| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash5d9435c884bf4a0777fdf4b57079ae09 7f04b9db47ffeec90ac6397416b7553e5336a550 fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7307
Expires: Sat, 25 Mar 2023 10:25:07 GMT
Date: Sat, 25 Mar 2023 08:23:20 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashdfd491ebe7381221b3674c2c8bf9e566 d2ac5badf17f348c28a52e9db10e6eb80e5a231a 34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9466
Expires: Sat, 25 Mar 2023 11:01:06 GMT
Date: Sat, 25 Mar 2023 08:23:20 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash84db75194692d4afe13196bda6f22da8 4c1f49bc973a4917f146d93c8d598344edc021f6 a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 08:15:22 GMT
content-type: application/json
age: 478
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/ | 69.172.200.220 | 301 Moved Permanently | 0 B |
IP69.172.200.220:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET / HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 25 Mar 2023 08:23:20 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=20
location: https://getglucotrust.me/
X-DIS-Request-ID: 73079b6f06c7ee41e8bcca509a449b33
Server: DOSarrest
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashdc2752d83fbed82852248898a132467a b27a6b4af2e07663a58cafb641513f7224c7a7c3 ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16400
Expires: Sat, 25 Mar 2023 12:56:40 GMT
Date: Sat, 25 Mar 2023 08:23:20 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashe7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8NVwsuYABBgn4Z40HaQhJ2YhTeHYKGTxK2fKpRQECee5YR8N6+njUIFvhMi42wK4FUkGz0UwrMkLOMhotoPmaA==
x-amz-request-id: J1QX5G9JNT7W0RP7
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 07:54:50 GMT
age: 1710
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 08:23:20 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7a1d2e3c7a1e78c94100acc50d1f4342 dd105683e3ad58800b928a6d0cef640ab6aac99c 9418a61e09b439cbd46aa7450a44b59faffd7c524f1820ef2ad94993c4f7a948
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9418A61E09B439CBD46AA7450A44B59FAFFD7C524F1820EF2AD94993C4F7A948"
Last-Modified: Sat, 25 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14016
Expires: Sat, 25 Mar 2023 12:16:56 GMT
Date: Sat, 25 Mar 2023 08:23:20 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 08:14:33 GMT
age: 527
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash717ebcc65cb1390c2509851bac7b5878 1e04e3058329f3809bc01022d441172dcacc1aaa 3c8d41efe14dc75e001ce50aae65e133d90bcb2e2f86b2426cefe7abe4c7b588
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3262
Expires: Sat, 25 Mar 2023 09:17:42 GMT
Date: Sat, 25 Mar 2023 08:23:20 GMT
Connection: keep-alive
|
|
| getglucotrust.me/images/Glucotrust-1-add.png | 69.172.200.220 | 200 OK | 17 kB |
URL HTTP/2getglucotrust.me/images/Glucotrust-1-add.png IP69.172.200.220:0
File typePNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data Hash99f46a93d9ed3197d285f0339be43dc8 2f12389985da1267e9fc720f1fb4235721383caa 80b03770b3b87294934aa0a7e18ee3a9d2bdc36a29e5c0e6c38da3bbffac6f73
GET /images/Glucotrust-1-add.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 17417
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-4409"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 4ab923b4e33650372cb568c9669e5c3d
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/images/biotin-capsule.jpg | 69.172.200.220 | 200 OK | 7.9 kB |
URL HTTP/2getglucotrust.me/images/biotin-capsule.jpg IP69.172.200.220:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 200x200, components 3\012- data Hashf2f8be8cf9e9c89e7c27133ca108dbca 3b8fb0c60a4f51bc7cd6add7041fe25c0cab1838 73febedde6669fbc1193017d5412824a06acad0eae3696e261cee27560b4a0a2
GET /images/biotin-capsule.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 7894
last-modified: Wed, 15 Feb 2023 03:53:00 GMT
etag: "63ec571c-1ed6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: a9ef806bd86cfb91d18a674229b34167
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/images/licorice-rrot.jpg | 69.172.200.220 | 200 OK | 6.1 kB |
URL HTTP/2getglucotrust.me/images/licorice-rrot.jpg IP69.172.200.220:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 200x200, components 3\012- data Hash133bae3208e731dc7a0e8cf600e07f54 75093be31777cded33b345d355b335c909d97d65 80067efcb835eebbfb1bc850e6f829cabe7a8abcf46c35a72b500c39949513e3
GET /images/licorice-rrot.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 6125
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-17ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 6e6493d1bf497b26c1d7a18c35efdc52
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/images/juniper-berries.jpg | 69.172.200.220 | 200 OK | 8.5 kB |
URL HTTP/2getglucotrust.me/images/juniper-berries.jpg IP69.172.200.220:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 200x200, components 3\012- data Hash804f2ff224162f5697368909e1725dfa 916a3df444886e8780d624e3e709147072f83f9f ff44da9fc41d6885c27b3e9193a47be0f4c35f24072aa34f60f91982465b6e59
GET /images/juniper-berries.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 8502
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-2136"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 4e15511fbc653dca75222bcac8c7bf3a
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/ | 69.172.200.220 | 200 OK | 36 kB |
IP69.172.200.220:0
Hashc30982c4737fbbcff7ffd746cd33fa5b 45e7299a9e9dbc1f4ae5114db0ed97cec22c2f21 d560f6d1f07bd0429d427a39200daa7e7f13b82444b9bd8260c361233ad1e1de
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET / HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; path=/; expires=Fri, 25 Mar 2033 08:23:20 GMT; secure
user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; path=/; expires=Fri, 25 Mar 2033 08:23:20 GMT; secure
persistedParams=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
persistedParams.sig=qQIP2OdsTFa87s1ohgL1NB6ingI; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
uid=wKhaAmQer3g1KABDB3D2Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=1; path=/
content-security-policy: frame-ancestors 'self' cbsplit.com getglucotrust.me getglucotrust-me.cbsplit.com getglucotrust.net ;
content-encoding: gzip
cache-control: private
x-dis-request-id: a6bae44d36cbce21cde5dc4eef820fa6
server: DOSarrest
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js | 151.101.129.229 | 200 OK | 32 kB |
URL HTTP/2cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js IP151.101.129.229:0
File typeASCII text, with very long lines (32058) Hash944d9771807290f738243183d6fcb598 452843976d3d88c515c832ac27580ce1944129fd 4093e5a7e9905f38584faf1cad17b8a0b0ebd88a5f5cd4e38e39f8d4583bcfa2
GET /npm/jquery@3.2.1/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.2.1
x-jsd-version-type: version
etag: W/"15283-EFUBjCirQQh++czv5BFgaJPavqI"
content-encoding: br
accept-ranges: bytes
date: Sat, 25 Mar 2023 08:23:21 GMT
age: 847414
x-served-by: cache-fra-eddf8230122-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31984
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css | 151.101.129.229 | 200 OK | 7.1 kB |
URL HTTP/2cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css IP151.101.129.229:0
File typeASCII text, with very long lines (30837) Hashdf4ce4b3229b67564170e16b78ebd9b6 7a6af7ba302e05cb0ee9d7de2ecf1c66e369999e 6c45a96bfcea221747bc984b29038d143980da6d4b01f8ca805f0720a2f1041c
GET /npm/font-awesome@4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.7.0
x-jsd-version-type: version
etag: W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
content-encoding: br
accept-ranges: bytes
date: Sat, 25 Mar 2023 08:23:21 GMT
age: 847416
x-served-by: cache-fra-eddf8230079-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7114
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash3a85d9c2de0b1015b62c81a1ab7fe625 389c7fe2d0d53ff607a3fd8e27283c8f1cb3a238 717fa1c4098bd6e282c24452a39aafc0b436941b2f398ef0086960effcc3f2ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 08:23:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/js/bootstrap.min.js | 151.101.129.229 | 200 OK | 16 kB |
URL HTTP/2cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/js/bootstrap.min.js IP151.101.129.229:0
File typeASCII text, with very long lines (55494) Hash685f5db11a6ca7c184f9087569dfb0f8 ee459d410406a02afceb4defe1bb4cc30be477c2 a43c965e5ee53378fd221c3531c953244c392a3ecc174f2107f121ee3414228d
GET /npm/bootstrap@4.2.1/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.2.1
x-jsd-version-type: version
etag: W/"d9df-3pCMntGE1061Jfp6MESbZ/w6HBQ"
content-encoding: br
accept-ranges: bytes
date: Sat, 25 Mar 2023 08:23:21 GMT
age: 847397
x-served-by: cache-fra-eddf8230070-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15488
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/images/cart/Glucotrust_cart_6.png | 69.172.200.220 | 200 OK | 60 kB |
URL HTTP/2getglucotrust.me/images/cart/Glucotrust_cart_6.png IP69.172.200.220:0
File typePNG image data, 400 x 892, 8-bit colormap, non-interlaced\012- data Hash2b3e60b414eaa69e1b49c1250207ad06 88ed82000079cf89dbb90c89d89e7f5633fb21b7 043cb0a4512932513220da1686c68868330ee0e4fe4253bf238b4de0e20e8c73
GET /images/cart/Glucotrust_cart_6.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 60120
last-modified: Wed, 15 Feb 2023 04:04:56 GMT
etag: "63ec59e8-ead8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: ff5b40ea51f05135c25a2f8d8d0d9070
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 | 104.18.20.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 IP104.18.20.226:0
Hash2aae0f0d8784a6cc113f3af6dd7ba67a 514eb4a219c8c03623ffe493fc74bfd5df117964 3164b9a49111cafd451f0d090205f8d4f444a8702e5627992e1eb5b288f835cb
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 08:23:21 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "44B79473149B120EB87D38C388A325663C123A47"
Expires: Sat, 25 Mar 2023 19:00:00 GMT
Last-Modified: Sat, 25 Mar 2023 07:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3376
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ad5c0558c7fb521-OSL
|
|
| getglucotrust.me/images/cart/Glucotrust_cart_1.png | 69.172.200.220 | 200 OK | 24 kB |
URL HTTP/2getglucotrust.me/images/cart/Glucotrust_cart_1.png IP69.172.200.220:0
File typePNG image data, 400 x 892, 8-bit colormap, non-interlaced\012- data Hash1d8026799857b353401ed4a1ad9f6c1c b13d92d90a20f165a70ce431b266ce646c3e5455 aabe090035afb5c9c3e0233ea6ac184e87a3caec75afb0aaa8462565d6ef67a9
GET /images/cart/Glucotrust_cart_1.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 24288
last-modified: Wed, 15 Feb 2023 04:04:55 GMT
etag: "63ec59e7-5ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 194019b3706c015f901591884f6fb7bb
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.10.247.29 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.10.247.29:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qk2LmJJ6GT+4aXTcY6rQ1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PDO8cKzQ+hB5Hmbl0fKPUScMbSs=
|
|
| getglucotrust.me/images/cart/Glucotrust_cart_3.png | 69.172.200.220 | 200 OK | 39 kB |
URL HTTP/2getglucotrust.me/images/cart/Glucotrust_cart_3.png IP69.172.200.220:0
File typePNG image data, 400 x 892, 8-bit colormap, non-interlaced\012- data Hash452893ccdc0107b2c934cae71c13be11 e0860a697f56a63b28377d079e0064aa25551bfe bb48aed0726aff9ec43f23fa913ce2b92d8cf896f9ab509d8bcc15a9d4188735
GET /images/cart/Glucotrust_cart_3.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 38791
last-modified: Wed, 15 Feb 2023 04:04:55 GMT
etag: "63ec59e7-9787"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 7f2d8e73cc912c7a355d10cff3f7539c
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/images/glucotrust.png | 69.172.200.220 | 200 OK | 11 kB |
URL HTTP/2getglucotrust.me/images/glucotrust.png IP69.172.200.220:0
File typePNG image data, 400 x 153, 8-bit colormap, non-interlaced\012- data Hash21c3f03043ecb25fbb1db523471a77a4 6150061947ec9ebfa038160b47fa4c8b69f321bb d4839acd0f57e689badfbf82fb2497a1327062a22acb462db5a00c0183f5c77a
GET /images/glucotrust.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 10703
last-modified: Mon, 20 Feb 2023 07:10:04 GMT
etag: "63f31ccc-29cf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: e1bb63a90593a33f2834e2a577234664
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/images/3-Day-Liver-Cleanse.png | 69.172.200.220 | 200 OK | 60 kB |
URL HTTP/2getglucotrust.me/images/3-Day-Liver-Cleanse.png IP69.172.200.220:0
File typePNG image data, 500 x 583, 8-bit colormap, non-interlaced\012- data Hash5f694ad6ad0dda6a952bb8c7afe3eb22 1e40e59eec229522c7d9ebccfef9e2d097f43edf c7993162dcffb324a7b992a4b84ee4b376849cae71cad74752421b57eace97cd
GET /images/3-Day-Liver-Cleanse.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 60409
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-ebf9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 67ae817258cb26596559713815b6b297
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash3a85d9c2de0b1015b62c81a1ab7fe625 389c7fe2d0d53ff607a3fd8e27283c8f1cb3a238 717fa1c4098bd6e282c24452a39aafc0b436941b2f398ef0086960effcc3f2ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 08:23:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| getglucotrust.me/images/GymnemaSylvestre-2.jpg | 69.172.200.220 | 200 OK | 7.3 kB |
URL HTTP/2getglucotrust.me/images/GymnemaSylvestre-2.jpg IP69.172.200.220:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 200x200, components 3\012- data Hash3cc5c4a5b62649b0400f887c7e63b746 addd044bb8cdb36c80a5242e60381567a5b5b691 e8593d8f9fc69e33b7c18b8c54454c491c855dae0d4d693cf3006e93fccf87b6
GET /images/GymnemaSylvestre-2.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 7340
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-1cac"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 508468a62b60fec85c28f6c3de2a1bbe
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/images/chromium.jpg | 69.172.200.220 | 200 OK | 8.1 kB |
URL HTTP/2getglucotrust.me/images/chromium.jpg IP69.172.200.220:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 200x200, components 3\012- data Hashcef0d9611520ae6c463b3a00a491dd16 929a0ae185f07713d916c1bf89bacfd31a110b60 daf025c8a74bb70fd4f110789972293bfd73be0c3e8f4f653ad1da2ec0658520
GET /images/chromium.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 8127
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-1fbf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: d9ff678aef5f9f817f3cc10218ef295a
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/images/nutri-1.jpg | 69.172.200.220 | 200 OK | 8.6 kB |
URL HTTP/2getglucotrust.me/images/nutri-1.jpg IP69.172.200.220:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 200x200, components 3\012- data Hash0f62503c44b092a8068d7bf0c7106472 a1ca18f1586aa00c65e8c0fc37eef31f6d2f78b7 67ab70869c3c1b22747ba624b1aa5a27924202e012d4d6abfd259967bd877672
GET /images/nutri-1.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 8608
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-21a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: a7bcfde4a2c09806724b4ce9d747f7e7
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/images/zinc-insuline.jpg | 69.172.200.220 | 200 OK | 9.0 kB |
URL HTTP/2getglucotrust.me/images/zinc-insuline.jpg IP69.172.200.220:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 200x200, components 3\012- data Hash3c79ef5f951d83402fae49c6a617b09a 8f497cfef41bc812f33ef1601f2ee8e1611904d7 0214913c87b5b2e51d564676e70877f3b3ac9a58bed1615554e8ca042541134e
GET /images/zinc-insuline.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 9043
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-2353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 9db4e2842002cd2efe66fcad88b78329
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/images/365-detox.png | 69.172.200.220 | 200 OK | 8.4 kB |
URL HTTP/2getglucotrust.me/images/365-detox.png IP69.172.200.220:0
File typePNG image data, 400 x 153, 8-bit colormap, non-interlaced\012- data Hash468b78ad73cf3c645a4e4254aadff6a1 c86889744b5ef2f45a4639ff275f10d61a57884e 93012d49a4331d5c4431b98f59a2ac536015833a190cd89dee6227dbf24107b7
GET /images/365-detox.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 8446
last-modified: Mon, 20 Feb 2023 07:10:03 GMT
etag: "63f31ccb-20fe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 903a676108180a956e8e19618dc01c3a
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/images/cinnamon.jpg | 69.172.200.220 | 200 OK | 17 kB |
URL HTTP/2getglucotrust.me/images/cinnamon.jpg IP69.172.200.220:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 200x200, components 3\012- data Hash1e59dda3ed25650d025bdca475be4e5b dfeb1fea67d1317a49236ab2ff0ff31d180c4240 a5757a2fa7ee9ec686b55322d4be527184fdbbdce8aeabc4dda8ea2d188f13e8
GET /images/cinnamon.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 16921
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-4219"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 45167f1d92efda646ea4009992ebcc20
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/images/night-reset.png | 69.172.200.220 | 200 OK | 12 kB |
URL HTTP/2getglucotrust.me/images/night-reset.png IP69.172.200.220:0
File typePNG image data, 400 x 153, 8-bit colormap, non-interlaced\012- data Hash0dc4e91e8392196958c5cc9a7297cdc0 ccb585a9ac0187947aeed40e340a14e38edae5bf 52d15646ea32ec78955439f186514d2a385418ff431f7e68cfc5e782b116143f
GET /images/night-reset.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 11884
last-modified: Mon, 20 Feb 2023 07:10:04 GMT
etag: "63f31ccc-2e6c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 6b054ecf3d9a1762806f2ae25ff87098
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/api/visits?page_id=3&page_version=&request_id=4621FD81%3A93DC_D197C0D8%3A01BB_641EAF78_46ABB%3A82384&querystring=&fbclid=&fbp=&fbc=&referrer= | 69.172.200.220 | 200 OK | 765 B |
URL HTTP/2getglucotrust.me/api/visits?page_id=3&page_version=&request_id=4621FD81%3A93DC_D197C0D8%3A01BB_641EAF78_46ABB%3A82384&querystring=&fbclid=&fbp=&fbc=&referrer= IP69.172.200.220:0
Hash88f5ec19bbc746cdfb3d6eeda2146bc7 e1d1f62e01c16fd5f2bafc4c3c1676a2bce37c61 a520d3d58e4f815d5e9f0791f2956bc71e16b82070a88808103a37631d1411ef
GET /api/visits?page_id=3&page_version=&request_id=4621FD81%3A93DC_D197C0D8%3A01BB_641EAF78_46ABB%3A82384&querystring=&fbclid=&fbp=&fbc=&referrer= HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' cbsplit.com getglucotrust.me getglucotrust-me.cbsplit.com getglucotrust.net ;
content-encoding: gzip
x-dis-request-id: da3d12966f7fa417b126957262c84c35
server: DOSarrest
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.8 kB |
URL HTTP/2fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getglucotrust.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:51 GMT
expires: Sat, 23 Mar 2024 10:26:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
age: 78990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.8 kB |
URL HTTP/2fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 7824, version 1.0\012- data Hashaf4d371a10271dafeb343f1eace762bc 6d11d743bc3cfb169d70bc86450f18351dc1a905 60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getglucotrust.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:28:14 GMT
expires: Sat, 23 Mar 2024 10:28:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:52:02 GMT
content-type: font/woff2
age: 78907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashce6948c57f579a85042a4388c45514d6 4b3002c036034ef0cb8d9eb73b7bf7f561862b99 85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 08:23:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashce6948c57f579a85042a4388c45514d6 4b3002c036034ef0cb8d9eb73b7bf7f561862b99 85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 08:23:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 | 216.58.207.227 | 200 OK | 7.9 kB |
URL HTTP/2fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getglucotrust.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:49 GMT
expires: Sat, 23 Mar 2024 10:26:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
age: 78992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 | 216.58.207.227 | 200 OK | 8.7 kB |
URL HTTP/2fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 8668, version 1.0\012- data Hasha242ba0df3a128a2cab929a8c45d5056 d70e2c70b21cbb66cd883ae56e2dedacefd81c7c 50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
GET /s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getglucotrust.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:58 GMT
expires: Sat, 23 Mar 2024 10:26:58 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:07:02 GMT
content-type: font/woff2
age: 78983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashce6948c57f579a85042a4388c45514d6 4b3002c036034ef0cb8d9eb73b7bf7f561862b99 85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 08:23:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| getglucotrust.me/images/guide-to-superfoods.png | 69.172.200.220 | 200 OK | 71 kB |
URL HTTP/2getglucotrust.me/images/guide-to-superfoods.png IP69.172.200.220:0
File typePNG image data, 500 x 583, 8-bit colormap, non-interlaced\012- data Hash90878c7707c8e29027f9b5cbd6bbac4c 97b283b28e339b9dc9f2fbbaac82ed57de21a487 2256b38a4727a41af7f2120ac4cee2bcf82c6cdf4b018915f77a0be311248179
GET /images/guide-to-superfoods.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 70966
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-11536"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 5345762c2090096ecda09326c9342e0f
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/images/fat-burning-smoothies.png | 69.172.200.220 | 200 OK | 63 kB |
URL HTTP/2getglucotrust.me/images/fat-burning-smoothies.png IP69.172.200.220:0
File typePNG image data, 500 x 583, 8-bit colormap, non-interlaced\012- data Hashb8ee3cc2e240a7d1e1b6958b8eec48f7 9ac1f73eaa93936241e88cc59d54a9497d3df9d5 995b203cc08da6c54ac3f5cb840efef2d7c2a635eba26001f248b3c90586c94e
GET /images/fat-burning-smoothies.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 63396
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-f7a4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 181720ea3323e8f8f7bc3fd6e3c2fd4e
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/images/hot_deal_icon.png | 69.172.200.220 | 200 OK | 772 B |
URL HTTP/2getglucotrust.me/images/hot_deal_icon.png IP69.172.200.220:0
File typePNG image data, 160 x 64, 8-bit colormap, non-interlaced\012- data Hashfc720820cef9bcfbb2b3f828430f4f79 9a595eed2b82495988421ebde3fac55eca9f3a99 cc92200eeb9fb840260d4c479e155917c585071ebe4285ba378ed58283238683
GET /images/hot_deal_icon.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:22 GMT
content-type: image/png
content-length: 772
last-modified: Mon, 20 Feb 2023 09:06:20 GMT
etag: "63f3380c-304"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 7734a862aba70a3d93db725c00d166de
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb62c9b9530dd66bb7f03ba2ce3d835da bf8560766de78dd925e395f59610ab2f1335e565 62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8623
Expires: Sat, 25 Mar 2023 10:47:05 GMT
Date: Sat, 25 Mar 2023 08:23:22 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb62c9b9530dd66bb7f03ba2ce3d835da bf8560766de78dd925e395f59610ab2f1335e565 62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8623
Expires: Sat, 25 Mar 2023 10:47:05 GMT
Date: Sat, 25 Mar 2023 08:23:22 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb62c9b9530dd66bb7f03ba2ce3d835da bf8560766de78dd925e395f59610ab2f1335e565 62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8623
Expires: Sat, 25 Mar 2023 10:47:05 GMT
Date: Sat, 25 Mar 2023 08:23:22 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg | 34.120.237.76 | 200 OK | 7.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5773974a7341690f006b052ad02c94db 1b11316c952e2195da1646dd94671669e7e3bc2b a06b72138745500cacc919fea29536ebd4188a1c483f6123e3402458e299f16a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: bad99b1e-3923-4de9-8bea-4dd04e96f7cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfFGcIAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-0826b92d4c4af16553503600;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 9AGLmjvUSTKIsYIWECOR8QwdF4PP1tP1TweUm0VYvxQ0qskqj3YuLA==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:18 GMT
age: 38584
etag: "1b11316c952e2195da1646dd94671669e7e3bc2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg | 34.120.237.76 | 200 OK | 6.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdd191e3a122d6e31f81e6e9d434c58d6 aec88022970c93289434f8097e4a663da33e5271 1f00c901ef479637ec703d7924526a970cb13dd2635b2bbb68b285df9d98e011
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6185
x-amzn-requestid: 223de50b-9a7e-4ac7-9305-336658eec4ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiwYHoLoAMFXtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e1802-226bd8524ade75234053ff50;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:37:06 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tMnTFkK-AtSlEsQskvoxwwCjddndz5GBLHiV5RHi3QumyL6MVC9ovg==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
age: 38574
etag: "aec88022970c93289434f8097e4a663da33e5271"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg | 34.120.237.76 | 200 OK | 5.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc831201ad81f55c63c1b101ce854a810 0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5 c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ZQcPeutl5BzzzysPzWEzrEY8WU-0F-0twvGPT7RAX-UjNOCk3NtmMQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 06:24:35 GMT
age: 7127
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee780ea6-5b5e-419f-916d-42d0f5e1912a.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee780ea6-5b5e-419f-916d-42d0f5e1912a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc7950abafdbc9bbc363ac4cd490f864f d1356ae16dd758eb699eb62402122d4fb2f307c9 7e98a04cefe4e21aafdf261d0e819352c515695cb9250a64e316c0a5cafc143d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee780ea6-5b5e-419f-916d-42d0f5e1912a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9196
x-amzn-requestid: a63eade0-457b-48f3-bfdc-50d4f6a97363
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK89kGECIAMFdpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa856-5ce23570768e4a753ee47cf5;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:03:50 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: DSmN5fQWv6zAc9BeRPj97uQLqfM3M3yi8USBPY2kPuMy51OEIvXRbw==
via: 1.1 5502255f9557c1e2c098b94110b6151c.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 07:59:28 GMT
age: 1434
etag: "d1356ae16dd758eb699eb62402122d4fb2f307c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg | 34.120.237.76 | 200 OK | 5.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashaecd210f66f83c73c3450d047ae7448a d68861e96e12e8a3f293dbae8b687f05b6e15afb 22b69c41c56e5538d91f824d5dc2e63ab5563f99ae8e429c9166f4b397cacd0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5296
x-amzn-requestid: 11fdf0c8-244c-4cd5-bfa7-4c77d777174f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzEqkIAMFXOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-5c241d63598dbf595b54ead5;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: b1KWFmKdRQ4DU0v5JmC7AJatpv2B5FAHKVWL7pFiyh13fqYDA5qydA==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
age: 38574
etag: "d68861e96e12e8a3f293dbae8b687f05b6e15afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg | 34.120.237.76 | 200 OK | 6.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash02e0767e0c72d95e30337ad42f5d15b3 79aa21ca35c9d98ea7d0713d219e9b67083bdc05 7991a0c4d409cca49259cb626d0de39684635f14fad72e074b303235026673a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 38d33f4d-2b85-4666-b778-04f4b4dfdf10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihSFIdIAMFRjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a1-036a28e75189d05209396933;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:29 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: eYAgUDZFGkaskq0A77VgX54hvvjtQtClrFyED3COkankS76uD7hTAQ==
via: 1.1 53ee82a7eb57de316cba44c26680b4a6.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
age: 38574
etag: "79aa21ca35c9d98ea7d0713d219e9b67083bdc05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Poppins:400,700,400italic,800 | 142.250.74.74 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Poppins:400,700,400italic,800 IP142.250.74.74:0
GET /css?family=Poppins:400,700,400italic,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 25 Mar 2023 08:23:21 GMT
date: Sat, 25 Mar 2023 08:23:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| tracking.buygoods.com/track/?a=7223&firstcookie=0&referrer=&product=trust1,trust3,trust6&sessid2= | 172.66.43.22 | 200 OK | 0 B |
URL HTTP/2tracking.buygoods.com/track/?a=7223&firstcookie=0&referrer=&product=trust1,trust3,trust6&sessid2= IP172.66.43.22:0
GET /track/?a=7223&firstcookie=0&referrer=&product=trust1,trust3,trust6&sessid2= HTTP/1.1
Host: tracking.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Tue, Jan 12 1999 01:01:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ad5c0560dc0b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/favicon.ico | 69.172.200.220 | 200 OK | 0 B |
URL HTTP/2getglucotrust.me/favicon.ico IP69.172.200.220:0
GET /favicon.ico HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:22 GMT
content-type: image/x-icon
last-modified: Wed, 15 Feb 2023 03:38:51 GMT
etag: W/"63ec53cb-3aee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: 5a1ef36c85ec024dc00de7595914b2fc
server: DOSarrest
X-Firefox-Spdy: h2
|
|
| display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=7223 | 172.66.43.115 | 200 OK | 0 B |
URL HTTP/2display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=7223 IP172.66.43.115:0
GET /v1/disclaimer?id=disclaimer&account_id=7223 HTTP/1.1
Host: display.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
cache-control: private
cf-cache-status: DYNAMIC
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
__cflb=02DiuHqbnvaBNqZ2uGBKRYmBT9SdWdqrbz6whTB1M5BQ8; SameSite=Lax; path=/; expires=Sun, 26-Mar-23 07:23:21 GMT; HttpOnly
server: cloudflare
cf-ray: 7ad5c0553eb9b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| getglucotrust.me/js/bounceback.min.js | 69.172.200.220 | 200 OK | 0 B |
URL HTTP/2getglucotrust.me/js/bounceback.min.js IP69.172.200.220:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/bounceback.min.js HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: application/javascript
last-modified: Wed, 15 Feb 2023 11:28:27 GMT
etag: W/"63ecc1db-b20"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: cef1989582d4ff509a991cef31cfbe06
server: DOSarrest
X-Firefox-Spdy: h2
|
|