.js IP 172.66.43.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:47 Last Seen2024-02-29 04:29:09 Times Seen186 Hash 928ec014586629db7d8b4ad49c4bc93c b436801b50738cca53b78e5c9e459495f26da5c9 1fbbfbf2aff3f6cb01ac1967abafda6695aa9ee86e28862b0c45f62bffe51282 Loading...

	flatbellyshake.com/discovery?hop=mamaia	548 B	2023-03-07	2024-05-08
Pretty URL flatbellyshake.com/discovery?hop=mamaia IP 172.66.43.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:47 Last Seen2024-05-08 23:38:46 Times Seen477 Hash 1ad5c115ba02812a95a81697a1428b9d 1ecfc84ec959361e20ddf31d34a775300e07334e 33c3bb2334c52ccc35e6ad8806ec31a6814413c62d91d6011e5500d5ea820c1c Loading...

	flatbellyshake.com/discovery?hop=mamaia	917 B	2023-03-07	2023-03-07
Pretty URL flatbellyshake.com/discovery?hop=mamaia IP 172.66.43.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:55 Last Seen2023-03-07 13:48:55 Times Seen1 Hash 6077aaaa4bd6af631e37eb034bfe383f 2f2f2a921d25689d84ed5dec7473c26711dbf4ed 362ec2938c6fc9cf36178c65d0352d0c2838301bf4a4e89edbb58ec8818fc84e Loading...

	flatbellyshake.com/api/visits?page_id=14&page_version=b&request_id=AC471A22%3A2F64_D197C0D8%3A01BB_631974E7_30CA7%3AA16EC&querystring=hop%3Dmamaia&fbclid=&fbp=&fbc=&referrer=	558 B	2023-03-07	2023-03-07
Pretty URL flatbellyshake.com/api/visits?page_id=14&page_version=b&request_id=AC471A22%3A2F64_D197C0D8%3A01BB_631974E7_30CA7%3AA16EC&querystring=hop%3Dmamaia&fbclid=&fbp=&fbc=&referrer= IP 172.66.43.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:55 Last Seen2023-03-07 13:48:55 Times Seen1 Hash 55cc857ed03de5cddfafd21a36dfeb8a de39b144555bd2effedd0ea1cbb0d90951547c25 e93d1ea83391454939a25b0782c4a44e47876dba6028f7a4b5b439ba1b6ba59d Loading...

	go.maxweb.com/conversion/iframe/?a=7082&token=2303427b38436c758abe1099507ebe22	964 B	2023-03-07	2023-03-29
Pretty URL go.maxweb.com/conversion/iframe/?a=7082&token=2303427b38436c758abe1099507ebe22 IP 172.66.43.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:55 Last Seen2023-03-29 21:42:44 Times Seen2 Hash 660c08470f6b75a58c5a8279972a4888 22e295393e9d3060f8d0d9824826bb9fd7d082f1 eaf5a1a270441755dd215478667df30de2b496fedccdfd5b64bd71e4158c38e6 Loading...

	flatbellyshake.com/discovery?hop=mamaia	1.9 kB	2023-03-07	2023-03-07
Pretty URL flatbellyshake.com/discovery?hop=mamaia IP 172.66.43.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:55 Last Seen2023-03-07 13:48:55 Times Seen1 Hash 5e8c69df9d7c9c6d3ba08bc40282323a 9e44d37e9d13decc2f90b5b9036291ad249fa83c 5695cd4c87150b9dcd541fd0107f8523a0850339fbdc40627980c93b4fe15575 Loading...

	prod.cbstatic.net/dist/injectable.js	191 kB	2023-03-07	2024-05-10
Pretty URL prod.cbstatic.net/dist/injectable.js IP 143.204.55.111 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:28 Last Seen2024-05-10 18:50:28 Times Seen918 Hash af651c30e1a69f6f2124e9c1d094a300 4328efe60a0ca51ab455d67ef6b257998cb1cdee f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f Loading...

HTTP Transactions (106)

URL IP Response Size

split.to/lanta

172.67.186.247

301 Moved Permanently

0 B

URL HTTP/1.1
split.to/lanta
IP
172.67.186.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lanta HTTP/1.1
Host: split.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Sep 2022 04:51:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 08 Sep 2022 05:51:49 GMT
Location: https://split.to/lanta
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGcC6LprR3we53AUVvQPM8RbPMdDGjm3AgvPJFPnO%2BT%2FVcZWBDEZBq%2F9Ajegb68RD3yt9G4fOtJFmxavJBa%2BEgJjQShhoYSNSu9FOsMCjvkCKLjCGJpM7dvBvg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7475123b4b750b02-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5628
Expires: Thu, 08 Sep 2022 06:25:37 GMT
Date: Thu, 08 Sep 2022 04:51:49 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 08 Sep 2022 04:05:12 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: X3Y-Hfq73OYw9iMI_QyHK2os9GD3sDlEOrQFLhERvVxzrILojRB3fw==
Age: 2797

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: agBSdkLD6Rc8sl2kJVMD22so7moysHvIUQ45JUew_UyK_wQQtWlJbQ==
age: 3914
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 04:51:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 08 Sep 2022 04:38:18 GMT
Cache-Control: max-age=3600
Expires: Thu, 08 Sep 2022 05:11:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AGNq09PqBSp-0nIcxkrBBhnXZP-GVjJCTh3duUfzS-wJsa6QJjQb9w==
Age: 812

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1537
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 04:51:50 GMT
Last-Modified: Thu, 08 Sep 2022 04:26:13 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
debbcc2459d91d0bf8468d92235df825
9ec23590673f788f4e876b75e4575e871e7c8af1
8c537b26df62d19a4f9c4916ee9ade86fa2d186dff9918b5b281b258b4319dff

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 08 Sep 2022 04:51:50 GMT
Last-Modified: Thu, 08 Sep 2022 03:28:42 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RMdffMsAshOBLN-uyIkgLeFiCI4KMTPPEQOVzZdayykx8exOFf7-Zw==
Age: 4988

push.services.mozilla.com/

54.191.251.76

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.191.251.76:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ClRYpD6dhoFusJdY1xaewg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 54rHS93/VFLvkqWM2hKkQuibVNk=

hop.clickbank.net/?affiliate=mamaia&vendor=fbshake&tid=lantbm1

54.191.125.20

307 Temporary Redirect

0 B

URL HTTP/2
hop.clickbank.net/?affiliate=mamaia&vendor=fbshake&tid=lantbm1
IP
54.191.125.20:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?affiliate=mamaia&vendor=fbshake&tid=lantbm1 HTTP/1.1
Host: hop.clickbank.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: p=Rqv09oeSAr_fwNh8n-CIpX3BXJXAhSs5liLsZX0Ux0q2LoCuLErSh7vv2ZKzm_sIPzslR3KeSDFqjeEDtMLHPWkq7GH5zavT6VO8oHWSoK16FYd_c4DAUvAd1_9IMeysRvleDzixE2F-ZZEmZY2xTIJ0WVgNufWbwwa9R6uXGHHdaOR_5928ZrtgZVcKH9P-JB1C4dF2r-tjYben1DpvD3k5_P-Hx231TIHYK398HW1WxRGEeGCrsmQedsrdI3XAikV4uPyQYuEzsh9_EEMbchM_Lqq5Pw-PQZI30D7MIpko8NXHA2OAQBut8l_nRE_zw1p64LlqAAkXmlgbaTxhxtIs9Q0_ZTyDN1lMKh2RKp_MmUvZYs5eKe9420tHelY06njVkSJDzE_jAcKtt6MAlnB_FrzGbvgN83uiLvIOUULTTzHh8HW3hBDwLLwSQC-Po3Zivg%3D%3D; q=01.C24439F0FBC97011E10BB8DF72A81B51A9BD75872C9DFD96801C5AFD06B7E68F2F8D239DD5140A251BC18E3256769EA88BE0C643
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 307 Temporary Redirect
date: Thu, 08 Sep 2022 04:51:50 GMT
content-length: 0
location: https://flatbellyshake.com/discovery?hop=mamaia
set-cookie: p=9ry4VY3wNcIkqginQStTIZI2OUQpI7pvrv7ilV7enOuA6YvcOKmfF1QWhvf8HFnnYEiD0dT4ej7Ia00ZCOV6_n6arjm_nt8NtQ6iqY4KSVQoXHVwsTtcUSTYfbchWusZjKblMz2ecKuKaRKLYG0PgLSicFad_UMyt3oWQRZFxqIwE2o6cwaDfYnXXgRT1Ekr5A4EWl4LjIexqZNhmoXjp0UqSlM%3D; Path=/; Domain=.clickbank.net; Max-Age=15552000; Expires=Tue, 07 Mar 2023 04:51:50 GMT
server-timing: traceparent;desc="00-f83d2f82636906d4931d21407374e59e-0ff55b592d3608b5-01"
access-control-expose-headers: Server-Timing
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
9d208a43be704b3a8457faca9ced4eb0
60edb553617ad8ad66f5b462b3f529f177e35f70
00ffc6efbb59028d3c678cce5368a99898d520add56ff0afb88adbdffca0aeb2

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "00FFC6EFBB59028D3C678CCE5368A99898D520ADD56FF0AFB88ADBDFFCA0AEB2"
Last-Modified: Wed, 07 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 08 Sep 2022 10:51:51 GMT
Date: Thu, 08 Sep 2022 04:51:51 GMT
Connection: keep-alive

flatbellyshake.com/discovery/images/free-shippng-bounus.png?v2

172.66.43.176

200 OK

22 kB

URL HTTP/2
flatbellyshake.com/discovery/images/free-shippng-bounus.png?v2
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 189 x 61, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22211 bytes)
Hash
e18fccb2fce0534f94353eb245af29e6
928ce2e0fb3b42152ee5a61af87b7d3bd313a74c
69f5b6067db0cdb45906c55101b10f829983731b166e0c9d770beca1c2b1d729

HTTP Headers

GET /discovery/images/free-shippng-bounus.png?v2 HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: image/png
content-length: 22211
last-modified: Fri, 22 Apr 2022 10:09:11 GMT
etag: "62627ec7-56c3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 141964
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gq4Nr4%2FiR6lcb0tWg0SniZSplNA%2FhgGRZrHiXHep7uakaZt2sZO6%2BEDFVBJnSwzv19Ax0EO%2FvlcQxVnswMjH9I34jQv3fOtRvIbgGSPpe4CMpd851xZsYSO67F0nGoHz9iGODg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7475124819f10b51-OSL
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/images/credit-card.jpg

