Report - getglucotrust.me/

Report Overview

Submitted URL
getglucotrust.me/
IP
69.172.200.220
ASN
#19324 DOSARREST
Submitted
2023-03-25 08:23:31
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.7 kB	7.1 kB	23.36.77.32
display.buygoods.com	389768	2020-11-11T11:21:40Z	2023-03-28T00:18:52Z	400 B	559 B	172.66.43.115
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	1.7 kB	3.5 kB	142.250.74.131
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	52.10.247.29
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T11:19:48Z	1.9 kB	36 kB	216.58.207.227
getglucotrust.me	unknown	2022-02-23T12:34:23Z	2023-03-29T10:23:21Z	13 kB	487 kB	69.172.200.220
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-29T06:27:16Z	1.2 kB	57 kB	151.101.129.229
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-29T05:11:35Z	368 B	1.9 kB	104.18.20.226
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	47 kB	34.120.237.76
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-29T10:13:53Z	411 B	630 B	142.250.74.74
tracking.buygoods.com	303552	2017-10-16T22:08:32Z	2023-03-28T07:56:17Z	433 B	445 B	172.66.43.22

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-25	medium	getglucotrust.me/	Phishing
2023-03-25	medium	getglucotrust.me/	Phishing
2023-03-25	medium	getglucotrust.me/js/bounceback.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	getglucotrust.me/	1.4 kB	2023-03-29	2023-05-28
Pretty URL getglucotrust.me/ IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:09:47 Last Seen2023-05-28 01:02:19 Times Seen4 Hash 1e9f26c060d5db3d6623c310a9e199ef 072dbaebfc4f162ac01a3845ebc60fb909b9f573 154f0d7bcd289fdccb2759d6323533fa40dbfa582956c5920c3d6bcbaa870765 Loading...

	getglucotrust.me/	64 B	2023-03-07	2024-02-05
Pretty URL getglucotrust.me/ IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:26:49 Last Seen2024-02-05 00:51:10 Times Seen112 Hash 87b0a08c827101d7afba7c49bb71e689 0b1aa0c15df7e1ee9f2ee942890d50c10a76308b c8b059bf27bec7d51a8695eaebc73563914dca74c9a2ded19b04634bb85470cc Loading...

	getglucotrust.me/	548 B	2023-03-07	2024-05-08
Pretty URL getglucotrust.me/ IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:47 Last Seen2024-05-08 23:38:46 Times Seen477 Hash 1ad5c115ba02812a95a81697a1428b9d 1ecfc84ec959361e20ddf31d34a775300e07334e 33c3bb2334c52ccc35e6ad8806ec31a6814413c62d91d6011e5500d5ea820c1c Loading...

	getglucotrust.me/js/bounceback.min.js	2.8 kB	2023-03-07	2024-02-29
Pretty URL getglucotrust.me/js/bounceback.min.js IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:47 Last Seen2024-02-29 04:29:09 Times Seen186 Hash 928ec014586629db7d8b4ad49c4bc93c b436801b50738cca53b78e5c9e459495f26da5c9 1fbbfbf2aff3f6cb01ac1967abafda6695aa9ee86e28862b0c45f62bffe51282 Loading...

	display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=7223	1.3 kB	2023-03-07	2024-05-07
Pretty URL display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=7223 IP 172.66.43.115 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-05-07 22:03:42 Times Seen736 Hash 40fc17a9bd2cd46c66a3efbdd13327cd a778267e7bce25b36c2e86cb7003331ffd1ecf44 b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236 Loading...

	getglucotrust.me/api/visits?page_id=3&page_version=&request_id=4621FD81%3A93DC_D197C0D8%3A01BB_641EAF78_46ABB%3A82384&querystring=&fbclid=&fbp=&fbc=&referrer=	556 B	2023-03-29	2023-03-29
Pretty URL getglucotrust.me/api/visits?page_id=3&page_version=&request_id=4621FD81%3A93DC_D197C0D8%3A01BB_641EAF78_46ABB%3A82384&querystring=&fbclid=&fbp=&fbc=&referrer= IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:09:47 Last Seen2023-03-29 22:09:47 Times Seen1 Hash 9d210d622e81356e5f93f752d0630602 9673ab4c4c83e4d2f0b5c65d922762949635da3b ad08b290d70ae44e9ad8e618ad8c27675e31798fd43d8c2349522d8115c79107 Loading...

	getglucotrust.me/	677 B	2023-03-29	2023-03-29
Pretty URL getglucotrust.me/ IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:09:47 Last Seen2023-03-29 22:09:47 Times Seen1 Hash 4a0903de111d71a43697d77efb66ef67 8f04fa22d50d02343ed2290a65fa9be09f9f3057 816bf6364409611f4858681f3e9047a315d385cf257e917cff1678d408f097fc Loading...

	getglucotrust.me/	1.4 kB	2023-03-29	2023-03-29
Pretty URL getglucotrust.me/ IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:09:47 Last Seen2023-03-29 22:09:47 Times Seen1 Hash 972d68b49871e69f1896a545e39efdfe 0b51e29f50e5eb97df00ee6040bede4def1d2f92 f07f7035c4034243854df94b19e61d07500a27e733041d1078d5bb614fd8597e Loading...

	cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js	87 kB	2023-03-07	2024-05-11
Pretty URL cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-11 00:03:49 Times Seen65847 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/js/bootstrap.min.js	56 kB	2023-03-07	2024-05-09
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/js/bootstrap.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:56 Last Seen2024-05-09 12:56:21 Times Seen2319 Hash 6895e8cd60b62646ce12426015888f58 de908c9ed184d74eb525fa7a30449b67fc3a1c14 eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267 Loading...

	getglucotrust.me/	662 B	2023-03-29	2023-07-03
Pretty URL getglucotrust.me/ IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:46:22 Last Seen2023-07-03 23:38:30 Times Seen20 Hash 8873b2974df5d6cfb87c3d1f2c02d7f9 3d1bfa5ca5aa7ae47354ca0b26ac7b3f2ebf84ee 9e5970086ee4e707d9cf2983e78f199d18994ee791432593492316f48050e077 Loading...

	tracking.buygoods.com/track/?a=7223&firstcookie=0&referrer=&product=trust1,trust3,trust6&sessid2=	555 B	2023-03-07	2023-06-13
Pretty URL tracking.buygoods.com/track/?a=7223&firstcookie=0&referrer=&product=trust1,trust3,trust6&sessid2= IP 172.66.43.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:26:49 Last Seen2023-06-13 14:36:16 Times Seen22 Hash 1ace9431299bb54fe2191d79b7f037f9 fe8c787dba931d4af0da6739990256f5fef1c780 eadfc02f063266dddab3dcb81e7494ba795252c5c02fe6012ed1d12202242a9e Loading...

	getglucotrust.me/	1.9 kB	2023-03-29	2023-05-28
Pretty URL getglucotrust.me/ IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:09:47 Last Seen2023-05-28 01:02:19 Times Seen4 Hash 2350616b1f520bf20f4e94bfabac0e86 5e57bc3e4e496038cb916d18b13ba3918b87708a bed3e152eedad6aa3e499011277e11bf499ff432e3d2b38bb8d08c3f93417556 Loading...

	tracking.buygoods.com/track/?a=7223&firstcookie=0&referrer=&product=trust1,trust3,trust6&sessid2=&caller_url=https%3A%2F%2Fgetglucotrust.me%2F	6.4 kB	2023-03-29	2023-03-29
Pretty URL tracking.buygoods.com/track/?a=7223&firstcookie=0&referrer=&product=trust1,trust3,trust6&sessid2=&caller_url=https%3A%2F%2Fgetglucotrust.me%2F IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:09:47 Last Seen2023-03-29 22:09:47 Times Seen1 Hash 2d34df7b99a4de5186b49b7afda286bf efe20af75619380268604b14ef31052858d252a1 e7212fd29e75789076cd6bc5860bec3fdf8701a0a6b0dd77065ff7176b99b4aa Loading...

HTTP Transactions (59)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7307
Expires: Sat, 25 Mar 2023 10:25:07 GMT
Date: Sat, 25 Mar 2023 08:23:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9466
Expires: Sat, 25 Mar 2023 11:01:06 GMT
Date: Sat, 25 Mar 2023 08:23:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 08:15:22 GMT
content-type: application/json
age: 478
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

getglucotrust.me/

69.172.200.220

301 Moved Permanently

0 B

URL HTTP/1.1
getglucotrust.me/
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 25 Mar 2023 08:23:20 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=20
location: https://getglucotrust.me/
X-DIS-Request-ID: 73079b6f06c7ee41e8bcca509a449b33
Server: DOSarrest

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dc2752d83fbed82852248898a132467a
b27a6b4af2e07663a58cafb641513f7224c7a7c3
ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16400
Expires: Sat, 25 Mar 2023 12:56:40 GMT
Date: Sat, 25 Mar 2023 08:23:20 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 8NVwsuYABBgn4Z40HaQhJ2YhTeHYKGTxK2fKpRQECee5YR8N6+njUIFvhMi42wK4FUkGz0UwrMkLOMhotoPmaA==
x-amz-request-id: J1QX5G9JNT7W0RP7
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 07:54:50 GMT
age: 1710
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 08:23:20 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7a1d2e3c7a1e78c94100acc50d1f4342
dd105683e3ad58800b928a6d0cef640ab6aac99c
9418a61e09b439cbd46aa7450a44b59faffd7c524f1820ef2ad94993c4f7a948

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9418A61E09B439CBD46AA7450A44B59FAFFD7C524F1820EF2AD94993C4F7A948"
Last-Modified: Sat, 25 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14016
Expires: Sat, 25 Mar 2023 12:16:56 GMT
Date: Sat, 25 Mar 2023 08:23:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 08:14:33 GMT
age: 527
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
717ebcc65cb1390c2509851bac7b5878
1e04e3058329f3809bc01022d441172dcacc1aaa
3c8d41efe14dc75e001ce50aae65e133d90bcb2e2f86b2426cefe7abe4c7b588

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3262
Expires: Sat, 25 Mar 2023 09:17:42 GMT
Date: Sat, 25 Mar 2023 08:23:20 GMT
Connection: keep-alive

getglucotrust.me/images/Glucotrust-1-add.png

69.172.200.220

200 OK

17 kB

URL HTTP/2
getglucotrust.me/images/Glucotrust-1-add.png
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Size
17 kB (17417 bytes)
Hash
99f46a93d9ed3197d285f0339be43dc8
2f12389985da1267e9fc720f1fb4235721383caa
80b03770b3b87294934aa0a7e18ee3a9d2bdc36a29e5c0e6c38da3bbffac6f73

HTTP Headers

GET /images/Glucotrust-1-add.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 17417
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-4409"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 4ab923b4e33650372cb568c9669e5c3d
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

getglucotrust.me/images/biotin-capsule.jpg

69.172.200.220

200 OK

7.9 kB

URL HTTP/2
getglucotrust.me/images/biotin-capsule.jpg
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 200x200, components 3\012- data
Size
7.9 kB (7894 bytes)
Hash
f2f8be8cf9e9c89e7c27133ca108dbca
3b8fb0c60a4f51bc7cd6add7041fe25c0cab1838
73febedde6669fbc1193017d5412824a06acad0eae3696e261cee27560b4a0a2

HTTP Headers

GET /images/biotin-capsule.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 7894
last-modified: Wed, 15 Feb 2023 03:53:00 GMT
etag: "63ec571c-1ed6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: a9ef806bd86cfb91d18a674229b34167
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

getglucotrust.me/images/licorice-rrot.jpg

69.172.200.220

200 OK

6.1 kB

URL HTTP/2
getglucotrust.me/images/licorice-rrot.jpg
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 200x200, components 3\012- data
Size
6.1 kB (6125 bytes)
Hash
133bae3208e731dc7a0e8cf600e07f54
75093be31777cded33b345d355b335c909d97d65
80067efcb835eebbfb1bc850e6f829cabe7a8abcf46c35a72b500c39949513e3

HTTP Headers

GET /images/licorice-rrot.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 6125
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-17ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 6e6493d1bf497b26c1d7a18c35efdc52
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

getglucotrust.me/images/juniper-berries.jpg

69.172.200.220

200 OK

8.5 kB

URL HTTP/2
getglucotrust.me/images/juniper-berries.jpg
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 200x200, components 3\012- data
Size
8.5 kB (8502 bytes)
Hash
804f2ff224162f5697368909e1725dfa
916a3df444886e8780d624e3e709147072f83f9f
ff44da9fc41d6885c27b3e9193a47be0f4c35f24072aa34f60f91982465b6e59

HTTP Headers

GET /images/juniper-berries.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 8502
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-2136"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 4e15511fbc653dca75222bcac8c7bf3a
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

getglucotrust.me/

69.172.200.220

200 OK

36 kB

URL HTTP/2
getglucotrust.me/
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
data
Size
36 kB (36239 bytes)
Hash
c30982c4737fbbcff7ffd746cd33fa5b
45e7299a9e9dbc1f4ae5114db0ed97cec22c2f21
d560f6d1f07bd0429d427a39200daa7e7f13b82444b9bd8260c361233ad1e1de

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; path=/; expires=Fri, 25 Mar 2033 08:23:20 GMT; secure
user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; path=/; expires=Fri, 25 Mar 2033 08:23:20 GMT; secure
persistedParams=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
persistedParams.sig=qQIP2OdsTFa87s1ohgL1NB6ingI; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
uid=wKhaAmQer3g1KABDB3D2Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=1; path=/
content-security-policy: frame-ancestors 'self'                    cbsplit.com       getglucotrust.me       getglucotrust-me.cbsplit.com       getglucotrust.net ;
content-encoding: gzip
cache-control: private
x-dis-request-id: a6bae44d36cbce21cde5dc4eef820fa6
server: DOSarrest
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js

151.101.129.229

200 OK

32 kB

URL HTTP/2
cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32058)
Size
32 kB (31984 bytes)
Hash
944d9771807290f738243183d6fcb598
452843976d3d88c515c832ac27580ce1944129fd
4093e5a7e9905f38584faf1cad17b8a0b0ebd88a5f5cd4e38e39f8d4583bcfa2

HTTP Headers

GET /npm/jquery@3.2.1/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.2.1
x-jsd-version-type: version
etag: W/"15283-EFUBjCirQQh++czv5BFgaJPavqI"
content-encoding: br
accept-ranges: bytes
date: Sat, 25 Mar 2023 08:23:21 GMT
age: 847414
x-served-by: cache-fra-eddf8230122-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31984
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css

151.101.129.229

200 OK

7.1 kB

URL HTTP/2
cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7114 bytes)
Hash
df4ce4b3229b67564170e16b78ebd9b6
7a6af7ba302e05cb0ee9d7de2ecf1c66e369999e
6c45a96bfcea221747bc984b29038d143980da6d4b01f8ca805f0720a2f1041c

HTTP Headers

GET /npm/font-awesome@4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.7.0
x-jsd-version-type: version
etag: W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
content-encoding: br
accept-ranges: bytes
date: Sat, 25 Mar 2023 08:23:21 GMT
age: 847416
x-served-by: cache-fra-eddf8230079-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7114
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3a85d9c2de0b1015b62c81a1ab7fe625
389c7fe2d0d53ff607a3fd8e27283c8f1cb3a238
717fa1c4098bd6e282c24452a39aafc0b436941b2f398ef0086960effcc3f2ca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 08:23:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/js/bootstrap.min.js

151.101.129.229

200 OK

16 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/js/bootstrap.min.js
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (55494)
Size
16 kB (15488 bytes)
Hash
685f5db11a6ca7c184f9087569dfb0f8
ee459d410406a02afceb4defe1bb4cc30be477c2
a43c965e5ee53378fd221c3531c953244c392a3ecc174f2107f121ee3414228d

HTTP Headers

GET /npm/bootstrap@4.2.1/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.2.1
x-jsd-version-type: version
etag: W/"d9df-3pCMntGE1061Jfp6MESbZ/w6HBQ"
content-encoding: br
accept-ranges: bytes
date: Sat, 25 Mar 2023 08:23:21 GMT
age: 847397
x-served-by: cache-fra-eddf8230070-FRA, cache-bma1622-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15488
X-Firefox-Spdy: h2

getglucotrust.me/images/cart/Glucotrust_cart_6.png

69.172.200.220

200 OK

60 kB

URL HTTP/2
getglucotrust.me/images/cart/Glucotrust_cart_6.png
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
PNG image data, 400 x 892, 8-bit colormap, non-interlaced\012- data
Size
60 kB (60120 bytes)
Hash
2b3e60b414eaa69e1b49c1250207ad06
88ed82000079cf89dbb90c89d89e7f5633fb21b7
043cb0a4512932513220da1686c68868330ee0e4fe4253bf238b4de0e20e8c73

HTTP Headers

GET /images/cart/Glucotrust_cart_6.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 60120
last-modified: Wed, 15 Feb 2023 04:04:56 GMT
etag: "63ec59e8-ead8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: ff5b40ea51f05135c25a2f8d8d0d9070
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
2aae0f0d8784a6cc113f3af6dd7ba67a
514eb4a219c8c03623ffe493fc74bfd5df117964
3164b9a49111cafd451f0d090205f8d4f444a8702e5627992e1eb5b288f835cb

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 08:23:21 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "44B79473149B120EB87D38C388A325663C123A47"
Expires: Sat, 25 Mar 2023 19:00:00 GMT
Last-Modified: Sat, 25 Mar 2023 07:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3376
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ad5c0558c7fb521-OSL

getglucotrust.me/images/cart/Glucotrust_cart_1.png

69.172.200.220

200 OK

24 kB

URL HTTP/2
getglucotrust.me/images/cart/Glucotrust_cart_1.png
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
PNG image data, 400 x 892, 8-bit colormap, non-interlaced\012- data
Size
24 kB (24288 bytes)
Hash
1d8026799857b353401ed4a1ad9f6c1c
b13d92d90a20f165a70ce431b266ce646c3e5455
aabe090035afb5c9c3e0233ea6ac184e87a3caec75afb0aaa8462565d6ef67a9

HTTP Headers

GET /images/cart/Glucotrust_cart_1.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 24288
last-modified: Wed, 15 Feb 2023 04:04:55 GMT
etag: "63ec59e7-5ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 194019b3706c015f901591884f6fb7bb
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.10.247.29

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.10.247.29:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qk2LmJJ6GT+4aXTcY6rQ1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PDO8cKzQ+hB5Hmbl0fKPUScMbSs=

getglucotrust.me/images/cart/Glucotrust_cart_3.png

69.172.200.220

200 OK

39 kB

URL HTTP/2
getglucotrust.me/images/cart/Glucotrust_cart_3.png
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
PNG image data, 400 x 892, 8-bit colormap, non-interlaced\012- data
Size
39 kB (38791 bytes)
Hash
452893ccdc0107b2c934cae71c13be11
e0860a697f56a63b28377d079e0064aa25551bfe
bb48aed0726aff9ec43f23fa913ce2b92d8cf896f9ab509d8bcc15a9d4188735

HTTP Headers

GET /images/cart/Glucotrust_cart_3.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 38791
last-modified: Wed, 15 Feb 2023 04:04:55 GMT
etag: "63ec59e7-9787"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 7f2d8e73cc912c7a355d10cff3f7539c
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

getglucotrust.me/images/glucotrust.png

69.172.200.220

200 OK

11 kB

URL HTTP/2
getglucotrust.me/images/glucotrust.png
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
PNG image data, 400 x 153, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10703 bytes)
Hash
21c3f03043ecb25fbb1db523471a77a4
6150061947ec9ebfa038160b47fa4c8b69f321bb
d4839acd0f57e689badfbf82fb2497a1327062a22acb462db5a00c0183f5c77a

HTTP Headers

GET /images/glucotrust.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 10703
last-modified: Mon, 20 Feb 2023 07:10:04 GMT
etag: "63f31ccc-29cf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: e1bb63a90593a33f2834e2a577234664
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

getglucotrust.me/images/3-Day-Liver-Cleanse.png

69.172.200.220

200 OK

60 kB

URL HTTP/2
getglucotrust.me/images/3-Day-Liver-Cleanse.png
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
PNG image data, 500 x 583, 8-bit colormap, non-interlaced\012- data
Size
60 kB (60409 bytes)
Hash
5f694ad6ad0dda6a952bb8c7afe3eb22
1e40e59eec229522c7d9ebccfef9e2d097f43edf
c7993162dcffb324a7b992a4b84ee4b376849cae71cad74752421b57eace97cd

HTTP Headers

GET /images/3-Day-Liver-Cleanse.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 60409
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-ebf9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 67ae817258cb26596559713815b6b297
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3a85d9c2de0b1015b62c81a1ab7fe625
389c7fe2d0d53ff607a3fd8e27283c8f1cb3a238
717fa1c4098bd6e282c24452a39aafc0b436941b2f398ef0086960effcc3f2ca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 08:23:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

getglucotrust.me/images/GymnemaSylvestre-2.jpg

69.172.200.220

200 OK

7.3 kB

URL HTTP/2
getglucotrust.me/images/GymnemaSylvestre-2.jpg
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 200x200, components 3\012- data
Size
7.3 kB (7340 bytes)
Hash
3cc5c4a5b62649b0400f887c7e63b746
addd044bb8cdb36c80a5242e60381567a5b5b691
e8593d8f9fc69e33b7c18b8c54454c491c855dae0d4d693cf3006e93fccf87b6

HTTP Headers

GET /images/GymnemaSylvestre-2.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 7340
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-1cac"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 508468a62b60fec85c28f6c3de2a1bbe
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

getglucotrust.me/images/chromium.jpg

69.172.200.220

200 OK

8.1 kB

URL HTTP/2
getglucotrust.me/images/chromium.jpg
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 200x200, components 3\012- data
Size
8.1 kB (8127 bytes)
Hash
cef0d9611520ae6c463b3a00a491dd16
929a0ae185f07713d916c1bf89bacfd31a110b60
daf025c8a74bb70fd4f110789972293bfd73be0c3e8f4f653ad1da2ec0658520

HTTP Headers

GET /images/chromium.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 8127
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-1fbf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: d9ff678aef5f9f817f3cc10218ef295a
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

getglucotrust.me/images/nutri-1.jpg

69.172.200.220

200 OK

8.6 kB

URL HTTP/2
getglucotrust.me/images/nutri-1.jpg
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 200x200, components 3\012- data
Size
8.6 kB (8608 bytes)
Hash
0f62503c44b092a8068d7bf0c7106472
a1ca18f1586aa00c65e8c0fc37eef31f6d2f78b7
67ab70869c3c1b22747ba624b1aa5a27924202e012d4d6abfd259967bd877672

HTTP Headers

GET /images/nutri-1.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 8608
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-21a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: a7bcfde4a2c09806724b4ce9d747f7e7
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

getglucotrust.me/images/zinc-insuline.jpg

69.172.200.220

200 OK

9.0 kB

URL HTTP/2
getglucotrust.me/images/zinc-insuline.jpg
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 200x200, components 3\012- data
Size
9.0 kB (9043 bytes)
Hash
3c79ef5f951d83402fae49c6a617b09a
8f497cfef41bc812f33ef1601f2ee8e1611904d7
0214913c87b5b2e51d564676e70877f3b3ac9a58bed1615554e8ca042541134e

HTTP Headers

GET /images/zinc-insuline.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 9043
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-2353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 9db4e2842002cd2efe66fcad88b78329
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

getglucotrust.me/images/365-detox.png

69.172.200.220

200 OK

8.4 kB

URL HTTP/2
getglucotrust.me/images/365-detox.png
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
PNG image data, 400 x 153, 8-bit colormap, non-interlaced\012- data
Size
8.4 kB (8446 bytes)
Hash
468b78ad73cf3c645a4e4254aadff6a1
c86889744b5ef2f45a4639ff275f10d61a57884e
93012d49a4331d5c4431b98f59a2ac536015833a190cd89dee6227dbf24107b7

HTTP Headers

GET /images/365-detox.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 8446
last-modified: Mon, 20 Feb 2023 07:10:03 GMT
etag: "63f31ccb-20fe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 903a676108180a956e8e19618dc01c3a
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

getglucotrust.me/images/cinnamon.jpg

69.172.200.220

200 OK

17 kB

URL HTTP/2
getglucotrust.me/images/cinnamon.jpg
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 200x200, components 3\012- data
Size
17 kB (16921 bytes)
Hash
1e59dda3ed25650d025bdca475be4e5b
dfeb1fea67d1317a49236ab2ff0ff31d180c4240
a5757a2fa7ee9ec686b55322d4be527184fdbbdce8aeabc4dda8ea2d188f13e8

HTTP Headers

GET /images/cinnamon.jpg HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/jpeg
content-length: 16921
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-4219"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 45167f1d92efda646ea4009992ebcc20
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

getglucotrust.me/images/night-reset.png

69.172.200.220

200 OK

12 kB

URL HTTP/2
getglucotrust.me/images/night-reset.png
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
PNG image data, 400 x 153, 8-bit colormap, non-interlaced\012- data
Size
12 kB (11884 bytes)
Hash
0dc4e91e8392196958c5cc9a7297cdc0
ccb585a9ac0187947aeed40e340a14e38edae5bf
52d15646ea32ec78955439f186514d2a385418ff431f7e68cfc5e782b116143f

HTTP Headers

GET /images/night-reset.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 11884
last-modified: Mon, 20 Feb 2023 07:10:04 GMT
etag: "63f31ccc-2e6c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 6b054ecf3d9a1762806f2ae25ff87098
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

getglucotrust.me/api/visits?page_id=3&page_version=&request_id=4621FD81%3A93DC_D197C0D8%3A01BB_641EAF78_46ABB%3A82384&querystring=&fbclid=&fbp=&fbc=&referrer=

69.172.200.220

200 OK

765 B

URL HTTP/2
getglucotrust.me/api/visits?page_id=3&page_version=&request_id=4621FD81%3A93DC_D197C0D8%3A01BB_641EAF78_46ABB%3A82384&querystring=&fbclid=&fbp=&fbc=&referrer=
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
data
Size
765 B (765 bytes)
Hash
88f5ec19bbc746cdfb3d6eeda2146bc7
e1d1f62e01c16fd5f2bafc4c3c1676a2bce37c61
a520d3d58e4f815d5e9f0791f2956bc71e16b82070a88808103a37631d1411ef

HTTP Headers

GET /api/visits?page_id=3&page_version=&request_id=4621FD81%3A93DC_D197C0D8%3A01BB_641EAF78_46ABB%3A82384&querystring=&fbclid=&fbp=&fbc=&referrer= HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self'                    cbsplit.com       getglucotrust.me       getglucotrust-me.cbsplit.com       getglucotrust.net ;
content-encoding: gzip
x-dis-request-id: da3d12966f7fa417b126957262c84c35
server: DOSarrest
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getglucotrust.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:51 GMT
expires: Sat, 23 Mar 2024 10:26:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
age: 78990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7824, version 1.0\012- data
Size
7.8 kB (7824 bytes)
Hash
af4d371a10271dafeb343f1eace762bc
6d11d743bc3cfb169d70bc86450f18351dc1a905
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getglucotrust.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:28:14 GMT
expires: Sat, 23 Mar 2024 10:28:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:52:02 GMT
content-type: font/woff2
age: 78907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 08:23:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 08:23:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getglucotrust.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:49 GMT
expires: Sat, 23 Mar 2024 10:26:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
age: 78992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2

216.58.207.227

200 OK

8.7 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8668, version 1.0\012- data
Size
8.7 kB (8668 bytes)
Hash
a242ba0df3a128a2cab929a8c45d5056
d70e2c70b21cbb66cd883ae56e2dedacefd81c7c
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972

HTTP Headers

GET /s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getglucotrust.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:58 GMT
expires: Sat, 23 Mar 2024 10:26:58 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:07:02 GMT
content-type: font/woff2
age: 78983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 08:23:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

getglucotrust.me/images/guide-to-superfoods.png

69.172.200.220

200 OK

71 kB

URL HTTP/2
getglucotrust.me/images/guide-to-superfoods.png
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
PNG image data, 500 x 583, 8-bit colormap, non-interlaced\012- data
Size
71 kB (70966 bytes)
Hash
90878c7707c8e29027f9b5cbd6bbac4c
97b283b28e339b9dc9f2fbbaac82ed57de21a487
2256b38a4727a41af7f2120ac4cee2bcf82c6cdf4b018915f77a0be311248179

HTTP Headers

GET /images/guide-to-superfoods.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 70966
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-11536"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 5345762c2090096ecda09326c9342e0f
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

getglucotrust.me/images/fat-burning-smoothies.png

69.172.200.220

200 OK

63 kB

URL HTTP/2
getglucotrust.me/images/fat-burning-smoothies.png
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
PNG image data, 500 x 583, 8-bit colormap, non-interlaced\012- data
Size
63 kB (63396 bytes)
Hash
b8ee3cc2e240a7d1e1b6958b8eec48f7
9ac1f73eaa93936241e88cc59d54a9497d3df9d5
995b203cc08da6c54ac3f5cb840efef2d7c2a635eba26001f248b3c90586c94e

HTTP Headers

GET /images/fat-burning-smoothies.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: image/png
content-length: 63396
last-modified: Wed, 15 Feb 2023 03:53:02 GMT
etag: "63ec571e-f7a4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 181720ea3323e8f8f7bc3fd6e3c2fd4e
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

getglucotrust.me/images/hot_deal_icon.png

69.172.200.220

200 OK

772 B

URL HTTP/2
getglucotrust.me/images/hot_deal_icon.png
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type
PNG image data, 160 x 64, 8-bit colormap, non-interlaced\012- data
Size
772 B (772 bytes)
Hash
fc720820cef9bcfbb2b3f828430f4f79
9a595eed2b82495988421ebde3fac55eca9f3a99
cc92200eeb9fb840260d4c479e155917c585071ebe4285ba378ed58283238683

HTTP Headers

GET /images/hot_deal_icon.png HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:22 GMT
content-type: image/png
content-length: 772
last-modified: Mon, 20 Feb 2023 09:06:20 GMT
etag: "63f3380c-304"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 7734a862aba70a3d93db725c00d166de
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8623
Expires: Sat, 25 Mar 2023 10:47:05 GMT
Date: Sat, 25 Mar 2023 08:23:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8623
Expires: Sat, 25 Mar 2023 10:47:05 GMT
Date: Sat, 25 Mar 2023 08:23:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8623
Expires: Sat, 25 Mar 2023 10:47:05 GMT
Date: Sat, 25 Mar 2023 08:23:22 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7800 bytes)
Hash
5773974a7341690f006b052ad02c94db
1b11316c952e2195da1646dd94671669e7e3bc2b
a06b72138745500cacc919fea29536ebd4188a1c483f6123e3402458e299f16a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: bad99b1e-3923-4de9-8bea-4dd04e96f7cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfFGcIAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-0826b92d4c4af16553503600;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 9AGLmjvUSTKIsYIWECOR8QwdF4PP1tP1TweUm0VYvxQ0qskqj3YuLA==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:18 GMT
age: 38584
etag: "1b11316c952e2195da1646dd94671669e7e3bc2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6185 bytes)
Hash
dd191e3a122d6e31f81e6e9d434c58d6
aec88022970c93289434f8097e4a663da33e5271
1f00c901ef479637ec703d7924526a970cb13dd2635b2bbb68b285df9d98e011

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6185
x-amzn-requestid: 223de50b-9a7e-4ac7-9305-336658eec4ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiwYHoLoAMFXtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e1802-226bd8524ade75234053ff50;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:37:06 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tMnTFkK-AtSlEsQskvoxwwCjddndz5GBLHiV5RHi3QumyL6MVC9ovg==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
age: 38574
etag: "aec88022970c93289434f8097e4a663da33e5271"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5556 bytes)
Hash
c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ZQcPeutl5BzzzysPzWEzrEY8WU-0F-0twvGPT7RAX-UjNOCk3NtmMQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 06:24:35 GMT
age: 7127
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee780ea6-5b5e-419f-916d-42d0f5e1912a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9196 bytes)
Hash
c7950abafdbc9bbc363ac4cd490f864f
d1356ae16dd758eb699eb62402122d4fb2f307c9
7e98a04cefe4e21aafdf261d0e819352c515695cb9250a64e316c0a5cafc143d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee780ea6-5b5e-419f-916d-42d0f5e1912a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9196
x-amzn-requestid: a63eade0-457b-48f3-bfdc-50d4f6a97363
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK89kGECIAMFdpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa856-5ce23570768e4a753ee47cf5;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:03:50 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: DSmN5fQWv6zAc9BeRPj97uQLqfM3M3yi8USBPY2kPuMy51OEIvXRbw==
via: 1.1 5502255f9557c1e2c098b94110b6151c.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 07:59:28 GMT
age: 1434
etag: "d1356ae16dd758eb699eb62402122d4fb2f307c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5296 bytes)
Hash
aecd210f66f83c73c3450d047ae7448a
d68861e96e12e8a3f293dbae8b687f05b6e15afb
22b69c41c56e5538d91f824d5dc2e63ab5563f99ae8e429c9166f4b397cacd0e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5296
x-amzn-requestid: 11fdf0c8-244c-4cd5-bfa7-4c77d777174f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzEqkIAMFXOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-5c241d63598dbf595b54ead5;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: b1KWFmKdRQ4DU0v5JmC7AJatpv2B5FAHKVWL7pFiyh13fqYDA5qydA==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
age: 38574
etag: "d68861e96e12e8a3f293dbae8b687f05b6e15afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6511 bytes)
Hash
02e0767e0c72d95e30337ad42f5d15b3
79aa21ca35c9d98ea7d0713d219e9b67083bdc05
7991a0c4d409cca49259cb626d0de39684635f14fad72e074b303235026673a9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 38d33f4d-2b85-4666-b778-04f4b4dfdf10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihSFIdIAMFRjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a1-036a28e75189d05209396933;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:29 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: eYAgUDZFGkaskq0A77VgX54hvvjtQtClrFyED3COkankS76uD7hTAQ==
via: 1.1 53ee82a7eb57de316cba44c26680b4a6.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
age: 38574
etag: "79aa21ca35c9d98ea7d0713d219e9b67083bdc05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Poppins:400,700,400italic,800

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Poppins:400,700,400italic,800
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Poppins:400,700,400italic,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 25 Mar 2023 08:23:21 GMT
date: Sat, 25 Mar 2023 08:23:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tracking.buygoods.com/track/?a=7223&firstcookie=0&referrer=&product=trust1,trust3,trust6&sessid2=

172.66.43.22

200 OK

0 B

URL HTTP/2
tracking.buygoods.com/track/?a=7223&firstcookie=0&referrer=&product=trust1,trust3,trust6&sessid2=
IP
172.66.43.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /track/?a=7223&firstcookie=0&referrer=&product=trust1,trust3,trust6&sessid2= HTTP/1.1
Host: tracking.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Tue, Jan 12 1999 01:01:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ad5c0560dc0b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

getglucotrust.me/favicon.ico

69.172.200.220

200 OK

0 B

URL HTTP/2
getglucotrust.me/favicon.ico
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:22 GMT
content-type: image/x-icon
last-modified: Wed, 15 Feb 2023 03:38:51 GMT
etag: W/"63ec53cb-3aee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: 5a1ef36c85ec024dc00de7595914b2fc
server: DOSarrest
X-Firefox-Spdy: h2

display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=7223

172.66.43.115

200 OK

0 B

URL HTTP/2
display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=7223
IP
172.66.43.115:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v1/disclaimer?id=disclaimer&account_id=7223 HTTP/1.1
Host: display.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
cache-control: private
cf-cache-status: DYNAMIC
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
__cflb=02DiuHqbnvaBNqZ2uGBKRYmBT9SdWdqrbz6whTB1M5BQ8; SameSite=Lax; path=/; expires=Sun, 26-Mar-23 07:23:21 GMT; HttpOnly
server: cloudflare
cf-ray: 7ad5c0553eb9b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

getglucotrust.me/js/bounceback.min.js

69.172.200.220

200 OK

0 B

URL HTTP/2
getglucotrust.me/js/bounceback.min.js
IP
69.172.200.220:0
ASN
#19324 DOSARREST

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/bounceback.min.js HTTP/1.1
Host: getglucotrust.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getglucotrust.me/
Cookie: user_id=0a57b6dec66b5aaac760f6d06d4edb4a; user_id.sig=K-y3H3URTMW63xzZLAei8YFNY1k; uid=wKhaAmQer3g1KABDB3D2Ag==; cnid=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 08:23:21 GMT
content-type: application/javascript
last-modified: Wed, 15 Feb 2023 11:28:27 GMT
etag: W/"63ecc1db-b20"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: cef1989582d4ff509a991cef31cfbe06
server: DOSarrest
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML