urlscan.io logo urlscan.io
SecurityTrails logo

www.shapenewsjournal.com Open in urlscan Pro
2606:4700:3035::6815:3a59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/advertorial010/789654nu57r.html
Effective URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b6...
Submission: On May 15 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 17 domains to perform 49 HTTP transactions. The main IP is 2606:4700:3035::6815:3a59, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.shapenewsjournal.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2020. Valid for: a year.
This is the only time www.shapenewsjournal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 1 72.9.145.108 30277 (DFW-DATAC...)
2 23.236.239.149 55286 (SERVER-MANIA)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
1 13.225.74.129 16509 (AMAZON-02)
7 17 34.203.99.241 14618 (AMAZON-AES)
1 1 35.186.199.111 15169 (GOOGLE)
14 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.217.72.110 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2600:9000:219... 16509 (AMAZON-02)
2 52.29.0.64 16509 (AMAZON-02)
49 20
1    2a00:1450:4001:803::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    72.9.145.108 (United States)

ASN30277 (DFW-DATACENTER, US)
PTR: testancis.com
sliterial.eu
2    23.236.239.149 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)
visitloft.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:211a:f800:10:b308:84c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.bouncepilot.com
1    13.225.74.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-129.fra2.r.cloudfront.net
static.traversedlp.com
17    34.203.99.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-99-241.compute-1.amazonaws.com
api.traversedlp.com
1    35.186.199.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.199.186.35.bc.googleusercontent.com
www.et6mtrk.com
14    2606:4700:3035::6815:3a59 (United States)

ASN13335 (CLOUDFLARENET, US)
www.shapenewsjournal.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    52.217.72.110 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2600:9000:2190:f400:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-api.sharethis.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2190:8800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    2606:4700:e2::ac40:8509 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    2600:9000:2190:c200:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.sharethis.mgr.consensu.org
2    52.29.0.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
l.sharethis.com
Domain Requested by
17 api.traversedlp.com 7 redirects static.traversedlp.com
visitloft.com
14 www.shapenewsjournal.com visitloft.com
www.shapenewsjournal.com
2 l.sharethis.com platform-api.sharethis.com
www.shapenewsjournal.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.shapenewsjournal.com
2 stackpath.bootstrapcdn.com www.shapenewsjournal.com
2 visitloft.com visitloft.com
1 c.sharethis.mgr.consensu.org platform-api.sharethis.com
1 ka-f.fontawesome.com kit.fontawesome.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 kit.fontawesome.com www.shapenewsjournal.com
1 cdn.jsdelivr.net www.shapenewsjournal.com
1 code.jquery.com www.shapenewsjournal.com
1 platform-api.sharethis.com www.shapenewsjournal.com
1 s3.amazonaws.com www.shapenewsjournal.com
1 www.et6mtrk.com 1 redirects
1 static.traversedlp.com www.googletagmanager.com
1 static.bouncepilot.com storage.googleapis.com
1 www.googletagmanager.com visitloft.com
1 sliterial.eu 1 redirects
1 storage.googleapis.com
0 cdn.offerspace.com Failed www.shapenewsjournal.com
49 22

This site contains links to these domains. Also see Links.

Domain
www.naturalhealthyupdate.com
traffic.webclickroute.com
www.ncbi.nlm.nih.gov
en.wikipedia.org
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.bouncepilot.com
Amazon		 2020-07-21 -
2021-08-21		 a year crt.sh
*.traversedlp.com
Go Daddy Secure Certificate Authority - G2		 2020-12-29 -
2022-01-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-16 -
2021-08-16		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-08-04 -
2021-08-09		 a year crt.sh
sharethis.com
Amazon		 2020-08-17 -
2021-09-16		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-11 -
2022-03-26		 10 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
sharethis.mgr.consensu.org
Amazon		 2021-04-07 -
2022-05-06		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Frame ID: 668AB37840309CA1114ABCABFFB088A0
Requests: 39 HTTP requests in this frame

Frame: https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=e323792a-6bed-466d-b315-d8b3d6659b30
Frame ID: 573178F9304B15CEF6043C9BDE729BC8
Requests: 8 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: FD0FAF58C1A54C52264547C56A5CD332
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://storage.googleapis.com/advertorial010/789654nu57r.html Page URL
  2. http://sliterial.eu/g9sonad.php?od=1vct609be4a5707f5okc.oL5CM.Yzzzyrffmvsc6j111_zr884.ffmvsd3d3d... HTTP 302
    http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_other... Page URL
  3. https://www.et6mtrk.com/C5PWF/TZW7X/?source_id=107562&sub1=5e40ks20u6pvc88419pzji&sub5=b6f23cf434303... HTTP 302
    https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb05... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Page Statistics

49
Requests

90 %
HTTPS

67 %
IPv6

17
Domains

22
Subdomains

20
IPs

3
Countries

2539 kB
Transfer

2970 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/advertorial010/789654nu57r.html Page URL
  2. http://sliterial.eu/g9sonad.php?od=1vct609be4a5707f5okc.oL5CM.Yzzzyrffmvsc6j111_zr884.ffmvsd3d3d3gzMGdiNW9h0u6Nvi HTTP 302
    http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y Page URL
  3. https://www.et6mtrk.com/C5PWF/TZW7X/?source_id=107562&sub1=5e40ks20u6pvc88419pzji&sub5=b6f23cf4343030fc7f8eb08e793a3bbf HTTP 302
    https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://sliterial.eu/g9sonad.php?od=1vct609be4a5707f5okc.oL5CM.Yzzzyrffmvsc6j111_zr884.ffmvsd3d3d3gzMGdiNW9h0u6Nvi HTTP 302
  • http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y
Request Chain 9
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower= HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=e323792a-6bed-466d-b315-d8b3d6659b30
Request Chain 10
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif?emailMd5Lower=
Request Chain 11
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=
Request Chain 12
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=
Request Chain 13
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=
Request Chain 14
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=
Request Chain 15
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=
Request Chain 16
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
789654nu57r.html
storage.googleapis.com/advertorial010/ 		158 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/advertorial010/789654nu57r.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a5ddea1d9b8fb2653ba5fc933709a945b1da873626f86dae34d85adb33b714f1

Request headers

:method
GET
:authority
storage.googleapis.com
:scheme
https
:path
/advertorial010/789654nu57r.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

x-guploader-uploadid
ABg5-Uw9EmvAF-ZKkqAfT5dRYX8YBoX-CldIcWN5S_vKWlmZ9d60F8datAOGhfC-OyS6qaHAxjamD77pWw6wjSce_Q
expires
Sat, 15 May 2021 02:33:10 GMT
date
Sat, 15 May 2021 01:33:10 GMT
last-modified
Wed, 12 May 2021 14:34:10 GMT
etag
"a4372fc331306f771cf288b15b2715d2"
x-goog-generation
1620830050391349
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
158
content-type
text/html
x-goog-hash
crc32c=A9k0bA== md5=pDcvwzEwb3cc8oixWycV0g==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
158
server
UploadServer
age
673
cache-control
public, max-age=3600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
visitloft.com/a499608b87528a509602e9aa38ac908c3/
Redirect Chain
  • http://sliterial.eu/g9sonad.php?od=1vct609be4a5707f5okc.oL5CM.Yzzzyrffmvsc6j111_zr884.ffmvsd3d3d3gzMGdiNW9h0u6Nvi
  • http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&si...
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y
Protocol
HTTP/1.1
Server
23.236.239.149 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.26
Resource Hash
6e233444035bb23669f6b4f82d84600f810ded6a52ffa0450b8222d4ea4728b3

Request headers

Host
visitloft.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer
https://storage.googleapis.com/advertorial010/789654nu57r.html

Response headers

Server
nginx
Date
Sat, 15 May 2021 01:52:20 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.26

Redirect headers

Date
Sat, 15 May 2021 01:44:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.2.17
Location
http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
gtm.js
www.googletagmanager.com/ 		79 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Requested by
Host: visitloft.com
URL: http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
df7c2c768452d96276e56f817640a93601017fc101ec8b9d72e2e73ecd107674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://visitloft.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31589
x-xss-protection
0
last-modified
Sat, 15 May 2021 00:13:12 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 15 May 2021 01:44:24 GMT
fp.php
visitloft.com/ 		243 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://visitloft.com/fp.php
Requested by
Host: visitloft.com
URL: http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y
Protocol
HTTP/1.1
Server
23.236.239.149 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.26
Resource Hash

Request headers

Pragma
no-cache
Origin
http://visitloft.com
Accept-Encoding
gzip, deflate
Host
visitloft.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y
Connection
keep-alive
Content-Length
974
Referer
http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sat, 15 May 2021 01:52:20 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/7.3.26
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
29a38865-21e1-485f-8a85-c343bbbe30fb.js
static.bouncepilot.com/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/advertorial010/789654nu57r.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:f800:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
990496c62d75c59da1df0eff05e9bec618c45cb59eab0e0864594c9251eba89c

Request headers

Referer
http://visitloft.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:44:20 GMT
via
1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
last-modified
Thu, 22 Apr 2021 12:25:11 GMT
server
AmazonS3
age
132763
etag
"4e6941c0a0a55b2fb8d6aab28cda7689"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
content-length
33917
x-amz-cf-id
ip0QZmWC5UuUDD7FP_PRfrzMeQFGi-eOiW7UFnOAU4BgoCAHveDc5g==
retargeting.js
static.traversedlp.com/v1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.traversedlp.com/v1/retargeting.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-129.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6883197c20c58a0804b6ad6da9c06c9daff14267d65fe286666a1c08a61ba1e1

Request headers

Referer
http://visitloft.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

x-amz-version-id
Z_rPBOpsutVE9bhWkpsIEjsEvYBS2ueX
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 19 Mar 2021 19:00:16 GMT
Server
AmazonS3
Age
3006
ETag
W/"7d385c3008e7fc836888faf91fc98116"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Sat, 15 May 2021 01:13:49 GMT
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
y2_kKLPjIqePrgZs-74_3NrqC1rC2cEd0UOSsjkCRY5MjyZCM2DqMA==
cookie
api.traversedlp.com/retargeting/v1/ 		117 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargeting/v1/cookie
Requested by
Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.99.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-99-241.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
http://visitloft.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:24 GMT
server
nginx/1.18.0
etag
W/"75-1tebksgBSfFEZTr3TAHliw"
vary
Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin
http://visitloft.com
access-control-expose-headers
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
117
Primary Request /
www.shapenewsjournal.com/natural_health_update_keto2/
Redirect Chain
  • https://www.et6mtrk.com/C5PWF/TZW7X/?source_id=107562&sub1=5e40ks20u6pvc88419pzji&sub5=b6f23cf4343030fc7f8eb08e793a3bbf
  • https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88...
28 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Requested by
Host: visitloft.com
URL: http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
d84eeb45db142a81771ae7e9f44c37b5955a10b99e5933e56c51fde1e3efbaa2

Request headers

:method
GET
:authority
www.shapenewsjournal.com
:scheme
https
:path
/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://visitloft.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer
http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y

Response headers

date
Sat, 15 May 2021 01:44:24 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.6.40
cf-cache-status
DYNAMIC
cf-request-id
0a0f4b470300004eb023ace000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=obdaEZCpBoOX2TMOrhH%2FRWmiRL%2BD2%2Fc5ky7gtc7PnC%2BG9Owim5cYTG3IZ5Dv4wCyJhSGwGx2UvNEXG9%2FsqJFa2A9oY0OdLtUC3sHv8OFmdqscZf%2FehU%2FetduwZzsx1ihtmS3dhs%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64f8ae519d504eb0-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
nginx
date
Sat, 15 May 2021 01:44:24 GMT
content-type
text/html; charset=utf-8
content-length
283
location
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
set-cookie
uniqueClick_TZW7X=e7f3e58e-39d9-4d59-bbfe-8d20c5156839:1621043064; Path=/; Expires=Sun, 16 May 2021 01:44:24 GMT; Secure; SameSite=None transaction_id=aa3f6a5fb0554f6193818df93fba2b66; Path=/; Expires=Fri, 13 Aug 2021 01:44:24 GMT; Secure; SameSite=None
vary
Origin
x-eflow-request-id
83697acf-b7a5-46de-861e-7454ac18d5cf
via
1.1 google
alt-svc
clear
enqueue
api.traversedlp.com/retargetinginclusion/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol
H2
Server
34.203.99.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-99-241.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://visitloft.com
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 15 May 2021 01:44:24 GMT
content-type
text/html; charset=utf-8
content-length
228
server
nginx/1.18.0
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin
http://visitloft.com
access-control-allow-credentials
true
access-control-expose-headers
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers
content-type,authorization
allow
ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag
W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary
Accept-Encoding
enqueue
api.traversedlp.com/retargetinginclusion/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargetinginclusion/enqueue
Requested by
Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.99.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-99-241.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
http://visitloft.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
http://visitloft.com
date
Sat, 15 May 2021 01:44:24 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
vary
X-HTTP-Method-Override
access-control-expose-headers
0.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 5731
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=e323792a-6bed-466d-b315-d8b3d6659b30
0
0
1.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 5731
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif?emailMd5Lower=
35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif?emailMd5Lower=
Requested by
Host: visitloft.com
URL: http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.99.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-99-241.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
http://visitloft.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:24 GMT
server
nginx/1.18.0
content-type
image/gif
etag
W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length
35
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif?emailMd5Lower=
date
Sat, 15 May 2021 01:44:24 GMT
server
nginx/1.18.0
content-type
text/plain; charset=UTF-8
content-length
110
vary
Accept, Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
2.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 5731
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=
35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=
Requested by
Host: visitloft.com
URL: http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.99.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-99-241.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
http://visitloft.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:24 GMT
server
nginx/1.18.0
content-type
image/gif
etag
W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length
35
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=
date
Sat, 15 May 2021 01:44:24 GMT
server
nginx/1.18.0
content-type
text/plain; charset=UTF-8
content-length
110
vary
Accept, Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
3.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 5731
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=
35 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=
Requested by
Host: visitloft.com
URL: http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.99.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-99-241.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
http://visitloft.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:24 GMT
server
nginx/1.18.0
content-type
image/gif
etag
W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length
35
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=
date
Sat, 15 May 2021 01:44:24 GMT
server
nginx/1.18.0
content-type
text/plain; charset=UTF-8
content-length
110
vary
Accept, Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
4.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 5731
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=
35 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=
Requested by
Host: visitloft.com
URL: http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.99.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-99-241.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
http://visitloft.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:24 GMT
server
nginx/1.18.0
content-type
image/gif
etag
W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length
35
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=
date
Sat, 15 May 2021 01:44:24 GMT
server
nginx/1.18.0
content-type
text/plain; charset=UTF-8
content-length
110
vary
Accept, Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
5.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 5731
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=
35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=
Requested by
Host: visitloft.com
URL: http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.99.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-99-241.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
http://visitloft.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:24 GMT
server
nginx/1.18.0
content-type
image/gif
etag
W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length
35
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=
date
Sat, 15 May 2021 01:44:24 GMT
server
nginx/1.18.0
content-type
text/plain; charset=UTF-8
content-length
110
vary
Accept, Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
6.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 5731
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=
35 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=
Requested by
Host: visitloft.com
URL: http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.99.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-99-241.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
http://visitloft.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:24 GMT
server
nginx/1.18.0
content-type
image/gif
etag
W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length
35
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=
date
Sat, 15 May 2021 01:44:24 GMT
server
nginx/1.18.0
content-type
text/plain; charset=UTF-8
content-length
110
vary
Accept, Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
7.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame 5731
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=
35 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=
Requested by
Host: visitloft.com
URL: http://visitloft.com/a499608b87528a509602e9aa38ac908c3/?sid1=5e40ks20u6pvc88419pzji&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y&sid2=ee_others|wwwwx|ffmvs&sid3=vct609be4a5707f5okc&sid4=30gb5oa|15787|zzzyrffmvs|Y/ee_others-wwwwx-ffmvs-vct609be4a5707f5okc/30gb5oa-15787-zzzyrffmvs-Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.99.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-99-241.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
http://visitloft.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:24 GMT
server
nginx/1.18.0
content-type
image/gif
etag
W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length
35
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=
date
Sat, 15 May 2021 01:44:24 GMT
server
nginx/1.18.0
content-type
text/plain; charset=UTF-8
content-length
110
vary
Accept, Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.shapenewsjournal.com
Referer
https://www.shapenewsjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617, 617
age
199396
cdn-cachedat
2021-05-12 14:24:26
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a0f4b4833000016ea9192a000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3df2402378d5ea5f8e058025fd435d7a
cf-ray
64f8ae538c0f16ea-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
style.css
www.shapenewsjournal.com/natural_health_update_keto2/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shapenewsjournal.com/natural_health_update_keto2/css/style.css
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25043bc54978067c382c408d0140af0d3ff1697a0c6298561a762fac71ab218d

Request headers

:path
/natural_health_update_keto2/css/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.shapenewsjournal.com
referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
60853
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a0f4b482400002bc2bc10f000000001
last-modified
Fri, 05 Jun 2020 21:37:24 GMT
server
cloudflare
etag
W/"c36-5a75d111b8050"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yBpJ45jm2KgQDt8RaRluTRH9hIyZ92v9Bx4vACgwqz3YoRQAj07ZfKozI45ye9bJ2wJqMT0VXI%2FNmdM1aOAiKEdoshF2HEzlt2kHYqehtBdAxBFF6JkTcemKuG5QBsAzo96rHjk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
64f8ae5368152bc2-FRA
expires
Sat, 14 May 2022 08:50:11 GMT
utils.min.css
cdn.offerspace.com/conceptweb/offer_scripts/ 		0
0
utils.min.js
s3.amazonaws.com/conceptweb/offer_scripts/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/conceptweb/offer_scripts/utils.min.js
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.72.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5450063c10177dcb98beb6d3d029e3dc8f762884ec91b62e2d5e95b2f00480f5

Request headers

Referer
https://www.shapenewsjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Sat, 15 May 2021 01:44:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Mar 2017 18:55:48 GMT
Server
AmazonS3
x-amz-request-id
8MYQVYT3KC10AR0T
ETag
"dc0cfa2bbceee846381c8e7f03b18b01"
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
3553
x-amz-id-2
leELFB9xxJ8xfw15I3xrlIAtc4XPq81fqZEHjb5/dA1b0xY8w7xraOYZuOykDPgUGDltBqXXkus=
20off.gif
www.shapenewsjournal.com/natural_health_update_keto2/images/ 		169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shapenewsjournal.com/natural_health_update_keto2/images/20off.gif
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
471fcfb325d0a6303ab5fe3244f9256eb5203633a5fefae662698fc191d61c29

Request headers

:path
/natural_health_update_keto2/images/20off.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.shapenewsjournal.com
referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:25 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
60853
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
173285
cf-request-id
0a0f4b49a400002bc25e299000000001
last-modified
Fri, 05 Jun 2020 21:37:26 GMT
server
cloudflare
etag
"2a4e5-5a75d113e5a2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DkqgSDn4QikwObwIXrbDtZkwcw7WBgnUzG40AsVcbbuWjgr%2BShKcqRDQGbSRhpCwCHHC77qWWOSMvuSitVrmViGLs5st5bX6H17zsNmkSQ1XGRuaciZ%2BGRQtpOwZDJOGmT9FWmo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
64f8ae55da812bc2-FRA
expires
Sat, 14 May 2022 08:50:11 GMT
5b3cf62e74116d57ee5892af.dms
www.shapenewsjournal.com/natural_health_update_keto2/files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shapenewsjournal.com/natural_health_update_keto2/files/5b3cf62e74116d57ee5892af.dms
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/natural_health_update_keto2/files/5b3cf62e74116d57ee5892af.dms
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.shapenewsjournal.com
referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

cf-request-id
0a0f4b484c00002bc2b780b000000001
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
date
Sat, 15 May 2021 01:44:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pUYZOT%2FZi8cHvO12Xbjcrrz9sd5upEPCFETa57j%2B0JH%2BFZGVp2f6ryQms7xSMw5SXHkWZmiyiMHhvieIU2RF8LvOwc2BUPBqf6NgHtV82xoEi0XopTiNkX%2Byh93fTThveHCJIdM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
64f8ae53a85f2bc2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
sharethis.js
platform-api.sharethis.com/js/ 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:f400:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe

Request headers

Referer
https://www.shapenewsjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:42:22 GMT
content-encoding
gzip
age
123
etag
W/"192cc-3TBOdKYF02HlA++J6fQ0dmTq6Ow"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
dM2JKeft8fAAKdbQ6r_yW43x-hPNk9ZNCM_pFMNTT1nRvEjBYzwvPQ==
logo-v2.png
www.shapenewsjournal.com/natural_health_update_keto2/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shapenewsjournal.com/natural_health_update_keto2/images/logo-v2.png
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74754ab36a3366e5691123d83414d3db457fb4576e8766a25888094005707e19

Request headers

:path
/natural_health_update_keto2/images/logo-v2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.shapenewsjournal.com
referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:25 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
205414
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3828
cf-request-id
0a0f4b49a600002bc26316d000000001
last-modified
Fri, 05 Jun 2020 21:37:27 GMT
server
cloudflare
etag
"ef4-5a75d1147a12d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V66eQRT4159%2BKVH3RYAwSG%2FTwZkvEjxE%2F52pcjIQkfyGYcmSstyKFhiMqcwSg5sKMzlVXxQF%2F6RbtWbVjou%2B7vW4cjNf3V7DCPJYO0zHV3MuZfMNNr5RE67PcKY4HaNivRlqb4I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
64f8ae55da842bc2-FRA
expires
Thu, 12 May 2022 16:40:51 GMT
before1.jpg
www.shapenewsjournal.com/natural_health_update_keto2/images/ 		444 KB
445 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shapenewsjournal.com/natural_health_update_keto2/images/before1.jpg
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4015e95e54abcbd6715b5af47fd67250c9ca887e5dc7a95500dea95a9f6c0031

Request headers

:path
/natural_health_update_keto2/images/before1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.shapenewsjournal.com
referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:25 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
60854
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
454882
cf-request-id
0a0f4b49a600002bc28a9a3000000001
last-modified
Fri, 05 Jun 2020 21:37:25 GMT
server
cloudflare
etag
"6f0e2-5a75d1129f76f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IZbkxswwEsFmMH7k0J5Uq1doeinNtJDgn7RCIRsODS7llUZ6G97J%2BkJs%2B1DVasSaiTeVy9F5qRu%2B2r%2FO1CHapr8wcUiU3mIhJG41nndPkvvrcVZ3xCOskkx7ohQ3SkYVhkaKl6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
64f8ae55da852bc2-FRA
expires
Sat, 14 May 2022 08:50:11 GMT
before2.jpg
www.shapenewsjournal.com/natural_health_update_keto2/images/ 		506 KB
507 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shapenewsjournal.com/natural_health_update_keto2/images/before2.jpg
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a4ed5c1f17da50426661730104cddcf63718aee9d00c1fab7735437dcc1435

Request headers

:path
/natural_health_update_keto2/images/before2.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.shapenewsjournal.com
referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:25 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
60854
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
518576
cf-request-id
0a0f4b49a700002bc2941b8000000001
last-modified
Fri, 05 Jun 2020 21:37:25 GMT
server
cloudflare
etag
"7e9b0-5a75d112b7e0f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DMyjeO74kWqpy7cdQVdcHCn%2BTd71uFAuloKgcTQVeei%2FzrZ6OyRG5ZUUY1YsbCHiqhU888LUokvbnFY%2BeyZ4MeUzOxasQbumKiEz%2FpG5oV6LoyVayWHP9pPa%2B4pkkzZRDlQARDY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
64f8ae55da862bc2-FRA
expires
Sat, 14 May 2022 08:50:11 GMT
sanitize.jpg
www.shapenewsjournal.com/natural_health_update_keto2/images/ 		267 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shapenewsjournal.com/natural_health_update_keto2/images/sanitize.jpg
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6026188c67f7b49b89630b7daeb464f84fc424bbd7f13ee219add711ece9fc58

Request headers

:path
/natural_health_update_keto2/images/sanitize.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.shapenewsjournal.com
referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:25 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
60853
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
273780
cf-request-id
0a0f4b49a700002bc2a71e9000000001
last-modified
Fri, 05 Jun 2020 21:37:26 GMT
server
cloudflare
etag
"42d74-5a75d1138eb8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YRvAMoGKCaZgj14QlOwjh8wb24e54lucakBMvzl3kSVC1oBip6LfBwO707OESXgjAk3UA87Lx6vCHd0oZsdrRJfahwFEcIIT7ZJFklnlpaUCcHDlFnHLocN2uiB1%2BWCZlRVfw0w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
64f8ae55da882bc2-FRA
expires
Sat, 14 May 2022 08:50:12 GMT
before3.jpg
www.shapenewsjournal.com/natural_health_update_keto2/images/ 		245 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shapenewsjournal.com/natural_health_update_keto2/images/before3.jpg
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9263292f9bab3fd5778db2b476845f26799be7cd44865740524e41281ada2cef

Request headers

:path
/natural_health_update_keto2/images/before3.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.shapenewsjournal.com
referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:25 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
60854
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
251333
cf-request-id
0a0f4b49a700002bc2b22c4000000001
last-modified
Fri, 05 Jun 2020 21:37:25 GMT
server
cloudflare
etag
"3d5c5-5a75d11311b8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VFCKa4iszbyTVL%2BIseG2a8%2BpWfqBZBMkl7PVilmi34PRAkUTUoFW%2FdZ5lPkMn6Y%2FcQuKNsdOUyLuz8ut5C620%2FzHzLCT1NeXmuwD%2FnBKsFhE7UkmRGb7D4JZO6dl9BwKJyg8MD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
64f8ae55da892bc2-FRA
expires
Sat, 14 May 2022 08:50:11 GMT
css
fonts.googleapis.com/ 		3 KB
583 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,700,900&display=swap
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d640f70278cfdea8d208c48d417e15c8198fc7a2ed854acbdfa63fa66b02d48c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.shapenewsjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 15 May 2021 01:44:24 GMT
server
ESF
date
Sat, 15 May 2021 01:44:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 May 2021 01:44:24 GMT
css
fonts.googleapis.com/ 		3 KB
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:900,900i&display=swap
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
67961f4d2a301abc47a85011913e502d67b94661586803c399f093b9da0d10bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.shapenewsjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 15 May 2021 01:44:24 GMT
server
ESF
date
Sat, 15 May 2021 01:44:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 May 2021 01:44:24 GMT
3step.jpg
www.shapenewsjournal.com/natural_health_update_keto2/images/ 		197 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shapenewsjournal.com/natural_health_update_keto2/images/3step.jpg
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c151362b297201111e4c266a206e2e5619c647029baeacce5a02a0511fbcd64d

Request headers

:path
/natural_health_update_keto2/images/3step.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.shapenewsjournal.com
referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:25 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
60854
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
201343
cf-request-id
0a0f4b49a700002bc235240000000001
last-modified
Fri, 05 Jun 2020 21:37:27 GMT
server
cloudflare
etag
"3127f-5a75d114a028c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5DkGN0s1ZETfIQIlZ%2BmHngOcCvA98R6zKNrfaevMhpI68Th%2F27AXIerOI7ogNT0q7ywLcSM%2FgpwQc6%2BPIm2Gq%2Bz3CRjts2L3m6UGBZWNtSVEOFmw7YU%2BOqAtBH2LpSaSe%2FHSaew%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
64f8ae55da8a2bc2-FRA
expires
Sat, 14 May 2022 08:50:11 GMT
immune-defense.png
www.shapenewsjournal.com/natural_health_update_keto2/images/ 		308 KB
309 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shapenewsjournal.com/natural_health_update_keto2/images/immune-defense.png
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a39b787852ae22e2aebe6af7b6187aa38d59b10534271a78e71efe263dfe20

Request headers

:path
/natural_health_update_keto2/images/immune-defense.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.shapenewsjournal.com
referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:25 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
60853
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
315389
cf-request-id
0a0f4b49a800002bc268a9d000000001
last-modified
Fri, 05 Jun 2020 21:37:27 GMT
server
cloudflare
etag
"4cffd-5a75d114cb20c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wIV40EnvczRBnzShrapOQaGdxxJ7R8Oo2oaHYr1rJkar4qRxD9WIuEUN%2FbkH%2BfNzhf2ofuZL8%2F%2BPIW8NxNF3H6B%2BjTbrv9LBHF96YwYmLi%2BvYMgqCwoXPUywoL4Vp0zR17w2JYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
64f8ae55da8b2bc2-FRA
expires
Sat, 14 May 2022 08:50:12 GMT
product.png
www.shapenewsjournal.com/natural_health_update_keto2/images/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shapenewsjournal.com/natural_health_update_keto2/images/product.png
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52cdfda2ec2f9eae6c6a4a71a29c7ad2669a357a761b028af3f14965755d425b

Request headers

:path
/natural_health_update_keto2/images/product.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.shapenewsjournal.com
referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:25 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
60854
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59698
cf-request-id
0a0f4b49a800002bc2c2bfd000000001
last-modified
Fri, 05 Jun 2020 21:37:25 GMT
server
cloudflare
etag
"e932-5a75d1133ea4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4Fv4ffhhclw1jTNLaIoFVy03tm2sA6aMr6zq45U8b2MxrrKKgFMrYRfrJc1uieKMtk1Y7bDiOD2uzFmL6AGp%2FWL451G0G5GMdCS1fb4wWuBSrqRAuBupju1PlN%2BGnzUKFIEJ2Rc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
64f8ae55da8c2bc2-FRA
expires
Sat, 14 May 2022 08:50:11 GMT
health-compare.jpg
www.shapenewsjournal.com/natural_health_update_keto2/images/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shapenewsjournal.com/natural_health_update_keto2/images/health-compare.jpg
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2359a59bb2aa16c180ad2597e667752879742954757c418f214b70896dac28ae

Request headers

:path
/natural_health_update_keto2/images/health-compare.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.shapenewsjournal.com
referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:25 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
60853
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37436
cf-request-id
0a0f4b49a800002bc29b1e7000000001
last-modified
Fri, 05 Jun 2020 21:37:25 GMT
server
cloudflare
etag
"923c-5a75d112e9aef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UhGq2YQxbOSj0BK3fS4bboKH%2FP92W4Vz4I7pXkTIVI7vn9xqkQgqOgiO6O7qNM2JMdqp5SHlpJWgXz%2FWooFHTKbuTHTV8ozDSHZqw7%2Fc0S%2BKBiTNcKtw9tGd6KdmNKdA2Y%2FOEjU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
64f8ae55da8d2bc2-FRA
expires
Sat, 14 May 2022 08:50:11 GMT
toolbox.js
cdn.offerspace.com/conceptweb/master/sites/scripts/js/ 		0
0
jquery-3.4.1.slim.min.js
code.jquery.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Origin
https://www.shapenewsjournal.com
Referer
https://www.shapenewsjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:25 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-1157d"
vary
Accept-Encoding
x-hw
1621043065.dop207.fr8.t,1621043065.cds240.fr8.hn,1621043065.cds260.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24328
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.shapenewsjournal.com
Referer
https://www.shapenewsjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
8131511
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
7510
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
x-served-by
cache-fra19182-FRA, cache-hhn4021-HHN
date
Sat, 15 May 2021 01:44:25 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.shapenewsjournal.com
Referer
https://www.shapenewsjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
199397
cdn-cachedat
2021-05-12 15:07:21
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a0f4b49790000537396807000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3bc0f85ce7ff0d7916cf9367fa8107b4
cf-ray
64f8ae558c5a5373-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
0be68329df.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/0be68329df.js
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c055ff37481d55dbd04dcb3733dc228739bea65919e4168ed9cdcd03133f224d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Origin
https://www.shapenewsjournal.com
Referer
https://www.shapenewsjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:25 GMT
content-encoding
gzip
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status
REVALIDATED
strict-transport-security
max-age=31536000; preload
cf-request-id
0a0f4b499e0000bec4deaf0000000001
x-request-id
Fn7itCJ8bkIV7KYJhI3h
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
cf-ray
64f8ae55c94dbec4-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
5b3cf62e74116d57ee5892af.dms
www.shapenewsjournal.com/natural_health_update_keto2/files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shapenewsjournal.com/natural_health_update_keto2/files/5b3cf62e74116d57ee5892af.dms
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3a59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/natural_health_update_keto2/files/5b3cf62e74116d57ee5892af.dms
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.shapenewsjournal.com
referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

cf-request-id
0a0f4b49a700002bc23e00c000000001
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
date
Sat, 15 May 2021 01:44:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uDjOCMbnyLJnqLS5vO7pl%2BdHI6nTtqA%2FkmFBy9jY5OkZ%2FkxKx%2FVVTAVrG57tV88gD3bY7JWxDg7CWVTidesDm540S58m3wANAjdxd7jlxLx9kCd4309bX7m0knKv2OCJ25OZkmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
64f8ae55da872bc2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v9/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v9/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a4918ffe64106f49bc51cc7105702b64ddeb8a72bd89e5b2d242e7682b7d691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.shapenewsjournal.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:44:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 21:40:26 GMT
server
sffe
age
122423
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55340
x-xss-protection
0
expires
Fri, 13 May 2022 15:44:02 GMT
5e82468dfe254100193f8484.js
buttons-config.sharethis.com/js/ 		30 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5e82468dfe254100193f8484.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Request headers

Referer
https://www.shapenewsjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 15 May 2021 01:44:26 GMT
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
last-modified
Mon, 30 Mar 2020 19:20:47 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"e6e1643313740711175f51662a65b42f"
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
accept-ranges
bytes
content-length
30
x-amz-cf-id
OHN7QgBEr_9zUYkWoI6XwXnVcEYkPveL6OnUl-sxq54glfRoyPX4Tw==
nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_gGUXtHA-Q.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v22/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_gGUXtHA-Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:900,900i&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
842e10af26215bc23bf4b208540d99486530697a7ce63d36486881d139cdde81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.shapenewsjournal.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:35:50 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 20:30:05 GMT
server
sffe
age
122915
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29180
x-xss-protection
0
expires
Fri, 13 May 2022 15:35:50 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=0be68329df
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0be68329df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929

Request headers

Referer
https://www.shapenewsjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Sat, 15 May 2021 01:44:25 GMT
via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
206385
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a0f4b4b690000974e4125d000000001
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
etag
W/"390b4210e10c744c3c597500bcf0b31a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4bID5D%2BrLYZHW6eHQ4B9%2F6f27NuP6XHe3C4FebBXqTWmsa%2FXHOh4Msnja2VB6VVexJGck7uxjWfjxH%2BQX9EryH4ER6%2Fn%2BJ0TYUVd9qRN628sl5w5cnayFRX5TCEOt4PJ0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA2-C1
cf-ray
64f8ae58a83e974e-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
uycmD3kH7AN2haCTz3OZbMM_lGzog2igdVumMr-5-E7-7_gzYHgovQ==
portal-v2.html
c.sharethis.mgr.consensu.org/ Frame FD0F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:c200:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method
GET
:authority
c.sharethis.mgr.consensu.org
:scheme
https
:path
/portal-v2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.shapenewsjournal.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer
https://www.shapenewsjournal.com/

Response headers

content-type
text/html; charset=utf-8
content-encoding
gzip
date
Sat, 15 May 2021 01:25:19 GMT
cache-control
max-age=3600, public
etag
W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
NXN57c0ppiLfjYF9rkq4CHvAOqev5D2GYJIorbHvGzZytZmulx4ZkQ==
age
1146
pview
l.sharethis.com/ 		0
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=www.shapenewsjournal.com&location=%2Fnatural_health_update_keto2%2F&product=inline-share-buttons&url=https%3A%2F%2Fwww.shapenewsjournal.com%2Fnatural_health_update_keto2%2F%3FCID%3D18%26affid%3D8%26subid%3D107562%26ClickID%3Daa3f6a5fb0554f6193818df93fba2b66%26AffClickID%3Db6f23cf4343030fc7f8eb08e793a3bbf%26subid1%3D5e40ks20u6pvc88419pzji%26subid2%3D%26subid3%3D%26subid4%3D&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Natural%20Health%20Update&refDomain=visitloft.com&cms=sop&publisher=5e82468dfe254100193f8484&sop=true&bsamesite=true&consent_cookie_duration=143&consent_duration=143&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shapenewsjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Sat, 15 May 2021 01:44:25 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://www.shapenewsjournal.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
log
l.sharethis.com/ 		0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/log?event=ibl&url=http%3A%2F%2Fvisitloft.com%2F&fcmp=false&fcmpv2=false&has_segmentio=false&product=inline-share-buttons&publisher=5e82468dfe254100193f8484&refDomain=visitloft.com&refQuery=&source=sharethis.js&title=Natural%20Health%20Update&ts=1621043065738&sop=true&cms=sop&gdpr_domain=.consensu.org&gdpr_method=cookie&description=
Requested by
Host: www.shapenewsjournal.com
URL: https://www.shapenewsjournal.com/natural_health_update_keto2/?CID=18&affid=8&subid=107562&ClickID=aa3f6a5fb0554f6193818df93fba2b66&AffClickID=b6f23cf4343030fc7f8eb08e793a3bbf&subid1=5e40ks20u6pvc88419pzji&subid2=&subid3=&subid4=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shapenewsjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Sat, 15 May 2021 01:44:25 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.traversedlp.com
URL
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=e323792a-6bed-466d-b315-d8b3d6659b30
Domain
cdn.offerspace.com
URL
https://cdn.offerspace.com/conceptweb/offer_scripts/utils.min.css
Domain
cdn.offerspace.com
URL
https://cdn.offerspace.com/conceptweb/master/sites/scripts/js/toolbox.js

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| PreventExitSplash function| setUrl function| setSelector function| setMouseOut function| setRedirect function| enable object| Exit function| load object| UpSellIt object| dayNames object| monthNames object| now object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ function| $ function| jQuery function| Popper object| bootstrap object| FontAwesomeKitConfig

1 Cookies

Domain/Path Name / Value
www.shapenewsjournal.com/ Name: os3_form_crippler
Value:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.traversedlp.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.jsdelivr.net
cdn.offerspace.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
l.sharethis.com
platform-api.sharethis.com
s3.amazonaws.com
sliterial.eu
stackpath.bootstrapcdn.com
static.bouncepilot.com
static.traversedlp.com
storage.googleapis.com
visitloft.com
www.et6mtrk.com
www.googletagmanager.com
www.shapenewsjournal.com
api.traversedlp.com
cdn.offerspace.com
13.225.74.129
2001:4de0:ac18::1:a:2b
23.236.239.149
2600:9000:211a:f800:10:b308:84c0:93a1
2600:9000:2190:8800:c:abe:f440:93a1
2600:9000:2190:c200:c:a9b7:ddc0:93a1
2600:9000:2190:f400:1c:8a07:5e80:93a1
2606:4700:3035::6815:3a59
2606:4700::6812:1734
2606:4700::6812:acf
2606:4700:e2::ac40:8509
2a00:1450:4001:803::2010
2a00:1450:4001:811::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a04:4e42:1b::621
34.203.99.241
35.186.199.111
52.217.72.110
52.29.0.64
72.9.145.108
2359a59bb2aa16c180ad2597e667752879742954757c418f214b70896dac28ae
25043bc54978067c382c408d0140af0d3ff1697a0c6298561a762fac71ab218d
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe
4015e95e54abcbd6715b5af47fd67250c9ca887e5dc7a95500dea95a9f6c0031
471fcfb325d0a6303ab5fe3244f9256eb5203633a5fefae662698fc191d61c29
52cdfda2ec2f9eae6c6a4a71a29c7ad2669a357a761b028af3f14965755d425b
5450063c10177dcb98beb6d3d029e3dc8f762884ec91b62e2d5e95b2f00480f5
5a4918ffe64106f49bc51cc7105702b64ddeb8a72bd89e5b2d242e7682b7d691
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
6026188c67f7b49b89630b7daeb464f84fc424bbd7f13ee219add711ece9fc58
67961f4d2a301abc47a85011913e502d67b94661586803c399f093b9da0d10bf
6883197c20c58a0804b6ad6da9c06c9daff14267d65fe286666a1c08a61ba1e1
6e233444035bb23669f6b4f82d84600f810ded6a52ffa0450b8222d4ea4728b3
74754ab36a3366e5691123d83414d3db457fb4576e8766a25888094005707e19
842e10af26215bc23bf4b208540d99486530697a7ce63d36486881d139cdde81
9263292f9bab3fd5778db2b476845f26799be7cd44865740524e41281ada2cef
990496c62d75c59da1df0eff05e9bec618c45cb59eab0e0864594c9251eba89c
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
a5ddea1d9b8fb2653ba5fc933709a945b1da873626f86dae34d85adb33b714f1
a8a39b787852ae22e2aebe6af7b6187aa38d59b10534271a78e71efe263dfe20
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
c055ff37481d55dbd04dcb3733dc228739bea65919e4168ed9cdcd03133f224d
c151362b297201111e4c266a206e2e5619c647029baeacce5a02a0511fbcd64d
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
d640f70278cfdea8d208c48d417e15c8198fc7a2ed854acbdfa63fa66b02d48c
d84eeb45db142a81771ae7e9f44c37b5955a10b99e5933e56c51fde1e3efbaa2
df7c2c768452d96276e56f817640a93601017fc101ec8b9d72e2e73ecd107674
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a4ed5c1f17da50426661730104cddcf63718aee9d00c1fab7735437dcc1435