172.66.43.176

200 OK

17 kB

URL HTTP/2
flatbellyshake.com/discovery/images/credit-card.jpg
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2020:10:31 14:49:28], progressive, precision 8, 168x24, components 3\012- data
Size
17 kB (16703 bytes)
Hash
b23189cc855a83bf542b43bf701bd311
d4cf6104a1b4578fb684fb274e1b0ad107189ab0
5eed70266e4ae59eff8bf5e7e795b4312d77cec9afd731d8c47cac044bd50d7f

HTTP Headers

GET /discovery/images/credit-card.jpg HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: image/jpeg
content-length: 16703
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "62627ec7-413f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 22 Apr 2022 10:09:11 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 141963
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lU1oOnOLguevSAXgAeL827vQu%2FUCSBoloYDiP%2BVvkiIwZF7y9q%2FbD4tdpp%2Bj4daFXPzAoN9KvltWhkn5f%2BXOqj8%2B8lJ%2F2IY2gI1xNoO3JhBBLy87DZ0MXYXvNdNl3LECwT4CnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7475124819f50b51-OSL
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/images/laney.jpg?v1

172.66.43.176

200 OK

30 kB

URL HTTP/2
flatbellyshake.com/discovery/images/laney.jpg?v1
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=150, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=150], progressive, precision 8, 150x150, components 3\012- data
Size
30 kB (29755 bytes)
Hash
6180fe7bfe7f72a3fe865a50972cfa7a
fc3d7a37bab9147418a121be90b52b48f5585cf4
5798e737a92ab406180670a79db001c83ceaf15aab1d3716040386c7cf85f149

HTTP Headers

GET /discovery/images/laney.jpg?v1 HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: image/jpeg
content-length: 29755
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "62627ec7-743b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 22 Apr 2022 10:09:11 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 141964
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fdbx4%2F6sZwkldUBioWzGpZoX6t%2BVV2fo24rp%2BBMYmm1B2fvZxEVlST8FVL8LGYLWSl%2Bme1Wj3UBhd9Lfd9RQhKEyFQUI%2FQJxpou8Hi7L4rmGg9%2FocopD%2FeG6eDfaOQjzuoCDhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512482a050b51-OSL
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/images/carlos.jpg?v1

172.66.43.176

200 OK

39 kB

URL HTTP/2
flatbellyshake.com/discovery/images/carlos.jpg?v1
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=150, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=150], progressive, precision 8, 150x150, components 3\012- data
Size
39 kB (38697 bytes)
Hash
4d20a673eaf027e5d9ffecc1eb805b50
ddf65ceed661b2349606947d7d2f755b1ad4357d
532f7d1901465f1a541001eff076ed8eec8e55291db49554281947408494f5b6

HTTP Headers

GET /discovery/images/carlos.jpg?v1 HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: image/jpeg
content-length: 38697
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "62627ec7-9729"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 22 Apr 2022 10:09:11 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 141964
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owgyR07Z%2FHlkeP2xbT3N8rnI9kjfl8WYMQWpH8se4R4yphmJxUl8lQvW4cIknmzHrwZ9rhLyNIg15r9wHGCVS7rsvJOQSpMOI%2F81%2BMbpXJ0xgwNLqGv4LGl%2FaiPC3V1h3IIoyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512482a040b51-OSL
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/images/lina.jpg?v1

172.66.43.176

200 OK

35 kB

URL HTTP/2
flatbellyshake.com/discovery/images/lina.jpg?v1
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=150, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=150], progressive, precision 8, 150x150, components 3\012- data
Size
35 kB (34585 bytes)
Hash
7e3f175ac56f318cbe7e057ac189c3c9
8dab13c32a0f5b045a47f9ff3f6ceb6d6e9d8af4
ee6b5aeb6d4f80467bdf19f3a4d05a2007d887f53e89b563f38ead49bb84db4b

HTTP Headers

GET /discovery/images/lina.jpg?v1 HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: image/jpeg
content-length: 34585
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "62627ec8-8719"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 22 Apr 2022 10:09:12 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 141964
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0EQirSmSD6q3S4T6tvbEPFH4Wr2aUPrgO35h0g2HMEcVkG%2BnhH8aJz4z54jzeuYJCAPgytlxMeK%2FFFUI4peV%2BA7covtgCwZYWb%2BtGDNMO5m9QbU0fLa%2FCZF8r8HhQ4Pc%2FLC9Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512482a030b51-OSL
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/images/logo-1.jpg

172.66.43.176

200 OK

28 kB

URL HTTP/2
flatbellyshake.com/discovery/images/logo-1.jpg
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2022:04:07 13:16:33], baseline, precision 8, 300x100, components 3\012- data
Size
28 kB (28334 bytes)
Hash
4f9ede3bb2df14f457a8afcca6c7a9db
5010e7255f3ef6f358e9a34b7f240e4c796c824f
2fc32a949ddd14553e971750e28a58d9208ddead25a6fee64c40709098b5eb69

HTTP Headers

GET /discovery/images/logo-1.jpg HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: image/jpeg
content-length: 28334
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "624eb318-6eae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 07 Apr 2022 09:47:04 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 141964
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaJvvthC%2Fn4vNq%2FwjH6tAxAbs%2F9YW9E5UiQC8HapZznKarYAVOo1xcwqN5XHpcpyDY4Y%2FlVsQlgkEcpEcv6nAKWlLIWhj9PeMnkuR9nt0n%2Br3zwGLM6jtJmmWD1EM0VJdslRig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512482a130b51-OSL
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/images/bonus-2.png

172.66.43.176

200 OK

207 kB

URL HTTP/2
flatbellyshake.com/discovery/images/bonus-2.png
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 245 x 378, 8-bit/color RGBA, non-interlaced\012- data
Size
207 kB (207309 bytes)
Hash
b20628b7fc27c11bfb8cbba232162669
541f927b8919624d52a7a3214131e9092cd5653f
1c033091d0b407c12e858079eb75cf5a7f4d54bf8d2e10fd6d66ce11281b7946

HTTP Headers

GET /discovery/images/bonus-2.png HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: image/png
content-length: 207309
last-modified: Fri, 22 Apr 2022 10:09:14 GMT
etag: "62627eca-329cd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 141964
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U25diLIEtFwUX4%2BArywPDXivw%2FZKs4Tn4E4cTr36SeRS4HmROEu%2BocOOya54XEit6EEJtBghGNJIS1lCAdMWKjKw1w6h7RS5ia6mLHKgyQD1ZiCiF4c4clGvs4%2FJbA4CNLRzqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512482a0f0b51-OSL
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/images/bonus-3.png

172.66.43.176

200 OK

107 kB

URL HTTP/2
flatbellyshake.com/discovery/images/bonus-3.png
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 394 x 229, 8-bit/color RGBA, non-interlaced\012- data
Size
107 kB (106820 bytes)
Hash
88ccd50679e12dba55794ae1d057fc4b
c393432862cc3f7e5e479b0c4cbc0e6f757d89fc
a0f0671218ac77b77ddde73d69d534f976ac6745ed4511f54ba044f85a69f3e1

HTTP Headers

GET /discovery/images/bonus-3.png HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: image/png
content-length: 106820
last-modified: Fri, 22 Apr 2022 10:09:13 GMT
etag: "62627ec9-1a144"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 141964
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AY06NLdEQSyLJo7wT9DNGTBxE1OnAxKxyTMtsFsNqSbNNKJIl405XP2nNNZaC3FRocCiXmxRudcdKKg%2BIAyoOtReo20vRUcILyVw9qFZ1HHeoFrTrkq%2FaUb485ZUwQE4EmFU0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512482a120b51-OSL
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/images/logo-2.jpg

172.66.43.176

200 OK

32 kB

URL HTTP/2
flatbellyshake.com/discovery/images/logo-2.jpg
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2022:04:07 13:17:00], baseline, precision 8, 300x100, components 3\012- data
Size
32 kB (32303 bytes)
Hash
080a763dd07249719bcaf79fe73299b9
a672d54996f377ec40d5333dd008899a3c62403f
3d40474494b59d6337a2deed885b204e36f1dae1860bb32e84fbb04eb0800ee9

HTTP Headers

GET /discovery/images/logo-2.jpg HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: image/jpeg
content-length: 32303
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "624eb322-7e2f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 07 Apr 2022 09:47:14 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 141963
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSsanDPUGOmmSZGs3RfKf6VjNUjT5QxOkr3enzxFxVNd4LdDq0HlbUcieSMuwmCPyf6QTY7AphkOW7Qh7YgOfXqDhnz95qvDM0boP6LKdY1bXC6goKVla8xsZvE1FX8Aq3tOwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512482a140b51-OSL
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css

104.17.24.14

200 OK

10 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (57147)
Size
10 kB (10134 bytes)
Hash
3c292a51a538afbd149feeff74c3ffe8
7ab76905b7ccea15f11dc21bd49a03f8634add10
816a099099ffbfe5309857cb24f585c73928529c618036eab5fe2dee9a9c6be6

HTTP Headers

GET /ajax/libs/font-awesome/5.12.1/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: text/css; charset=utf-8
content-length: 10134
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-dff5"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1839364
expires: Tue, 29 Aug 2023 04:51:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sW1QGfdUeKL3YK81aLLB5Fw7KdxqHpWJGXkoO6VcbWv0N2fQStcRM5D93vLKRvfgLMwkzrkKhG93qQjxEuLWH%2BMt6A1KsfVToB0UIuBZRbrUUP22AxpCIi3zromKKdqDuf3Y96xX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 747512487f8cb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/images/light-background-fade.jpg?v=1.26

172.66.43.176

200 OK

664 kB

URL HTTP/2
flatbellyshake.com/discovery/images/light-background-fade.jpg?v=1.26
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2480, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], progressive, precision 8, 1920x2480, components 3\012- data
Size
664 kB (663591 bytes)
Hash
353bf06d0e2365435f0a977b3c1149c4
cd1f6910cac1d34f4bc843625c73806f99f6f2a8
2baeb775ba953b15a32ab2056fd5670cbde61210ca2db6941fb20413456690d3

HTTP Headers

GET /discovery/images/light-background-fade.jpg?v=1.26 HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: image/jpeg
content-length: 663591
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "60f955c0-a2027"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Jul 2021 11:25:52 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 141964
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWoc7PjTcVs96sDqHAovNKMTSt1sahimVWRJJolAYAA6XWULyBDlTYjS%2BvMTbaWIahOnC2NhxHPZUG4PS3dxFTYW1EVi4gJBjpwSYPHcd6mRoRMxav%2FINItPHKn5S9NO%2BU%2BBvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512488a6b0b51-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 04:51:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 04:51:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 04:51:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 04:51:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 04:51:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

flatbellyshake.com/discovery/images/product-bottles-6.png?v2

172.66.43.176

200 OK

79 kB

URL HTTP/2
flatbellyshake.com/discovery/images/product-bottles-6.png?v2
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 431 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
79 kB (78557 bytes)
Hash
7468d7d7a2f4a85e2d72845edff60bf9
3e68db2f01e52addd1b0592d9fafcbba8205088a
deab442b0bb0c2b14b5981df93cc9fe24c2aad11483196a3b896de20bd7cad73

HTTP Headers

GET /discovery/images/product-bottles-6.png?v2 HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: image/png
content-length: 78557
last-modified: Thu, 03 Jun 2021 13:47:07 GMT
etag: "60b8dd5b-132dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ii%2B5qJy84r1MPn1y15SaXgPkP2caW%2BaisHqyMd4Cc3bMEXkW85PkS3z7k5bGxQS9dZpSd%2FqN9huzV69kQ1OH8F7rS6oH38cTlfT7hudn3WAMUINYnDEPf%2F8uBgd7uHLTikqz3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7475124819f00b51-OSL
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/images/logo-3.jpg

172.66.43.176

200 OK

33 kB

URL HTTP/2
flatbellyshake.com/discovery/images/logo-3.jpg
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2022:04:07 13:17:31], baseline, precision 8, 300x100, components 3\012- data
Size
33 kB (32601 bytes)
Hash
3d17666891364bcf61bf2f6cbddecbd8
38bb3df7b9a86e0d1d01a4ac087c815fb815b072
9ed445a89e9b3a106a4fd9c6926a4c3fcdec5ab849bbb7e50fb68ca9c150a580

HTTP Headers

GET /discovery/images/logo-3.jpg HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: image/jpeg
content-length: 32601
last-modified: Thu, 07 Apr 2022 09:47:13 GMT
etag: "624eb321-7f59"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VRKQwkfPP4gOMwrXuSxm%2BqjM%2BUuJSknBoDTV8%2Fxo92lHTGJdPGGlMZfnJaYyU9NBHS8vY%2BGRavid7m0myfI%2B2K5CmkaDrSD09e0ZPu1bDoRzO%2BbxjESxMVSXZ%2BIfp7X2lnmBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512482a160b51-OSL
X-Firefox-Spdy: h2

fast.vidalytics.com/embeds/QrADs9TA/kJ8EJv87sNTUM9q0/loader.min.js

192.229.220.49

200 OK

9.7 kB

URL HTTP/2
fast.vidalytics.com/embeds/QrADs9TA/kJ8EJv87sNTUM9q0/loader.min.js
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (40367), with no line terminators
Size
9.7 kB (9740 bytes)
Hash
4531414b85a3c054437c2c3d1d2d5f5d
224749701b80d2cc47a0c48d77b20f24f8500935
fe0ce1e65c04eec591ca94f13b56fdd8d975c1a356e62461cec1c0091999bdf4

HTTP Headers

GET /embeds/QrADs9TA/kJ8EJv87sNTUM9q0/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type
age: 1203163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=300, s-maxage=2592000
content-type: application/javascript
date: Thu, 08 Sep 2022 04:51:51 GMT
etag: "4531414b85a3c054437c2c3d1d2d5f5d"
expires: Sat, 08 Oct 2022 04:51:51 GMT
last-modified: Wed, 24 Aug 2022 07:30:55 GMT
server: ECAcc (ska/F776)
vary: Accept-Encoding
x-cache: HIT
x-goog-generation: 1661326255061011
x-goog-hash: crc32c=UGf3Sg==, md5=RTFBS4WjwFRDfCw9HS1fXQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 9740
x-guploader-uploadid: ADPycdsvzjVEEssDfOAMgEtLE9l6TZ8C7OVOfN3MqY27R8Wd1YBttNpk5eqLWhYGPUZ9ZtEmo3V4OniW5U-zsE4tRi9zq32ACzUj
content-length: 9740
X-Firefox-Spdy: h2

fast.vidalytics.com/embeds/QrADs9TA/jUzMDC6ZeVluZv_x/loader.min.js

192.229.220.49

200 OK

9.7 kB

URL HTTP/2
fast.vidalytics.com/embeds/QrADs9TA/jUzMDC6ZeVluZv_x/loader.min.js
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (40367), with no line terminators
Size
9.7 kB (9740 bytes)
Hash
4531414b85a3c054437c2c3d1d2d5f5d
224749701b80d2cc47a0c48d77b20f24f8500935
fe0ce1e65c04eec591ca94f13b56fdd8d975c1a356e62461cec1c0091999bdf4

HTTP Headers

GET /embeds/QrADs9TA/jUzMDC6ZeVluZv_x/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type
age: 1203163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=300, s-maxage=2592000
content-type: application/javascript
date: Thu, 08 Sep 2022 04:51:51 GMT
etag: "4531414b85a3c054437c2c3d1d2d5f5d"
expires: Sat, 08 Oct 2022 04:51:51 GMT
last-modified: Wed, 24 Aug 2022 07:19:57 GMT
server: ECAcc (ska/F749)
vary: Accept-Encoding
x-cache: HIT
x-goog-generation: 1661325597394812
x-goog-hash: crc32c=UGf3Sg==, md5=RTFBS4WjwFRDfCw9HS1fXQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 9740
x-guploader-uploadid: ADPycdt5rV7xpdPuyG1pGxZBoF0JK0KKEJKOSso5x_qABvqjoCG5vFHriCXRHbiHvo4XEE8P4MZ5EP-xYBh9cWClTSnF3uofCPCS
content-length: 9740
X-Firefox-Spdy: h2

flatbellyshake.com/js/jquery.js

172.66.43.176

200 OK

35 kB

URL HTTP/2
flatbellyshake.com/js/jquery.js
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32029), with CRLF line terminators
Size
35 kB (35349 bytes)
Hash
7cd28efb28f86c439f035d37430784a0
d79daac3a492c46b802aadb1f200552a06641dad
8f62deef099f003dfa8551b1b3592744c9d1825de690366c901fee356c693c42

HTTP Headers

GET /js/jquery.js HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: application/javascript
last-modified: Tue, 01 Jun 2021 11:01:50 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"60b6139e-17bdf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Zw%2Bubyi9PW1iafkJTREZUZ51UCuvUt4%2BfG6YTpujqSDbGNGmQyTJ7DA7fhjVkd2wwlYkmPEeNJzKFK%2BkSgVioPoB8erFa1vqv2Eoc7cd1eI%2FBE9Oi2QWozYI%2FvT2IPFMtyO2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512487a600b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/images/product-bottles-3.png

172.66.43.176

200 OK

121 kB

URL HTTP/2
flatbellyshake.com/discovery/images/product-bottles-3.png
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 431 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
121 kB (121094 bytes)
Hash
0815da63327a53d19886e2d90d3004d5
533e577f360f081d0f969bf776af8acc444a7ea6
4d2056882b7c6ca1c1123932dc7b31e99595f4926a4e9fa484429d1cba9c78d3

HTTP Headers

GET /discovery/images/product-bottles-3.png HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: image/png
content-length: 121094
last-modified: Thu, 03 Jun 2021 13:47:07 GMT
etag: "60b8dd5b-1d906"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWf6PDvj1DQ6mYxL%2Fxjrgh75ZplaNYdPFXR%2BNrn5WWQnm7rOWOjeKlTgaL5z7O3CBT99HWNN579MXT4a70qar3ZaHX%2Baq89sm4RuUTX0rv0X4KYOO3rgAi67SWKtLoUFaKAt3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7475124819f90b51-OSL
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/js/scripts.min.js

172.66.43.176

200 OK

500 kB

URL HTTP/2
flatbellyshake.com/discovery/js/scripts.min.js
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15433), with no line terminators
Size
500 kB (499791 bytes)
Hash
743b6ac1399575cf81a59d857aae844c
e205c869939b08e3eee8bff7b913470b13c14de4
ec9abdb694f3935a7ac9c7b7a19d42c81dee00f672911900c94f05b5eaa96711

HTTP Headers

GET /discovery/js/scripts.min.js HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: application/javascript
last-modified: Thu, 18 Nov 2021 11:35:52 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"61963a98-3c49"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 141964
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGI4nsrJz2vadwo5isRJxFX2S2x4qaeSpPUDodWlP%2BkIUlcJHaD6Ul8SqCgw6hEbcmWn7mHfVnuROC6C6OJwO35L96YnPo7pSB4lB4QKM3S4mPiZLHs%2BiEtHt5I4LZAWNN%2Bv2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512486a5a0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

flatbellyshake.com/js/bootstrap.js

172.66.43.176

200 OK

504 kB

URL HTTP/2
flatbellyshake.com/js/bootstrap.js
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32003), with CRLF line terminators
Size
504 kB (504157 bytes)
Hash
637ec4611badf8455fca8fe17b00492a
f724f332e2f7934d7ab5eb2c225da31921934e51
484dbc9fabc52b9f4d214f723cb27718c94e42232c1f873f0f8b448cd810cf76

HTTP Headers

GET /js/bootstrap.js HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: application/javascript
last-modified: Tue, 01 Jun 2021 11:01:49 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"60b6139d-900a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 244205
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldfFfDw%2Bmyc8Ggy%2BfKm7arJwN3dpcpYzOvJV2S6McXT5mE8e%2BVgun8vweZE6k5Czs2nQfI7eHA%2Bi2%2BaAST9%2FV%2BoHdNZDW0vjuUZvM%2BsOYREzJhHJwnoZ2tHdkcv%2FZRNTue%2BYRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512487a610b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.74.163

200 OK

7.7 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:30:59 GMT
expires: Thu, 07 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 33653
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9162
Expires: Thu, 08 Sep 2022 07:24:34 GMT
Date: Thu, 08 Sep 2022 04:51:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9162
Expires: Thu, 08 Sep 2022 07:24:34 GMT
Date: Thu, 08 Sep 2022 04:51:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9162
Expires: Thu, 08 Sep 2022 07:24:34 GMT
Date: Thu, 08 Sep 2022 04:51:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9162
Expires: Thu, 08 Sep 2022 07:24:34 GMT
Date: Thu, 08 Sep 2022 04:51:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9162
Expires: Thu, 08 Sep 2022 07:24:34 GMT
Date: Thu, 08 Sep 2022 04:51:52 GMT
Connection: keep-alive

flatbellyshake.com/discovery/images/bonus-1.png

172.66.43.176

200 OK

196 kB

URL HTTP/2
flatbellyshake.com/discovery/images/bonus-1.png
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 245 x 378, 8-bit/color RGBA, non-interlaced\012- data
Size
196 kB (196188 bytes)
Hash
3ed09011140c8c6fb9752342f1df7f0a
f383694db64bd2fee201a450c3f4c10bbd1cfc1f
83cd523f5047c4b144e74361a7560fef4f05598aa1c28580cc28238751bcbc2a

HTTP Headers

GET /discovery/images/bonus-1.png HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:52 GMT
content-type: image/png
content-length: 196188
last-modified: Fri, 22 Apr 2022 10:09:14 GMT
etag: "62627eca-2fe5c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxwwcN5%2BERHggSCfDOCHXyBX8qv3bX3mZ59vyoO88KV6SNAcBUbJ1xaEmqOPDTmsb%2BKzzGwngnElQgfH0yOT4joaEkVTF4IUZuZhRVs2QOV5ZfpmkgGeufnd2doips9DzTuv0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512482a0d0b51-OSL
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3529 bytes)
Hash
edcd025faafbf7161d4d606f47304c2b
a99519726bc82f2cc0541c79f47ddd15c7362669
ed7b147e3ea371ea4b014805d9c2f45407918924bb2ec540ea6f7cd0a8b1b698

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3529
x-amzn-requestid: 6ee305f1-aaaf-49eb-94b5-1176943a1922
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YCjYWFzNoAMFajg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63174c35-7e8ef3554da3194d47726d0d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 13:33:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: u3PSpvVEoPGJTFmcB643hOaVUAp-iW0X68PxtIaJZvGHc-Bh79gPgQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:42:18 GMT
age: 25774
etag: "a99519726bc82f2cc0541c79f47ddd15c7362669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd38a7ac-451e-4dae-8707-f68a3c27ee4e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8693 bytes)
Hash
7ccc1d45458086694a8221a8a6c6aa3b
b8f1359214f21be812390a6cca80b8e84c26a403
461503caa5ec14c1214bdc19795e47b8c1c3c5be1b21f0f29e923e5191e93846

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd38a7ac-451e-4dae-8707-f68a3c27ee4e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8693
x-amzn-requestid: aae6e4f7-9b0a-49da-b2f1-58b625609942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgFokoAMFbwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-27854a575dea22e1035454e3;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: ja2OeAUlF9lkO2n0bSzYlZHXKnfa6Z4_lU7lAoLZkccaw7CCzFlyKg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:47:05 GMT
age: 25487
etag: "b8f1359214f21be812390a6cca80b8e84c26a403"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7885 bytes)
Hash
7ca5b5d4ac26d97b5729a30ecdc688bc
3e633bc6c4ab9adfe84899e5209d73bef1d097eb
2c8275d1819d933f86df9685b76aea030842ba5a341c59ea88ffd2da99a5a3d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7885
x-amzn-requestid: 305dc6b7-eb3d-40ad-af89-8b60be935637
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThE3DIAMFRtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7c0b58644e26de7f27c5b388;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: MG4_YJuVqfSCQ80FTdo5XU8xIi74XtILVbIQAbByh54QNOoMJCyS-Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:47:05 GMT
age: 25487
etag: "3e633bc6c4ab9adfe84899e5209d73bef1d097eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7492 bytes)
Hash
a07d553b6441514870ed7e9e989a29a7
98c145b9326d1e6036fa9089d87a25232dd45b0b
373a586b596016baeb8de98022207c25af24c099c06077edbdfd837cffc31a0e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7492
x-amzn-requestid: 2c5e9ff3-c7a4-4a8f-96bf-74f0ca5d9137
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9dOHguIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f87-70dbe6532b1a241e6dbe729e;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lbCmv9fV9iBGOQvxRzleYwC5dBYeu1kRgSSkC2hycDmavyXj-KlFSw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:24:59 GMT
age: 23213
etag: "98c145b9326d1e6036fa9089d87a25232dd45b0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 04:51:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8b5268-2aac-4f24-b390-b0e7248d123e.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16161 bytes)
Hash
25f5b03125ec15193e9dc0970050c2c5
712d9774b838f4d0ade26b674e8d038295cf3a6b
858d64da226534e5a96cb11fedeee1d1d55c0ac9e54a1f98d10e29be0d39eca8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8b5268-2aac-4f24-b390-b0e7248d123e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16161
x-amzn-requestid: 041df785-47cb-476f-9c22-d1f776c34bdb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThG4uoAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-66d92cab4181c30f66fe59c3;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 9uoDEctff88PBOVIGYxKdGXhcn20dRxRcnCEbq_PtSWvatkkIcI1WA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:47:05 GMT
age: 25487
etag: "712d9774b838f4d0ade26b674e8d038295cf3a6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1574e23-3c8b-4ce2-95be-812a884e557e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4320 bytes)
Hash
3aa46849d3bba47d63691883cf00056e
705bece0f3cca112c508c6e77bbb728e6e733905
5f6d0e6996967667c18b02385c896f1734efe530f10ff27d212bd216da91b3cd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1574e23-3c8b-4ce2-95be-812a884e557e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4320
x-amzn-requestid: cd37ae50-7ab0-48b6-8a30-caf4f941b65d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE9u4EeXIAMFoRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6318432b-6751e5fc30a2ecae0776fa74;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:07:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j8HDRmAd1Pvds0Uw6nzTeY5jmYay8tT0raGl7I4yXEJV1EupiIl-Kw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 07:14:58 GMT
age: 77814
etag: "705bece0f3cca112c508c6e77bbb728e6e733905"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/images/logo-4.jpg

172.66.43.176

200 OK

25 kB

URL HTTP/2
flatbellyshake.com/discovery/images/logo-4.jpg
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2022:04:07 13:17:55], baseline, precision 8, 300x100, components 3\012- data
Size
25 kB (24551 bytes)
Hash
a73811c3aabc19fa565df76a3b2a57c4
98be346d9d8472b156017a2bb855ee101a712fda
834677762dd3d820023ae53d715ea7a1ff6d1dfbec1c80b47479bc9f2ddfb4c0

HTTP Headers

GET /discovery/images/logo-4.jpg HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:52 GMT
content-type: image/jpeg
content-length: 24551
last-modified: Thu, 07 Apr 2022 09:47:13 GMT
etag: "624eb321-5fe7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyTCzOawDfAgC9AuLIDsj8Af%2FqFs9V88wS2eTvIKFLrxjspTSIlaIc1IVJ%2BLXsbaeDTk7R%2Fdi5bE9Ak%2FS62B%2FdxmsT55LrP05b7M834HI0a2l8E6pfaAjDjNCXvdGCkHFCEEkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512482a170b51-OSL
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/images/grt.png

172.66.43.176

200 OK

59 kB

URL HTTP/2
flatbellyshake.com/discovery/images/grt.png
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
59 kB (59155 bytes)
Hash
c0fd840417c01f98cfe42b1b8fbac54e
cbcb0589ac946758a17dc1ebb98102466334c62f
c1507182267ccd8225476dfe0598a47d39fafab6bdb18b03b33d5d5ca3224047

HTTP Headers

GET /discovery/images/grt.png HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:52 GMT
content-type: image/png
content-length: 59155
last-modified: Thu, 03 Jun 2021 13:47:03 GMT
etag: "60b8dd57-e713"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8RDKR2iOTn5%2B%2BQ4zB9%2BdQbjE4gonZY26zd3lolXNXZkDfBvddrxdzDOpesPk%2FQ15uDuSYEKbVQ61HeIQOEhcc3vLX3zLi0h0Q6DfTgBZ%2FAX%2FLQsbpIXZwEQE5C5x0gYOdKgBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512482a020b51-OSL
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
96b1e1509e6eaafa8e3e89b16560bf78
e610f3fd9f912c1ba5ca8582828e661c6df2f333
958a7b49f9cb6f284213b64a084adc12b1390b778371580d62f95b3443d9c9ae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 08 Sep 2022 04:51:52 GMT
Last-Modified: Thu, 08 Sep 2022 04:25:48 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SGKjBwqKPdBv7L86Dyb2woSgcE-JKN4f65Rajq1JSKCHPEF3ha_yNQ==
Age: 1564

flatbellyshake.com/discovery/images/buynow.png

172.66.43.176

200 OK

26 kB

URL HTTP/2
flatbellyshake.com/discovery/images/buynow.png
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 603 x 213, 8-bit colormap, non-interlaced\012- data
Size
26 kB (26143 bytes)
Hash
0f056e5ccb19b5e10152a94e1a264a93
00851b33eccd44593c2d9271e5c730d5035c1a4b
ebda8668bbcb3e692ff5cfc6d2cf67b697eec5f08b02964103726a2d9f11e1fa

HTTP Headers

GET /discovery/images/buynow.png HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:52 GMT
content-type: image/png
content-length: 26143
last-modified: Fri, 22 Apr 2022 10:09:11 GMT
etag: "62627ec7-661f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGQLxjxxvLzSzm77xLPX%2BouI5%2FP%2FuPGcQWixohoazASwOl6Hp3HZnE2a%2BeYTzTyEs73g0%2FqlY%2FTFSp%2BoF456obnDqK%2FB8n5%2F5m1DwN61smd4ka%2Fgh6Tm480D2yOpUzALTMHQAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512482a0b0b51-OSL
X-Firefox-Spdy: h2

analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBUEFNBC77U1OJP1HD90&lib=ttq

104.84.152.241

200 OK

38 kB

URL HTTP/2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBUEFNBC77U1OJP1HD90&lib=ttq
IP
104.84.152.241:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (65464)
Size
38 kB (37573 bytes)
Hash
4a81ac85fb79fe0f9380d6d622b8a455
55332b80273d1380bc5d215efbb48ac7b7e3ecc6
56b0f810740e1b0c8ecdd43769e984370c09c1210ce4aab186502a2a4ea77bee

HTTP Headers

GET /i18n/pixel/events.js?sdkid=CBUEFNBC77U1OJP1HD90&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2022090804515251671F96EB569A481791
x-tt-trace-host: 014c3d3a48b720cad047ee4725ef00c61e38a0d78b3a2a780a7134bf39a63bb3150c9afc3ab4a38d3d8ed5b84c96d04f6d881ca111f77455a633586b7439db1e07781b88324b44edf69ea46ec85a292608bec1407eecd2bed3c6a5efe3417ebe37
content-encoding: gzip
content-length: 37573
x-origin-response-time: 14,23.34.240.206
x-akamai-request-id: 1305b262.5255a48f
expires: Thu, 08 Sep 2022 04:51:52 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Sep 2022 04:51:52 GMT
x-cache: TCP_MISS from a104-84-152-237.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-34-240-206.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=106, origin; dur=14, inner; dur=3
x-parent-response-time: 120,104.84.152.237
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/images/product-bottles-1.png

172.66.43.176

200 OK

84 kB

URL HTTP/2
flatbellyshake.com/discovery/images/product-bottles-1.png
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 431 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
84 kB (83982 bytes)
Hash
25d913d29153df95be75a383aa30041c
c60695a9ed3dfe1351ca8cca1c3f7697a0fea9c7
0f68a985233c791913d7874f93b16cac880dfe3d9e75e47a6c6094e83176a81a

HTTP Headers

GET /discovery/images/product-bottles-1.png HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:52 GMT
content-type: image/png
content-length: 83982
last-modified: Thu, 03 Jun 2021 13:47:05 GMT
etag: "60b8dd59-1480e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwRE6k1lBz7fnC6Q9mh0HO%2B7B0bDwhAoA9BEGxcOQrhHTBBciD7ZCxKPJmUqp9vwl%2FRowgbzZ9DgLLvdLllCm1hIQhc960MKtz4mMBasPWWqVRFGxpsC1K8cSbLry699lW1iow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7475124819f80b51-OSL
X-Firefox-Spdy: h2

cbtb.clickbank.net/?vendor=fbshake

52.33.226.99

200 OK

936 B

URL HTTP/2
cbtb.clickbank.net/?vendor=fbshake
IP
52.33.226.99:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (936), with no line terminators
Size
936 B (936 bytes)
Hash
6c0b964b273d662f25b84cd29e51b607
6bef26208ee6a1d7105720e5cc54f273868630a9
a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c

HTTP Headers

GET /?vendor=fbshake HTTP/1.1
Host: cbtb.clickbank.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:52 GMT
content-type: text/javascript;charset=UTF-8
content-length: 936
set-cookie: AWSALB=nDMYgZiiI4P0te1kH3lB35u+QT4CfnVUtQ+e9sjWOEXD49JTo9DfbW7fZk90AQZaorv0Rw3hJTupQOOW5aJ5Fq/nwUxl4I3VyBTmYm1cd5TuVldj9roC1n5fVtUW; Expires=Thu, 15 Sep 2022 04:51:52 GMT; Path=/
AWSALBCORS=nDMYgZiiI4P0te1kH3lB35u+QT4CfnVUtQ+e9sjWOEXD49JTo9DfbW7fZk90AQZaorv0Rw3hJTupQOOW5aJ5Fq/nwUxl4I3VyBTmYm1cd5TuVldj9roC1n5fVtUW; Expires=Thu, 15 Sep 2022 04:51:52 GMT; Path=/; SameSite=None; Secure
server: Apache
cache-control: max-age=900
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/YijRILGW6HrilTzd/img/thumbnail/yt_thumb_weird_shake_1-61e2890090e60.jpg

192.229.220.49

200 OK

235 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/YijRILGW6HrilTzd/img/thumbnail/yt_thumb_weird_shake_1-61e2890090e60.jpg
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x1015, components 3\012- data
Size
235 kB (235133 bytes)
Hash
5516a957239b7baaaae7243bdcc0a56b
4752b27d5ad36b2959823d9a25c9460e30cc14dd
24f78b740cc3f63b64d337800d6cc9a240e44b3e60cd8da71fc71e3d00577828

HTTP Headers

GET /video/QrADs9TA/YijRILGW6HrilTzd/img/thumbnail/yt_thumb_weird_shake_1-61e2890090e60.jpg HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type
age: 20372909
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: image/jpeg
date: Thu, 08 Sep 2022 04:51:52 GMT
etag: "5516a957239b7baaaae7243bdcc0a56b"
expires: Sun, 03 Sep 2023 04:51:52 GMT
last-modified: Sat, 15 Jan 2022 08:42:40 GMT
server: ECAcc (ska/F79B)
x-cache: HIT
x-goog-generation: 1642236160733833
x-goog-hash: crc32c=xKbxxA==, md5=VRapVyObe6qq5yQ73MClaw==
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 235133
x-guploader-uploadid: ADPycds2vIWNBcOyEuWXNYvKAJWOEkzTuxkEqYzGRR3a1s4DrjrY6xKydFHQzbjXUe23KbjMNE1Vxz53UrbQthW16uYtl9qgRw
content-length: 235133
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/stream.mpd

192.229.220.49

200 OK

3.5 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/stream.mpd
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
XML 1.0 document text\012- XML document, ASCII text
Size
3.5 kB (3538 bytes)
Hash
8eb2c15b48606ef8ff79ab1cbba9cd4b
3bdc3853f43c4372d8181d99e4eff45d8b32f19b
eaf385840a68767a6be4302aac2d642dd02189f62c434040b29a0613fb49bf7b

HTTP Headers

GET /video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/stream.mpd HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 1203132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: application/dash+xml
date: Thu, 08 Sep 2022 04:51:52 GMT
etag: "8eb2c15b48606ef8ff79ab1cbba9cd4b"
expires: Sun, 03 Sep 2023 04:51:52 GMT
last-modified: Tue, 23 Aug 2022 09:42:13 GMT
server: ECAcc (ska/F72E)
x-cache: HIT
x-goog-generation: 1661247733051411
x-goog-hash: crc32c=g5j1bg==, md5=jrLBW0hgbvj/eascu6nNSw==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3538
x-guploader-uploadid: ADPycdtWrC468FwH0708xJWW1fJDkR3YMLRAp5-SH7ziTzzeLYZ_iusiHfCxNTLK6hEIbo7KatJ_6Gy_F2LRHenccv9fLjBsJMpz
content-length: 3538
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
a33b0c1981c2e5a934b35a4e14c7ac55
65b8e851d4e204a63fe078569cb3341d0abb7e7d
1d109b906a001a2929070fee948c0dbb00e7aa87697d9814bd4dbbb66d3603ea

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 08 Sep 2022 04:51:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 07 Sep 2022 21:16:43 GMT
Expires: Thu, 08 Sep 2022 21:16:43 GMT
ETag: "65b8e851d4e204a63fe078569cb3341d0abb7e7d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.163

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:32:09 GMT
expires: Thu, 07 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 33583
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/licensing

35.190.27.197

200 OK

117 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/licensing
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
117 B (117 bytes)
Hash
f90d2c53623621471228392bf3047e2a
b9f0bb5e8fd5fd97cb47a25edb9b6950ad51627e
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

HTTP Headers

POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 105
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: v1.53.0
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: application/json
content-length: 117
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics.tiktok.com/i18n/pixel/identify.js

104.84.152.241

200 OK

31 kB

URL HTTP/2
analytics.tiktok.com/i18n/pixel/identify.js
IP
104.84.152.241:0
ASN
#20940 Akamai International B.V.

File type
data
Size
31 kB (31063 bytes)
Hash
edc58d202c2a66d239c45b8bac415b9e
afe1a48dd0a73e5c4b25980b4780d06b6fbf3be3
2bb0d73dc1b098fdc711e236eec9f6e8bd401c8e3a20ae06581460d578c16c66

HTTP Headers

GET /i18n/pixel/identify.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20220908045152580F8B8DE4AF0D4057CD
x-tt-trace-host: 014c3d3a48b720cad047ee4725ef00c61e38a0d78b3a2a780a7134bf39a63bb315062d5da21cbb9963022f26fe2bc8bd277d0c41fb2c9558eb0500133a18cd35b26ceb51fda70e8c395b980e860ff4563bae998b68a4112e6d8a688848eb26cf7b
content-encoding: gzip
x-origin-response-time: 12,23.194.131.159
x-akamai-request-id: 5bdfa315.5255a979
expires: Thu, 08 Sep 2022 04:51:52 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Sep 2022 04:51:52 GMT
x-cache: TCP_MISS from a104-84-152-237.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-194-131-159.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=106, origin; dur=12, inner; dur=3
x-parent-response-time: 116,104.84.152.237
X-Firefox-Spdy: h2

licensing.bitmovin.com/licensing

35.227.229.24

200 OK

165 B

URL HTTP/2
licensing.bitmovin.com/licensing
IP
35.227.229.24:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
165 B (165 bytes)
Hash
bad32d07dc1ad9e3d334785067afbf34
653f8f612c6646daae0122b3b27e2c11486f86a4
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

HTTP Headers

POST /licensing HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 149
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Thu, 08 Sep 2022 04:51:52 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
a33b0c1981c2e5a934b35a4e14c7ac55
65b8e851d4e204a63fe078569cb3341d0abb7e7d
1d109b906a001a2929070fee948c0dbb00e7aa87697d9814bd4dbbb66d3603ea

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 08 Sep 2022 04:51:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 07 Sep 2022 21:16:43 GMT
Expires: Thu, 08 Sep 2022 21:16:43 GMT
ETag: "65b8e851d4e204a63fe078569cb3341d0abb7e7d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

stats.vidalytics.com/awesome-log?cid=QrADs9TA

34.107.158.93

200 OK

43 B

URL HTTP/2
stats.vidalytics.com/awesome-log?cid=QrADs9TA
IP
34.107.158.93:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /awesome-log?cid=QrADs9TA HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: istio-envoy
date: Thu, 08 Sep 2022 04:51:53 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, public, max-age=2592000
etag: "QrADs9TA/qQYyuYXVuTZnVSsn"
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
x-envoy-upstream-service-time: 419
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/licensing

35.190.27.197

200 OK

117 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/licensing
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
117 B (117 bytes)
Hash
f90d2c53623621471228392bf3047e2a
b9f0bb5e8fd5fd97cb47a25edb9b6950ad51627e
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

HTTP Headers

POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 105
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: v1.53.0
date: Thu, 08 Sep 2022 04:51:53 GMT
content-type: application/json
content-length: 117
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

flatbellyshake.com/images/favicon-red.png

172.66.43.176

200 OK

2.9 kB

URL HTTP/2
flatbellyshake.com/images/favicon-red.png
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2926 bytes)
Hash
187a7b38f74555b43b8170f85fa5bdf3
d30b6f1ad8c633b636207457b379cde0b5739560
71d5e2b9f5fe210205a258a1b25723ca4bbc4485269250589abd8688f201c115

HTTP Headers

GET /images/favicon-red.png HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2; affiliate=mamaia; affiliate.sig=h2TXYsaXHDQmIjbOHt0ICmxjDI8; bitmovin_analytics_uuid=6359b9ee-4ca6-442e-b73b-776a9240d1d8; timer_93_=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:53 GMT
content-type: image/png
content-length: 2926
last-modified: Thu, 05 May 2022 10:21:38 GMT
etag: "6273a532-b6e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpZXZ1N84lZpMbeA9rE8Ggfd3Zsq2674QSf%2FDK1jHt%2FvNGa4ujOZR7y2FsO3ySt%2F3yLClUiYnfWwbu82J7NoOzAEcv5RXtlIF10yd%2BH8V88drc7ldEzBLv%2F%2BuMnmTPiSoo9NbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74751250fff70b51-OSL
X-Firefox-Spdy: h2

stats.vidalytics.com/awesome-log?cid=QrADs9TA

34.107.158.93

304 Not Modified

0 B

URL HTTP/2
stats.vidalytics.com/awesome-log?cid=QrADs9TA
IP
34.107.158.93:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /awesome-log?cid=QrADs9TA HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-None-Match: "QrADs9TA/qQYyuYXVuTZnVSsn"
TE: trailers

HTTP/2 304 Not Modified
server: istio-envoy
date: Thu, 08 Sep 2022 04:51:53 GMT
content-length: 43
cache-control: no-cache, public, max-age=2592000
etag: "QrADs9TA/qQYyuYXVuTZnVSsn"
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
x-envoy-upstream-service-time: 14
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_0.webm

192.229.220.49

200 OK

96 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_0.webm
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
data
Size
96 kB (96072 bytes)
Hash
24cc00ed60aadb57786e87d81508aecb
1804144eb45bc04d11617d10fb5a9d3bf0af58c8
e2c5227cf99ddf4d0631db825d696966e54db2c57280cdbd5c504374c7705ddc

HTTP Headers

GET /video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_0.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 1167766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: video/mp4
date: Thu, 08 Sep 2022 04:51:53 GMT
etag: "24cc00ed60aadb57786e87d81508aecb"
expires: Sun, 03 Sep 2023 04:51:53 GMT
last-modified: Tue, 23 Aug 2022 09:37:06 GMT
server: ECAcc (ska/F6EF)
x-cache: HIT
x-goog-generation: 1661247426568984
x-goog-hash: crc32c=DSugvA==, md5=JMwA7WCq21d4bofYFQiuyw==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 96072
x-guploader-uploadid: ADPycdvQYsv83YXxjIXmc81AS1iqSeQZQfKZ7L8zRIkoDqrN-bvdMZu0LemNiLxe1QJBx8A7yRrFWOyk84h1aH1qIoWhKckjKweS
content-length: 96072
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
19a0b8437f7bf54428901512d8093e72
31997bc2337ea2ac58e23fb644dc4161b5bb2a3a
e1336c57b4d7985f157eb67149002cc19b093ef343bfae924826f8fc6958ab10

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Sep 2022 04:51:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 13:41:36 GMT
Expires: Wed, 14 Sep 2022 13:41:35 GMT
Etag: "31997bc2337ea2ac58e23fb644dc4161b5bb2a3a"
Cache-Control: max-age=549581,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747512512d5f1c16-OSL

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1244
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.0
date: Thu, 08 Sep 2022 04:51:53 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1243
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.0
date: Thu, 08 Sep 2022 04:51:52 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics.tiktok.com/api/v2/pixel

104.84.152.241

200 OK

0 B

URL HTTP/2
analytics.tiktok.com/api/v2/pixel
IP
104.84.152.241:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 761
Origin: https://go.maxweb.com
Connection: keep-alive
Referer: https://go.maxweb.com/
Cookie: _ttp=2ETHZwMwEwuHg2x4kzCduw7laGE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20220908045153607D1EA91F827C529CFE
x-tt-trace-host: 014c3d3a48b720cad047ee4725ef00c61e38a0d78b3a2a780a7134bf39a63bb315a806b94f42c1b241ffd9265de2564ffacbab7ad58a708d9c427a39658613c4f9bf464aa3280bbc6d43b63f8ed07cfb22432765454b6353c354b706835901707b
x-origin-response-time: 14,23.34.240.204
x-akamai-request-id: 1af5f7b3.5255af50
expires: Thu, 08 Sep 2022 04:51:53 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Sep 2022 04:51:53 GMT
x-cache: TCP_MISS from a104-84-152-237.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-cache-remote: TCP_MISS from a23-34-240-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=14, inner; dur=12
x-parent-response-time: 114,104.84.152.237
X-Firefox-Spdy: h2

seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png

82.102.27.18

200 OK

4.4 kB

URL HTTP/2
seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
IP
82.102.27.18:0
ASN
#9009 M247 Ltd

File type
PNG image data, 153 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
4.4 kB (4386 bytes)
Hash
a157b7fe307c83a570d4a17db8f88b9c
6a796522fa4413f05eaf177858c050425d36de7a
e05e7db7ecb8d106f3f44c144c367f38a1fe5127f3a436c705c7f80b192fe3ab

HTTP Headers

GET /seals/blue-seal-153-100-clickbank-5004291.png HTTP/1.1
Host: seal-boise.bbb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: keycdn-engine
date: Thu, 08 Sep 2022 04:51:53 GMT
content-type: image/png
content-length: 4386
cache-control: max-age=14400
expires: Thu, 08 Sep 2022 08:51:53 GMT
last-modified: Thu, 08 Sep 2022 02:31:17 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
x-shield: active
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_1.webm

192.229.220.49

200 OK

68 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_1.webm
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
data
Size
68 kB (68135 bytes)
Hash
80214b2e4f89c711564f33122c75c794
92872b6a98bf8d0572a4405df07f34c417f1bf62
b78f04a85d5cecae4468b8f507078bbdcbbcf7b84aee298f5b4ea2330a35ae57

HTTP Headers

GET /video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_1.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 1203127
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: video/mp4
date: Thu, 08 Sep 2022 04:51:53 GMT
etag: "80214b2e4f89c711564f33122c75c794"
expires: Sun, 03 Sep 2023 04:51:53 GMT
last-modified: Tue, 23 Aug 2022 09:36:58 GMT
server: ECAcc (ska/F72F)
x-cache: HIT
x-goog-generation: 1661247417995023
x-goog-hash: crc32c=854nWw==, md5=gCFLLk+JxxFWTzMSLHXHlA==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 68135
x-guploader-uploadid: ADPycdsbBwVD_Ht1_NBPTBYyBrz-_3CIWPjKbIUI60Jm9lql8oXkAxs90YFG9LGLqFnx-oTOS5Z4iBSJZcfgqB56qMSjLb3zYsS9
content-length: 68135
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_2.webm

192.229.220.49

200 OK

85 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_2.webm
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
data
Size
85 kB (84598 bytes)
Hash
b7800eec26a87421c996dfb85bc3e9e1
20ad4c4531fc58ea3502efbd01552308552977fc
54e20774110f787e0b9d5eda0ac7bc208406e71199911db52a73b2fd36539b0a

HTTP Headers

GET /video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_2.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 1203125
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: video/mp4
date: Thu, 08 Sep 2022 04:51:53 GMT
etag: "b7800eec26a87421c996dfb85bc3e9e1"
expires: Sun, 03 Sep 2023 04:51:53 GMT
last-modified: Tue, 23 Aug 2022 09:37:12 GMT
server: ECAcc (ska/F6A8)
x-cache: HIT
x-goog-generation: 1661247432489242
x-goog-hash: crc32c=Ps6lDA==, md5=t4AO7CaodCHJlt+4W8Pp4Q==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 84598
x-guploader-uploadid: ADPycdtJ7zMBmIS-KfNR4qJWL3PFl2w2qoni5JdFr0g3amaTo-VKr42pOtY5bSHEDSfAS1cvJ9B_o8XcAZTgWLn5Yu__gXRYQNRI
content-length: 84598
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

34.107.158.93

200 OK

16 B

URL HTTP/2
stats.vidalytics.com/scribe
IP
34.107.158.93:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 359
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Thu, 08 Sep 2022 04:51:53 GMT
content-length: 16
x-envoy-upstream-service-time: 3
server: istio-envoy
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_3.webm

192.229.220.49

200 OK

99 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_3.webm
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
data
Size
99 kB (98640 bytes)
Hash
4198002352e3f35d237132efbf9debef
2d85e0a85630498c9e349691761830db9152e41f
ce34687462840bd8c8ee673487a786cdd0e75e1e7cc014556b0a5b9c8c31104c

HTTP Headers

GET /video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_3.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 1203123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: video/mp4
date: Thu, 08 Sep 2022 04:51:53 GMT
etag: "4198002352e3f35d237132efbf9debef"
expires: Sun, 03 Sep 2023 04:51:53 GMT
last-modified: Tue, 23 Aug 2022 09:37:12 GMT
server: ECAcc (ska/F68A)
x-cache: HIT
x-goog-generation: 1661247432778238
x-goog-hash: crc32c=x2DxjA==, md5=QZgAI1Lj810jcTLvv53r7w==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 98640
x-guploader-uploadid: ADPycdv9KHxbWNtAtW6AQ2ngLLVYH_eDl092GiRgT6ZW1QUMR8atVZvOGuAd_m_kPeB_VqnlES1Mas47fbdPWBRv7cw4U1iFY2MR
content-length: 98640
X-Firefox-Spdy: h2

licensing.bitmovin.com/licensing

35.227.229.24

200 OK

165 B

URL HTTP/2
licensing.bitmovin.com/licensing
IP
35.227.229.24:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
165 B (165 bytes)
Hash
bad32d07dc1ad9e3d334785067afbf34
653f8f612c6646daae0122b3b27e2c11486f86a4
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

HTTP Headers

POST /licensing HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 149
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Thu, 08 Sep 2022 04:51:53 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png

143.204.55.111

200 OK

3.5 kB

URL HTTP/2
prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
IP
143.204.55.111:0
ASN
#16509 AMAZON-02

File type
PNG image data, 472 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3472 bytes)
Hash
47cdefc96f75be3d978d4b444737b00e
c9d8540c17ed48b72be610bb5795120e4d560d6f
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308

HTTP Headers

GET /dist/assets/logo-header-two-tone-en.png HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 3472
date: Thu, 08 Sep 2022 04:51:54 GMT
last-modified: Mon, 21 Dec 2020 21:57:35 GMT
x-amz-version-id: rgVoO.sKTwEpJN65bYI.UT4E8UVMZSpC
etag: "47cdefc96f75be3d978d4b444737b00e"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zN06cAeMsTX1hqz7-eTgKsLVcBadgCtI6mLBu_ehU-aqxBzYEFfAnw==
X-Firefox-Spdy: h2

prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png

143.204.55.111

200 OK

4.3 kB

URL HTTP/2
prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
IP
143.204.55.111:0
ASN
#16509 AMAZON-02

File type
PNG image data, 321 x 63, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4341 bytes)
Hash
c06ae1ecaaf7e0610c68af117658a7e0
337cc86d38734fd76333c063366ec36e7a7d343a
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb

HTTP Headers

GET /dist/assets/logo-tab-two-tone-en.png HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 4341
date: Thu, 08 Sep 2022 04:51:54 GMT
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
x-amz-version-id: 65GBUS1AcRJNN3GRB3Nf3yY51OsdERt0
etag: "c06ae1ecaaf7e0610c68af117658a7e0"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cog_vvznNsv2LFEmJCFvcrPzJRG0WOFiaA7s72kPo53CyxFFOy-Wag==
X-Firefox-Spdy: h2

prod.cbstatic.net/dist/i18n/app-strings-en.json

143.204.55.111

200 OK

9 B

URL HTTP/2
prod.cbstatic.net/dist/i18n/app-strings-en.json
IP
143.204.55.111:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
cdfca8b09e61ae7324e48f01984c9b34
874b413675711909229ca228efea613383d6a9a4
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c

HTTP Headers

GET /dist/i18n/app-strings-en.json HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 9
date: Thu, 08 Sep 2022 04:51:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
x-amz-version-id: ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
etag: "cdfca8b09e61ae7324e48f01984c9b34"
server: AmazonS3
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KZe7lVDMvBlSjrlIBfZTuZktAuJmijyrfq5Vmwl8KErImzeYKNzOYA==
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_4.webm

192.229.220.49

200 OK

98 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_4.webm
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
data
Size
98 kB (98098 bytes)
Hash
f8a02cbb851f8b182a1f3f8800be7cbc
1a7fe7b08853f7e92905baf2dfc2aa02f0e7b1e3
c1f0e0c8d587489a22b95b4b8c13fbbfb8f29391ef8fb0558585b2dc8cda4380

HTTP Headers

GET /video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_4.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 1203120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: video/mp4
date: Thu, 08 Sep 2022 04:51:53 GMT
etag: "f8a02cbb851f8b182a1f3f8800be7cbc"
expires: Sun, 03 Sep 2023 04:51:53 GMT
last-modified: Tue, 23 Aug 2022 09:37:12 GMT
server: ECAcc (ska/F792)
x-cache: HIT
x-goog-generation: 1661247432558684
x-goog-hash: crc32c=1eIdWw==, md5=+KAsu4UfixgqHz+IAL58vA==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 98098
x-guploader-uploadid: ADPycds8RkZz2Af42xv4G5r1GimuFkravcJIWuFtV-k0BEVtHhsV-qberDaE2XaGbjs3Jp8-WPzUqA7sBxhVFkA8VBYSEoFgwwaO
content-length: 98098
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_5.webm

192.229.220.49

200 OK

98 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_5.webm
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
data
Size
98 kB (97487 bytes)
Hash
52c1a25b13f6a4eabd29dc9379d5ec41
3c199e5b5b5b7c3cf577847028a161dd248dbb57
3eeb5f86804c965897fa4891f5db1842101cac07cdff27ea62ec2963a846ade8

HTTP Headers

GET /video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_5.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 1203119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: video/mp4
date: Thu, 08 Sep 2022 04:51:53 GMT
etag: "52c1a25b13f6a4eabd29dc9379d5ec41"
expires: Sun, 03 Sep 2023 04:51:53 GMT
last-modified: Tue, 23 Aug 2022 09:37:11 GMT
server: ECAcc (ska/F773)
x-cache: HIT
x-goog-generation: 1661247431806913
x-goog-hash: crc32c=/07OBg==, md5=UsGiWxP2pOq9KdyTedXsQQ==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 97487
x-guploader-uploadid: ADPycduVqXq1wF7arVhR41mfeus3wKgrJjZfIvGUffJEDOUuuJxLDGw4lQYX_sRrjjcpif_VCORzzEUJlXGtO1L4YQE-Zq94nVTh
content-length: 97487
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

34.107.158.93

200 OK

16 B

URL HTTP/2
stats.vidalytics.com/scribe
IP
34.107.158.93:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 492
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Thu, 08 Sep 2022 04:51:53 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_6.webm

192.229.220.49

200 OK

69 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_6.webm
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
data
Size
69 kB (68898 bytes)
Hash
bfc8a10e4cc34160c723932b58b01f99
ec9e7aeeee7ec226b82dda869a8a0b4999be45cd
3d6ddbb6ac56ac1f1686952e14fd8a6e7ea79bb4a9a34b4055f0f1a3fca1e921

HTTP Headers

GET /video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_6.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 1203116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: video/mp4
date: Thu, 08 Sep 2022 04:51:53 GMT
etag: "bfc8a10e4cc34160c723932b58b01f99"
expires: Sun, 03 Sep 2023 04:51:53 GMT
last-modified: Tue, 23 Aug 2022 09:37:19 GMT
server: ECAcc (ska/F72D)
x-cache: HIT
x-goog-generation: 1661247439811965
x-goog-hash: crc32c=Ay7HlA==, md5=v8ihDkzDQWDHI5MrWLAfmQ==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 68898
x-guploader-uploadid: ADPycdsyePvtFkPNcc-7N6uTDxPg533LccGSLwr3DHKBYklNxE9urwylBaGTVCv6ZHodVuUHL1GVfMYJzPIHo_EdO_blLg
content-length: 68898
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_7.webm

192.229.220.49

200 OK

93 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_7.webm
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
data
Size
93 kB (93422 bytes)
Hash
ad785d45c24479848347b6bc23aa0795
75d1dec22dc7141c53f2057e1f185fb177368626
6df63d36932c3c1a30b07439e9be9f893f36f76d2b009ee421b03e29fc06d291

HTTP Headers

GET /video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_7.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 1203114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: video/mp4
date: Thu, 08 Sep 2022 04:51:53 GMT
etag: "ad785d45c24479848347b6bc23aa0795"
expires: Sun, 03 Sep 2023 04:51:53 GMT
last-modified: Tue, 23 Aug 2022 09:37:11 GMT
server: ECAcc (ska/F7A8)
x-cache: HIT
x-goog-generation: 1661247431275929
x-goog-hash: crc32c=Y9d7Xg==, md5=rXhdRcJEeYSDR7a8I6oHlQ==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 93422
x-guploader-uploadid: ADPycdtkuFDOsRjTZCu0cPR-59quuj8TnysYZRvwp8Fj44cRWrmNgY5E3LXxZXzMo-pqmTRW-9KPmWbD2-TD84KM_skAJw
content-length: 93422
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_8.webm

192.229.220.49

200 OK

92 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_8.webm
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
data
Size
92 kB (92426 bytes)
Hash
86342da0a85db867ecb412ff7a519184
1e703a1237498b024f4c2507dc47bcd2819c3c48
7a4eebef3e34116a93f6d603a35d5e33cb9f223d3a0b1675cddec7debcdf17dd

HTTP Headers

GET /video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_8.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 1203111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: video/mp4
date: Thu, 08 Sep 2022 04:51:53 GMT
etag: "86342da0a85db867ecb412ff7a519184"
expires: Sun, 03 Sep 2023 04:51:53 GMT
last-modified: Tue, 23 Aug 2022 09:37:17 GMT
server: ECAcc (ska/F6C1)
x-cache: HIT
x-goog-generation: 1661247437711994
x-goog-hash: crc32c=OI9paw==, md5=hjQtoKhduGfstBL/elGRhA==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 92426
x-guploader-uploadid: ADPycdtxtGy2mf8n7ffDK0XjWwpaxRrajV3ULWB7523KLy9PdH3KAvviJ_f_5o8_RgWuTPgY-DB164pBYDOZhiZflrXGLM6oUvi0
content-length: 92426
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_9.webm

192.229.220.49

200 OK

70 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_9.webm
IP
192.229.220.49:0
ASN
#15133 EDGECAST

File type
data
Size
70 kB (69709 bytes)
Hash
74936ad72c687b9614f157b36be228d9
097c7c5467677aa30605df677a01d4bc1e02a5f8
77768eba26e91bf3c7b071a70e644ccb84889d62f70e8f3de3a08fc2d4a72b96

HTTP Headers

GET /video/QrADs9TA/Q7u3oT07Nau7FQCk/73357/63441/webm/video/320x480_vp9_225000/s_9.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flatbellyshake.com
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
age: 1203109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31104000
content-type: video/mp4
date: Thu, 08 Sep 2022 04:51:53 GMT
etag: "74936ad72c687b9614f157b36be228d9"
expires: Sun, 03 Sep 2023 04:51:53 GMT
last-modified: Tue, 23 Aug 2022 09:37:12 GMT
server: ECAcc (ska/F79F)
x-cache: HIT
x-goog-generation: 1661247432339861
x-goog-hash: crc32c=ODuqOA==, md5=dJNq1yxoe5YU8Veza+Io2Q==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 69709
x-guploader-uploadid: ADPycdugGtbc8YmVIz6pc5FV4qHMwlYc6YoeqjJFo7PuA4NBQdREosrUUsYTOGGLl4btNpn5WQp-fFuQopyJ5gEezIJbMQ
content-length: 69709
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b1ceaeb-6cf1-42e7-b7e3-28eb631f4b98.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12131 bytes)
Hash
77aa1349e0d44b4756bbede0cbd05413
339fc154a29a7459101dd6125bebf38219bfd11a
74e6439067201bba5e0edc7fd477c62c0566c5fac30b035150d06fea2d30cce0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b1ceaeb-6cf1-42e7-b7e3-28eb631f4b98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 12131
x-amzn-requestid: c190466e-eab9-4705-be7e-9724d240a1a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9VNF8BoAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f54-0f718d821b0107bb1b1474a9;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:28 GMT
x-amz-cf-pop: SFO20-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: f88GXTqODlTXl1sX4BakGIcPj0sGV6IUQ3R8zpBQwg-QEGe3YstK0Q==
via: 1.1 36cc13280ef76bb2fee6ae5eed6fec2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:47:44 GMT
age: 25454
etag: "339fc154a29a7459101dd6125bebf38219bfd11a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/js/jquery.js

172.66.43.176

200 OK

0 B

URL HTTP/2
flatbellyshake.com/discovery/js/jquery.js
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /discovery/js/jquery.js HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: application/javascript
last-modified: Thu, 03 Jun 2021 13:47:30 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"60b8dd72-17bdf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 141964
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jOMqOi02yLd7pUm1cJMp1Buy9ENuqhP0T11LfSZkwOCSaO2%2ByQ28oDh9l0oa4ksEp7EusjxDn%2BNjbK55UIR4BMsuCSyrCtqtBYfMiaZU35Ac4CC2cbzRovy1MjFeWgAamBe8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512483a1c0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/images/buy-now.svg

172.66.43.176

200 OK

0 B

URL HTTP/2
flatbellyshake.com/discovery/images/buy-now.svg
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /discovery/images/buy-now.svg HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:52 GMT
content-type: image/svg+xml
last-modified: Fri, 22 Apr 2022 10:09:09 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"62627ec5-11a3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8naeIgJ%2FVm5JGlcrx9ZgnajRpsZCELr36C8LheQg7Qoyzknpq%2Bo9ZhiK7NMhYsPkGlLNvggCUJ9tlHrM01EuxRz3PrLXORffBx3GYECnvtCCPQtMPvWqdji9gBzw01iqZmJRZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7475124819f20b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Sep 2022 04:51:51 GMT
date: Thu, 08 Sep 2022 04:51:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Open+Sans:wght@300;400;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Sep 2022 04:51:51 GMT
date: Thu, 08 Sep 2022 04:51:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

analytics.tiktok.com/i18n/pixel/config.js?sdkid=CBUEFNBC77U1OJP1HD90&hostname=go.maxweb.com

104.84.152.241

200 OK

0 B

URL HTTP/2
analytics.tiktok.com/i18n/pixel/config.js?sdkid=CBUEFNBC77U1OJP1HD90&hostname=go.maxweb.com
IP
104.84.152.241:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /i18n/pixel/config.js?sdkid=CBUEFNBC77U1OJP1HD90&hostname=go.maxweb.com HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20220908045152BD5F5DDC7CA92445A90C
x-tt-trace-host: 014c3d3a48b720cad047ee4725ef00c61e38a0d78b3a2a780a7134bf39a63bb315ed11993fe985a51be81e731b64aa3a4e2b6ae267dd8283af334330b2114332759d7c84cd25ab2543e601566fcf56e2233aef115b338652730d983169e89b450d
content-encoding: gzip
x-origin-response-time: 9,23.220.107.13
x-akamai-request-id: 81c56bc3.5255a99f
expires: Thu, 08 Sep 2022 04:51:52 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Sep 2022 04:51:52 GMT
x-cache: TCP_MISS from a104-84-152-237.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
vary: Accept-Encoding
set-cookie: _ttp=2ETHZwMwEwuHg2x4kzCduw7laGE; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-220-107-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=9, inner; dur=5
x-parent-response-time: 109,104.84.152.237
X-Firefox-Spdy: h2

prod.cbstatic.net/dist/injectable.js

143.204.55.111

200 OK

0 B

URL HTTP/2
prod.cbstatic.net/dist/injectable.js
IP
143.204.55.111:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/injectable.js HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 08 Sep 2022 04:51:53 GMT
last-modified: Mon, 21 Dec 2020 21:57:37 GMT
x-amz-version-id: RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
etag: W/"af651c30e1a69f6f2124e9c1d094a300"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: okwQSQvMmU7MloBFuZ_hde7iK29yf_bWW2_cox-VLi1tLf9_Wsjchg==
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/css/extra.css

172.66.43.176

200 OK

0 B

URL HTTP/2
flatbellyshake.com/discovery/css/extra.css
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /discovery/css/extra.css HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: text/css
last-modified: Thu, 03 Jun 2021 13:46:28 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"60b8dd34-505"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 141964
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJf%2FlI2S5jbZtICdLBWTfoThgHvAd8x0aVQKQABgAURatYB9YaAsfTe8dofPhCX3pC7VchS3LTJxdvx7%2Fp6ee%2BizZGrQ5DUMrb90NSislPc3TF7dEmqA3rt%2BKtAcaW655hJP4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7475124819ee0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Oswald:wght@200;300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Sep 2022 04:51:51 GMT
date: Thu, 08 Sep 2022 04:51:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

go.maxweb.com/conversion/iframe/?a=7082&token=2303427b38436c758abe1099507ebe22

172.66.43.113

200 OK

0 B

URL HTTP/2
go.maxweb.com/conversion/iframe/?a=7082&token=2303427b38436c758abe1099507ebe22
IP
172.66.43.113:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /conversion/iframe/?a=7082&token=2303427b38436c758abe1099507ebe22 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 08 Sep 2022 05:51:51 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 747512480f26b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/js/bounceback.min.js

172.66.43.176

200 OK

0 B

URL HTTP/2
flatbellyshake.com/discovery/js/bounceback.min.js
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /discovery/js/bounceback.min.js HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:52 GMT
content-type: application/javascript
last-modified: Thu, 03 Jun 2021 13:47:29 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"60b8dd71-b20"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYKWlYeF2fIRzFR0Hp0dmIHqRg7bT%2BMplgI6f%2FiyytlIU0kOU8B0dax3ouOt4a7Jk8mIrPoFUND9Usl0gsIrRIDR296zg2cJ6tnegNZboc9YnjdJ%2FqezA06MLPMqaeoyR8UIzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512483a1e0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

split.to/lanta

172.67.186.247

302 Found

0 B

URL HTTP/2
split.to/lanta
IP
172.67.186.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lanta HTTP/1.1
Host: split.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Thu, 08 Sep 2022 04:51:50 GMT
content-type: text/html; charset=utf-8
location: https://hop.clickbank.net/?affiliate=mamaia&vendor=fbshake&tid=lantbm1
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-robots-tag: none
vary: Accept, Accept-Encoding
via: 1.1 vegur
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xuAvKObMl6bH1VNMCKn%2FRjTUl4Zrnk6w8tL47GzL4%2BmCJtomsFQcuV4qI6EfKRizXvCiI0Xaas7YwCyXd6GIWF7KC4q9i0pBphEgvRqiInxpbyjMH3bPTNo%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7475123c9ac40b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/css/vsl-home.css?v2.15

172.66.43.176

200 OK

0 B

URL HTTP/2
flatbellyshake.com/discovery/css/vsl-home.css?v2.15
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /discovery/css/vsl-home.css?v2.15 HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: text/css
last-modified: Wed, 25 Aug 2021 06:36:44 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6125e4fc-25c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 141964
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItCR21S8R7%2B51DJlgSQmn4UQthlW8N7s%2FTZiqs6%2Bna9nJ2YzK%2Ffe6ohsVJm0nKN8Ed4q5JtAdlZKdmHhvQDfX4cuWw%2BjAoJLmT1p4WziYzT%2Fl%2FIfCdnbpshcs42AuJuqcTtuvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7475124809ec0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

flatbellyshake.com/discovery/css/bootstrap.css

172.66.43.176

200 OK

0 B

URL HTTP/2
flatbellyshake.com/discovery/css/bootstrap.css
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /discovery/css/bootstrap.css HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: text/css
last-modified: Thu, 03 Jun 2021 13:46:30 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"60b8dd36-254bf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 141964
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReeL6IPET2WmAX8dd0yhRhyz8FQnNwa8QnudYk%2FFN4ozII6wJo2QZqwL%2FO89adReSrRxaoF%2BRA%2BPx9VN3us%2B3Uj6Ww0xm6aysXi5OYbXF80rcDiE%2FIV34KqE%2FqRx4h4yidRuWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7475124809ea0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@100;200;300;400;500;600;700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@100;200;300;400;500;600;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=IBM+Plex+Sans:wght@100;200;300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Sep 2022 04:51:51 GMT
date: Thu, 08 Sep 2022 04:51:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

flatbellyshake.com/api/visits?page_id=14&page_version=b&request_id=AC471A22%3A2F64_D197C0D8%3A01BB_631974E7_30CA7%3AA16EC&querystring=hop%3Dmamaia&fbclid=&fbp=&fbc=&referrer=

172.66.43.176

200 OK

0 B

URL HTTP/2
flatbellyshake.com/api/visits?page_id=14&page_version=b&request_id=AC471A22%3A2F64_D197C0D8%3A01BB_631974E7_30CA7%3AA16EC&querystring=hop%3Dmamaia&fbclid=&fbp=&fbc=&referrer=
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/visits?page_id=14&page_version=b&request_id=AC471A22%3A2F64_D197C0D8%3A01BB_631974E7_30CA7%3AA16EC&querystring=hop%3Dmamaia&fbclid=&fbp=&fbc=&referrer= HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flatbellyshake.com/discovery?hop=mamaia
Cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; cbst-87-pv=b|2022-09-06T15:43:53.253Z; cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; uid=wKhaA2MZdOe6KgBFA21KAg==; cnid=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' cbsplit.com;
set-cookie: affiliate=mamaia; path=/; expires=Fri, 08 Sep 2023 04:51:51 GMT; secure
affiliate.sig=h2TXYsaXHDQmIjbOHt0ICmxjDI8; path=/; expires=Fri, 08 Sep 2023 04:51:51 GMT; secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2%2B037qTGcFjiLn9hdTuNXFDcIr5GVCx8NlVh%2FKmOD0G%2BexgYhPO23vdSrsbvbusQlo8nDSmOhZz6DbFd5IEZzXHPd5FXH3wnqBQ0KAj3DZ4L9jp9aBeBIyAeWezhWkp34mY9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512487a680b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

flatbellyshake.com/discovery?hop=mamaia

172.66.43.176

200 OK

0 B

URL HTTP/2
flatbellyshake.com/discovery?hop=mamaia
IP
172.66.43.176:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /discovery?hop=mamaia HTTP/1.1
Host: flatbellyshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 08 Sep 2022 04:51:51 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' cbsplit.com;
cache-control: private
set-cookie: user_id=a3859b5e45cd56b7d5d0ecdb09ad65cd; path=/; expires=Wed, 08 Sep 2032 04:51:51 GMT; secure
user_id.sig=YJgfdBp5NK-lOsPCSa5OcDpZpEc; path=/; expires=Wed, 08 Sep 2032 04:51:51 GMT; secure
cbst-87-pv=b|2022-09-06T15:43:53.253Z; path=/; expires=Fri, 08 Sep 2023 04:51:51 GMT; secure; httponly
cbst-87-pv.sig=5YNhKkTJhr--cNLNmr8F6wnOzBI; path=/; expires=Fri, 08 Sep 2023 04:51:51 GMT; secure; httponly
persistedParams=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
persistedParams.sig=qQIP2OdsTFa87s1ohgL1NB6ingI; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
uid=wKhaA2MZdOe6KgBFA21KAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=2; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1EmAEgC3xbGF5IUpRzsFi8%2FpylI%2FA6F0gqF7gWYnMoG5v6ofciOY%2Bbxam5nziwYnQMaezpbkxuoUR2OvkFUGRKsx1wHpJ3iQOO4TvE4FCaRel5O%2FGApLqz6bpksgnrmPuPzDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 747512444f530b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations