rawlsmd.com Open in urlscan Pro
162.159.135.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://extras.unlockinglyme.com/
Effective URL:
https://rawlsmd.com/unlocking-lyme-extras
Submission: On November 30 via api (November 30th 2024, 10:51:52 am UTC) from US — Scanned from IT

Summary HTTP 179 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 61 IPs in 8 countries across 50 domains to perform 179 HTTP transactions. The main IP is 162.159.135.42, located in and belongs to CLOUDFLARENET, US. The main domain is rawlsmd.com.
TLS certificate: Issued by WE1 on October 18th 2024. Valid for: 3 months.

This is the only time rawlsmd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.159.134.42 162.159.134.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
50	162.159.135.42 162.159.135.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
2	18.172.112.117 18.172.112.117	16509 (AMAZON-02) (AMAZON-02)
4	104.19.148.8 104.19.148.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
2	172.64.147.119 172.64.147.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.80.22.109 99.80.22.109	16509 (AMAZON-02) (AMAZON-02)
4	172.217.18.104 172.217.18.104	15169 (GOOGLE) (GOOGLE)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
3	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
10	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
18	212.102.46.118 212.102.46.118	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	54.147.125.227 54.147.125.227	14618 (AMAZON-AES) (AMAZON-AES)
3	150.171.27.10 150.171.27.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	88.221.110.136 88.221.110.136	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	23.32.185.60 23.32.185.60	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2.19.224.184 2.19.224.184	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.225.220.126 67.225.220.126	32244 (LIQUIDWEB) (LIQUIDWEB)
1	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
4	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
1	74.125.71.155 74.125.71.155	15169 (GOOGLE) (GOOGLE)
3	70.42.32.159 70.42.32.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
2	46.137.150.200 46.137.150.200	16509 (AMAZON-02) (AMAZON-02)
1	13.35.58.27 13.35.58.27	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.88 99.86.4.88	16509 (AMAZON-02) (AMAZON-02)
5	172.66.42.248 172.66.42.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	74.119.117.16 74.119.117.16	19750 (AS-CRITEO) (AS-CRITEO)
1	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	35.214.136.108 35.214.136.108	19527 (GOOGLE-2) (GOOGLE-2)
1 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	5.135.209.104 5.135.209.104	16276 (OVH OVH SAS) (OVH OVH SAS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-A...) (TABOOLA-AS Taboola.com ltd)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-FR...) (IGUANE-FR Iguane Solutions SAS)
1 2	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.212.192.25 52.212.192.25	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH OVH SAS) (OVH OVH SAS)
1	63.33.115.87 63.33.115.87	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2.19.216.27 2.19.216.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.184.93.163 18.184.93.163	16509 (AMAZON-02) (AMAZON-02)
1	44.241.7.64 44.241.7.64	16509 (AMAZON-02) (AMAZON-02)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.72.38.170 3.72.38.170	16509 (AMAZON-02) (AMAZON-02)
1	2.19.217.101 2.19.217.101	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.243.100.87 54.243.100.87	14618 (AMAZON-AES) (AMAZON-AES)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	23.213.165.82 23.213.165.82	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.214.170.42 52.214.170.42	16509 (AMAZON-02) (AMAZON-02)
1	3.127.101.141 3.127.101.141	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (Amobee NE...) (Amobee NEXXEN GROUP LTD)
179	61

1 162.159.134.42 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

extras.unlockinglyme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 162.159.135.42 (None, )

ASN13335 (CLOUDFLARENET, US)

rawlsmd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.172.112.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-117.fra60.r.cloudfront.net

widget.wickedreports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.148.8 (None, )

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.147.119 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

www.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.22.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-22-109.eu-west-1.compute.amazonaws.com

addsearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.104 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f104.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 212.102.46.118 (Seattle, United States)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 212-102-46-118.bunnyinfra.net

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.147.125.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-125-227.compute-1.amazonaws.com

track.wickedreports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 150.171.27.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.110.136 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a88-221-110-136.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.19.224.184 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-184.deploy.static.akamaitechnologies.com

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.225.220.126 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.rtb123.com

www.rtb123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.71.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.137.150.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-150-200.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-27.fra60.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-88.fra6.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.66.42.248 (United States)

ASN13335 (CLOUDFLARENET, US)

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.16 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.136.108 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.135.209.104 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip104.ip-5-135-209.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-FR Iguane Solutions SAS, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.27.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.192.25 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-192-25.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.115.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-115-87.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.216.27 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-216-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.93.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-93-163.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.241.7.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-7-64.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.72.38.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-38-170.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.217.101 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-101.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.100.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-100-87.compute-1.amazonaws.com

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.165.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-82.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.170.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-170-42.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.101.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-101-141.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (Amobee NEXXEN GROUP LTD, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	rawlsmd.com rawlsmd.com	1 MB
23	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 6331 api.omappapi.com — Cisco Umbrella Rank: 6333	88 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	383 KB
8	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2604 tracking.crazyegg.com — Cisco Umbrella Rank: 4586 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 5885 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 5780	42 KB
6	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 495 ib.adnxs.com — Cisco Umbrella Rank: 281	6 KB
6	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 450 sslwidget.criteo.com — Cisco Umbrella Rank: 2375 widget.us.criteo.com — Cisco Umbrella Rank: 17327 dis.criteo.com — Cisco Umbrella Rank: 702	7 KB
6	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3405 wave.outbrain.com — Cisco Umbrella Rank: 4277 tr.outbrain.com — Cisco Umbrella Rank: 3357 sync.outbrain.com — Cisco Umbrella Rank: 897	11 KB
6	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 142	2 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182 stats.g.doubleclick.net — Cisco Umbrella Rank: 135 cm.g.doubleclick.net — Cisco Umbrella Rank: 284	4 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 953	4 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	353 KB
3	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 333	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 359	15 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	88 KB
3	wickedreports.com widget.wickedreports.com — Cisco Umbrella Rank: 59637 track.wickedreports.com — Cisco Umbrella Rank: 88165	10 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 513	739 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 262	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1967	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1065	25 KB
2	addsearch.com addsearch.com — Cisco Umbrella Rank: 53792	15 KB
2	klaviyo.com static.klaviyo.com Failed www.klaviyo.com — Cisco Umbrella Rank: 25063 a.klaviyo.com — Cisco Umbrella Rank: 3739	10 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1246	378 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2034	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3004	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 6846	235 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 429	140 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2884	399 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2996	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 530	58 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 419	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 920	225 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1040	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1697	877 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 724	832 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 15557	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 800	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 533	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 848	342 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1988	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 739	114 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 393	183 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	21 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	6 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	16 KB
1	rtb123.com www.rtb123.com — Cisco Umbrella Rank: 28479	2 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 831	14 KB
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 4137	15 KB
1	unlockinglyme.com 1 redirects extras.unlockinglyme.com	730 B
179	50

	Domain	Requested by
50	rawlsmd.com	rawlsmd.com
18	a.omappapi.com	rawlsmd.com a.omappapi.com
10	fonts.gstatic.com	rawlsmd.com fonts.googleapis.com
5	api.omappapi.com	a.omappapi.com
5	www.google.com	rawlsmd.com www.googletagmanager.com www.gstatic.com
4	secure.adnxs.com	2 redirects rawlsmd.com
4	ct.pinterest.com	s.pinimg.com
4	www.facebook.com	rawlsmd.com
4	www.googletagmanager.com	rawlsmd.com www.googletagmanager.com
4	script.crazyegg.com	rawlsmd.com script.crazyegg.com
3	px.ads.linkedin.com	snap.licdn.com rawlsmd.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com rawlsmd.com
3	connect.facebook.net	rawlsmd.com connect.facebook.net
2	sync.1rx.io	2 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	1 redirects
2	dis.criteo.com
2	tracking.crazyegg.com	script.crazyegg.com
2	gum.criteo.com	1 redirects static.criteo.net
2	tr.outbrain.com	amplify.outbrain.com
2	td.doubleclick.net	www.googletagmanager.com
2	s.pinimg.com	rawlsmd.com s.pinimg.com
2	amplify.outbrain.com	rawlsmd.com amplify.outbrain.com
2	addsearch.com	rawlsmd.com addsearch.com
2	widget.wickedreports.com	rawlsmd.com widget.wickedreports.com
2	fonts.googleapis.com	rawlsmd.com a.omappapi.com
1	sync.targeting.unrulymedia.com
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	eb2.3lift.com
1	criteo-partners.tremorhub.com
1	criteo-sync.teads.tv
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	contextual.media.net
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	x.bidswitch.net
1	cm.g.doubleclick.net	1 redirects
1	www.google-analytics.com	a.omappapi.com
1	widget.us.criteo.com	rawlsmd.com
1	sslwidget.criteo.com	1 redirects
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	cdnjs.cloudflare.com	www.klaviyo.com
1	a.klaviyo.com	www.klaviyo.com
1	wave.outbrain.com	amplify.outbrain.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	static.criteo.net	www.googletagmanager.com
1	www.rtb123.com	rawlsmd.com
1	snap.licdn.com	www.googletagmanager.com
1	track.wickedreports.com	widget.wickedreports.com
1	www.gstatic.com	www.google.com
1	d.impactradius-event.com	rawlsmd.com
1	www.klaviyo.com	rawlsmd.com
1	extras.unlockinglyme.com	1 redirects
0	static.klaviyo.com Failed	rawlsmd.com
179	69

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
www.youtube.com
vitalplan.typeform.com
store.vitalplan.com
survey.vitalplan.com
facebook.com
cellularwellness.com
www.addsearch.com

Subject Issuer	Validity	Valid
rawlsmd.com WE1	`2024-10-18` - `2025-01-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
widget.wickedreports.com Amazon RSA 2048 M02	`2024-07-02` - `2025-07-31`	a year	crt.sh
script.crazyegg.com E5	`2024-11-27` - `2025-02-25`	3 months	crt.sh
www.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
www.klaviyo.com WE1	`2024-11-14` - `2025-02-12`	3 months	crt.sh
*.addsearch.com E5	`2024-11-04` - `2025-02-02`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-08` - `2025-01-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-08` - `2024-12-07`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
a.omappapi.com R10	`2024-11-05` - `2025-02-03`	3 months	crt.sh
track.wickedreports.com Amazon RSA 2048 M03	`2024-01-23` - `2025-02-19`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-02` - `2025-08-07`	a year	crt.sh
rtb123.com R11	`2024-10-26` - `2025-01-24`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-29` - `2025-02-25`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
a.klaviyo.com WE1	`2024-11-17` - `2025-02-15`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
crazyegg.com Amazon RSA 2048 M03	`2024-05-24` - `2025-06-23`	a year	crt.sh
omappapi.com WE1	`2024-10-12` - `2025-01-10`	3 months	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-23` - `2024-12-21`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
id5-sync.com E6	`2024-11-11` - `2025-02-09`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
itm.ivitrack.com R10	`2024-10-09` - `2025-01-07`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2024-10-23` - `2025-10-22`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2024-05-06` - `2025-06-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M03	`2024-07-31` - `2025-08-30`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
teads.tv R10	`2024-11-25` - `2025-02-23`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-08` - `2025-08-10`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M03	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://rawlsmd.com/unlocking-lyme-extras
Frame ID: C2B3DE38B696B885DB51615B8540C491
Requests: 150 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Frawlsmd.com
Frame ID: A23C3D8FC6A71C10E6DDABA96F0AD691
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/970654155?random=1732963905391&cv=11&fst=1732963905391&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9168099470z86621524za201zb6621524&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras&hn=www.googleadservices.com&frm=0&tiba=Unlocking%20Lyme%20Extras%20%7C%20RawlsMD&npa=0&pscdl=noapi&auid=431544078.1732963905&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 6C6E614E41F57C7C8BD5A6904F752428
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-SEKTF469LJ&gacid=388616825.1732963905&gtm=45je4bk0v867857906z86621524za200zb6621524&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=764441490
Frame ID: D08E958EFDC5F949C7A5EB4EAE2CD727
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyY-AUAAAAAGKV6Qf1A5lJh8zgrEkcUP3RQt5Q&co=aHR0cHM6Ly9yYXdsc21kLmNvbTo0NDM.&hl=it&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=yl43cb7pszxl
Frame ID: F36EACA3128621558A2D785E6C352E12
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=rawlsmd.com&origin=onetag
Frame ID: 1C715EE4FDB3447F13C55286B09E6540
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=it&v=pPK749sccDmVW_9DSeTMVvh2&k=6LfyY-AUAAAAAGKV6Qf1A5lJh8zgrEkcUP3RQt5Q
Frame ID: 357269CEF652E68BA0FDD351B715C9EB
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 82D68420167F56E718FA7BD6A83F5074
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Lhh1knF7gS6-EVIvo4Cme4v-6YG-9lhf7RltvA&google_gid=CAESEAv-EgsTzrQeMege26YAqlw&google_cver=1&google_ula=913071,0
Frame ID: 86D99884A9491826F3DF47A2820619B9
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Unlocking Lyme Extras | RawlsMD

Page URL History Show full URLs

https://extras.unlockinglyme.com/ HTTP 301
https://rawlsmd.com/unlocking-lyme-extras Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

179
Requests

93 %
HTTPS

0 %
IPv6

50
Domains

69
Subdomains

61
IPs

8
Countries

2642 kB
Transfer

6420 kB
Size

56
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/RawlsMD/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/RawlsMD
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/RawlsMD
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rawlsmd/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/RawlsMD
Title: YouTube

Search URL Search Domain Scan URL

URL: https://vitalplan.typeform.com/to/bBktda
Title: Take Survey »

Search URL Search Domain Scan URL

URL: https://vitalplan.typeform.com/to/r1GVbk
Title: Take Survey »

Search URL Search Domain Scan URL

URL: https://store.vitalplan.com/?irclickid=

Search URL Search Domain Scan URL

URL: https://survey.vitalplan.com/s3/vitalplanner?irclickid=

Search URL Search Domain Scan URL

URL: https://www.facebook.com/share.php?u=https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Unlocking+Lyme+Extras&url=https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras&via=RawlsMD
Title: Tweet

Search URL Search Domain Scan URL

URL: https://facebook.com/rawlsmd/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/rawlsmd
Title: Twitter

Search URL Search Domain Scan URL

URL: https://cellularwellness.com/
Title: The Cellular Wellness Solution

Search URL Search Domain Scan URL

URL: https://www.addsearch.com/?utm_source=customer&utm_medium=referer&utm_campaign=customer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://extras.unlockinglyme.com/ HTTP 301
https://rawlsmd.com/unlocking-lyme-extras Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 119

https://secure.adnxs.com/seg?add=24469328&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24469328%26t%3D2

Request Chain 120

https://secure.adnxs.com/seg?add=19895710&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19895710%26t%3D2

Request Chain 121

https://sslwidget.criteo.com/event?a=66983&v=5.29.0&otl=1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520user%252523%252523%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Afk2-V9XTHNzNVNGSWk5NnMwYSUyQmxMMkYxNkhrTzZMJTJGTVAyZGFjQURDbTAlMkJuVm1XMHY5JTJGUFRGUDBHWEF1cE5oOWoxWHlIc1RZNTNZZUswOEdITnlzVkdsSlJGWGxmWmNnaGZEJTJGJTJGRDRYMjg5bDRJUFhyUW5IQXhsUHNuTUxrR3ZOcTc3TXdoS3lqMkRGaWdmYWdKMjBCNjlPWHclM0QlM0Q&sc=%7B%22fbp%22%3A%22fb.1.1732963905347.678138857645554614%22%7D&tld=rawlsmd.com&fu=https%253A%252F%252Frawlsmd.com%252Funlocking-lyme-extras&ceid=5d5f6320-ea63-4e08-83e6-9cc5e12f76bf HTTP 302
https://widget.us.criteo.com/event?a=66983&v=5.29.0&otl=1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520user%252523%252523%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Afk2-V9XTHNzNVNGSWk5NnMwYSUyQmxMMkYxNkhrTzZMJTJGTVAyZGFjQURDbTAlMkJuVm1XMHY5JTJGUFRGUDBHWEF1cE5oOWoxWHlIc1RZNTNZZUswOEdITnlzVkdsSlJGWGxmWmNnaGZEJTJGJTJGRDRYMjg5bDRJUFhyUW5IQXhsUHNuTUxrR3ZOcTc3TXdoS3lqMkRGaWdmYWdKMjBCNjlPWHclM0QlM0Q&sc=%7B%22fbp%22%3A%22fb.1.1732963905347.678138857645554614%22%7D&tld=rawlsmd.com&fu=https%253A%252F%252Frawlsmd.com%252Funlocking-lyme-extras&ceid=5d5f6320-ea63-4e08-83e6-9cc5e12f76bf

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Lhh1knF7gS6-EVIvo4Cme4v-6YG-9lhf7RltvA&google_cm&google_hm=ay1MaGgxa25GN2dTNi1FVkl2bzRDbWU0di02WUctOWxoZjdSbHR2QQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Lhh1knF7gS6-EVIvo4Cme4v-6YG-9lhf7RltvA&google_gid=CAESEAv-EgsTzrQeMege26YAqlw&google_cver=1&google_ula=913071,0

Request Chain 147

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2903052867774048992

Request Chain 151

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rHfsEnF7gS6-EVIvo4Cme4v-6YFRYCsNpCNSjg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rHfsEnF7gS6-EVIvo4Cme4v-6YFRYCsNpCNSjg&C=1

Request Chain 152

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=y0kH5DaGz2Y9f94T9IR5Ad1FnW2IwHm4 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=y0kH5DaGz2Y9f94T9IR5Ad1FnW2IwHm4

Request Chain 169

https://sync.1rx.io/usersync/criteodsp/k-0DQc9HF7gS6-EVIvo4Cme4v-6YE4_nDIqzQ2oQ HTTP 302
https://sync.1rx.io/usersync/criteodsp/k-0DQc9HF7gS6-EVIvo4Cme4v-6YE4_nDIqzQ2oQ?zcc=1&cb=1732963911741 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-a88a16af-7c92-4416-97e3-861cdcfc6cf2-003

179 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request unlocking-lyme-extras Show response
rawlsmd.com/
Redirect Chain

https://extras.unlockinglyme.com/
https://rawlsmd.com/unlocking-lyme-extras

105 KB
19 KB

1815ms
1212ms

Document
text/html

162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4e8946f4edbc204e4e4822f96b08991f6d435b241d042936d9950a1c7434bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8eaa48a37c30903c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 30 Nov 2024 10:51:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
ki-cache-type: None
ki-cf-cache-status: BYPASS
ki-edge: v=20.2.8;mv=3.1.6
ki-origin: g1p
link: <https://rawlsmd.com/wp-json/>; rel="https://api.w.org/", <https://rawlsmd.com/wp-json/wp/v2/pages/1774>; rel="alternate"; title="JSON"; type="application/json", <https://rawlsmd.com/?p=1774>; rel=shortlink
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qeMdUPGlzmoHZ6wQqq1Qr8%2BNwR%2BVlyri%2BXXw9O3xzJ0h8RdPXCqWBS2IhdL7CAyz3ogp54JeGmsgDeuCH%2B%2FLxPeHJfklr6u2yJXBegVxPRR64Jw67ifd2%2FfsI8IQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-edge-location-klb: 1
x-kinsta-cache: EXPIRED

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: BYPASS
cf-ray: 8eaa489d1e1f2bc5-FRA
content-length: 162
content-type: text/html
date: Sat, 30 Nov 2024 10:51:41 GMT
ki-cf-cache-status: BYPASS
ki-edge: v=20.2.8;mv=3.1.6
ki-origin: g1p
location: https://rawlsmd.com/unlocking-lyme-extras
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8VIgK3WCSRgdxos0OwiHDUqtxRnKSHVcqZSd2xOTL8qVv5wamLDRhksh6Rj5BptNM1Z0%2BGFsv%2Fkv5C8NYiVXr57tSUIWXOJSRaYJumG34%2Fwj7Ld06FJpywh8DYOPmKcxE3nT4dAuB4T7KA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-edge-location-klb: 1

GET
H2 200 blocks.style.build.css
rawlsmd.com/wp-content/plugins/social-warfare/assets/js/post-editor/dist/ 2 KB
1 KB 196ms
195ms Stylesheet
text/css 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/social-warfare/assets/js/post-editor/dist/blocks.style.build.css?ver=6.7

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88a7e4cccc0b6c41c2083d7ab0ee74767320246b2ce97fa78339068b15fbb854

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"667d73fa-8a0"
age: 938621
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IVXa7%2FD%2FzP6vCAW7uUJIWKTUdNNiT9t5WYGBjt2cwj6hWIyR%2FyGhMOmhioYX7EEni%2BlAOiUUtTc5I6B2PEIqXBT%2BOE29Pfg5QFEiafoI3aPQhCAHAT080Z0XKsw7"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: text/css; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,76fd6e5a39dd5d56d48254fb4092476059c081df2c3e3edbabc025faa39451c1
last-modified: Thu, 27 Jun 2024 14:15:22 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48ac3909903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 style.min.css
rawlsmd.com/wp-includes/css/dist/block-library/ 112 KB
17 KB 196ms
196ms Stylesheet
text/css 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"673c97b2-1c012"
age: 939330
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPmZ2aUGJWifHf7GfNCwM7npKCaivovUorcYUyQv5YVTCXcPMSCA%2BXljX3vdPNehy7S%2FeMYKUwUQj5RfKVdP5VogGHQoPXUpFCvbY%2FqOYH0y0Ov89yP3wydWz8gO"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: text/css; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,1dd7a4e4a4e88568de8687a8e297e4cbd3f838e359126d56c62a77ab83bb31b3
last-modified: Tue, 19 Nov 2024 13:50:42 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48ac390c903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 animate.css
rawlsmd.com/wp-content/plugins/accesspress-social-icons/css/ 71 KB
5 KB 200ms
193ms Stylesheet
text/css 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/accesspress-social-icons/css/animate.css?ver=1.8.5

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88683b0a41b07f465377c8846933bdfb1e57fc9a54accef3e5fd0125bd052cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"586a2824-11cda"
age: 2568601
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l09pMP6b3t39fSMnLL99e5hwgrIWlQzuuYGnzVi7CwGM%2BRYrVI9MxU6JrrS35TtFxt%2FjH%2BShCMYcQqQzACi%2FVnQHnkNtSHvQHaM7T2xwZDDy46Shhd%2BCcuYg%2F5Et"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: text/css; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,3a6603ef031aa3b0b47d86b12b5e08d3a4236d55e45af619bd21579694755f09
last-modified: Mon, 02 Jan 2017 10:15:00 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48ac6925903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 frontend.css
rawlsmd.com/wp-content/plugins/accesspress-social-icons/css/ 2 KB
1004 B 208ms
202ms Stylesheet
text/css 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/accesspress-social-icons/css/frontend.css?ver=1.8.5

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28eadb514a489c24eba0e5d54ec975ea2e68599742bb8244a66c34bef772835a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"586a2823-9ff"
age: 785381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lj5XSLoE93WX9zHgDzC5PYI6vHpAmBXFOOvHlfyQvyOZ21Tr6PPLUfT23G6u8lSUugVZSs44JylKI44sgqWTMuuXirNkV3lkgvyjB1MzWePpnuyCDBqqNKFKHExC"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: text/css; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,55b6f5dc579570a41133d34823bead978ad61990957bc272488641e26419dd66
last-modified: Mon, 02 Jan 2017 10:14:59 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc94f903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 style.min.css
rawlsmd.com/wp-content/plugins/social-warfare/assets/css/ 96 KB
13 KB 272ms
266ms Stylesheet
text/css 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/social-warfare/assets/css/style.min.css?ver=4.4.7.3

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aa736f40eaad43214fcf3866fa8b56f002668d2da78b570a758241ee44c0046

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"667d73fa-1806f"
age: 2568601
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eO%2Bb2e1nG755REyyRAqHZYgtCPEMfobbw6ZFoUHjTzSMwBCK64VC1ol5Ukbx7t7riLH01znfFBc6do3S5VmobV0D%2F3e8MkhGXe8jbOUwsS7esNMC2EQ7BKAS4%2FEd"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: text/css; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,72c3517d883d642b2da370976e0c9fff7c96d39b6499076909d526ad04f892ce
last-modified: Thu, 27 Jun 2024 14:15:22 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc951903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 support-group.css
rawlsmd.com/wp-content/themes/Avada-Child-Theme/css/ 16 KB
4 KB 271ms
265ms Stylesheet
text/css 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/themes/Avada-Child-Theme/css/support-group.css?ver=6.7

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e7040ade4291db50d1fc733c01614e563bfb93be310874b5226670642c45d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"5d0c0ea9-3f7c"
age: 938621
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wIEu2Ghd6RkKcIiB8BC9lCsaw9wErBKUb2qvoevxGHoRuH%2FRaVNj%2FhgMbtlu6p%2BWGbDKPK%2BAX40d8CvFe55TMem9cb0Ew%2BlOTXwC%2BXjy2KNMzZqSlRcIXHhPWfln"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: text/css; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,070f5567dc0081a8360a77c2410cf22adb42654cad7ec717f81e82e2aa0db087
last-modified: Thu, 20 Jun 2019 22:54:33 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc952903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 public.css
rawlsmd.com/wp-content/plugins/recent-posts-widget-with-thumbnails/ 1 KB
1 KB 281ms
275ms Stylesheet
text/css 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38fa0b6989fd7990e69409c0398ab6854799c045a80d367adbb902ea40a1152d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"61237ce8-43a"
age: 1855548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JvVvliHV0SkZb6P%2BQSRlqkss9HswwOgr3vBVNOZrRme6ep0f6GyqCPLtSbGaGVGg%2BcllBYbTvr9%2BDbNzi65ilSFW2AcdVL0Xkrs03hkCvumzm%2FXGB6iBA5HUjPIY"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: text/css; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,29f80b80cb41c42f222c006ac5e0b296964c3c4040ef3c313527fdd67bfb01f0
last-modified: Mon, 23 Aug 2021 10:48:08 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc953903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 style.css
rawlsmd.com/wp-content/plugins/cf7-conditional-fields/ 2 KB
924 B 272ms
266ms Stylesheet
text/css 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/cf7-conditional-fields/style.css?ver=2.4.7

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cedc9155263d1f634191e71f3c9ce256b315f833e375739ed0e65087996428cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65d019c9-651"
age: 15755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0B%2BG7uJOyH%2FwMNEdaYek0pfjMUF5m49fD8JeoB7EkCLO9iWyrINe212G8Xo09BhNKur7eLKN0z0hZAtagH%2BTPfmBW4Rm0GB%2B1x34eSCVM4FS6jvUO7MXv0RQuzbV"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: text/css; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,62965eda85d293b3fac414f4ad8bafd27381f515cd611a9571ab9f5cb67d8f91
last-modified: Sat, 17 Feb 2024 02:28:25 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc956903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 style.css
rawlsmd.com/wp-content/themes/Avada-Child-Theme/ 49 KB
8 KB 403ms
397ms Stylesheet
text/css 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/themes/Avada-Child-Theme/style.css?ver=1732963902

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cce85c90852b56cfdeceadeea42fd5425fc1329238897ff2809f45894e71e6ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"63e63b95-c3fa"
cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,09121bff2a9d6ae27b4d59171a1cec29c2cff94beeefd3a9bcdd08dd2e333153
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jdlPh1tbh3HE5mGh%2BjxOZ0oEVk%2B5eG9Ig34zqa1MhZYdTUzeo6j6VHqd1qruKPyg2pfGZxxsVrhx8CDDFjg17cf7G8QrKqjpY%2F7cf0vIQb%2FYoWYPuFO7NHFbbh5d"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: text/css; charset=UTF-8
ki-cf-cache-status: SAVING
vary: Accept-Encoding
last-modified: Fri, 10 Feb 2023 12:41:57 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,09121bff2a9d6ae27b4d59171a1cec29c2cff94beeefd3a9bcdd08dd2e333153
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc957903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 welcomebar-front.css
rawlsmd.com/wp-content/plugins/mystickymenu-pro/css/ 10 KB
3 KB 270ms
264ms Stylesheet
text/css 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/mystickymenu-pro/css/welcomebar-front.css?ver=2.6.7

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45517fc587c421319770b8a0a613934142385573b6a2fcd1e97caa3c4da0ea1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65d019ee-29f0"
age: 2482329
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fkugTXKr71ta03C1goEoqLGWkMcoXva7fQerZ8N5RkSB1QpQZGdCKdJnjDenRd8ShI6BG7mOlSJF07wg5ohjUQWakGIgKf7sAHUXIl%2FLay5bhYHSrhm%2FRg61glnn"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: text/css; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,c385eb73ec3cd60ebe85fac26d9770ac31591de7cfa8b7f84b8631a2452b07bb
last-modified: Sat, 17 Feb 2024 02:29:02 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc959903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 welcomebar-animate.css
rawlsmd.com/wp-content/plugins/mystickymenu-pro/css/ 7 KB
1 KB 271ms
265ms Stylesheet
text/css 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/mystickymenu-pro/css/welcomebar-animate.css?ver=2.6.7

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e82fcc14bb45f4f40d07b4f195505ecd4b0db1cd3aca1e70dfd5136d2065fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65d019ee-1caf"
age: 105763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCaQhim0hIjE4rVhKjw98ZglKmo%2FXR79JVUs2rz73Bmz0sPqNH0YAbFYsdgqmGmLPlv0egS7I1FFu3QUWHe75O3Ec1nJIO4VuOW0Yp3F5S6YFTgfarJ4OJoj9fp%2B"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: text/css; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,9404307281bf461a4ac14f7a30239a39279ae0fb843d93737044daa81a885b3d
last-modified: Sat, 17 Feb 2024 02:29:02 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc95b903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 5815bb4cda8cbc8d64ac20851e9e3d7b.min.css
rawlsmd.com/wp-content/uploads/fusion-styles/ 966 KB
148 KB 230ms
225ms Stylesheet
text/css 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/uploads/fusion-styles/5815bb4cda8cbc8d64ac20851e9e3d7b.min.css?ver=3.9.1

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82743b3378fbfc777e764d0e9f107afc8948686518cc57676a6ef77ee56199a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"673deaea-f197b"
age: 790024
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m5RNQQ0wk9I9Sguya7Zga%2FhZQ2Stf3UhdJ9CGeP7y4rinfLJrBw5vUKFdwH6PZu6EmA82gSaYJievccgQB5VZDvWPCRUQQNuhiVcLDbcJRhhwRnMfCuRis6Q5tWv"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: text/css; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,71792fb3cebd2fc0324605e439fc768736f5c5e8d46afd1bf33180be1bed02bb
last-modified: Wed, 20 Nov 2024 13:58:02 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc95c903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 jquery.min.js Show response
rawlsmd.com/wp-includes/js/jquery/ 86 KB
33 KB 283ms
277ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"673c97b2-15601"
age: 939330
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4JSpXMvdkknashkfNq9lcLUvtu9OklBIy1XbjSioyst4G8YDHkDLekpmKwRY05XoOTJKKE6fo9%2BbdmL1GTfB7pH23giF7nt%2FpDad1gVQmWdeIZLmVka3vTIL1wsK"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,703b35d94c968c8ef917f801c8d2bb4c04570d312497e14c45e51a2054ca3f21
last-modified: Tue, 19 Nov 2024 13:50:42 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc95d903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 jquery-migrate.min.js Show response
rawlsmd.com/wp-includes/js/jquery/ 13 KB
6 KB 208ms
202ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"673c97b2-3509"
age: 939330
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6fE6ftc%2FXaxdS6Df8w3GTz2GbuG%2BbtJLuAfegZR8UG0IbeU8ITfF2cix1WKEO7zpoMUys%2BHQBfEckYhWdb1K%2BekwR8x4dYhF5EirAxct2tkQqrX0Von3cckaM5rx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,5d8733444313a1978269fe8018e660088a369e2a62f8f3f00f34fec231b37cff
last-modified: Tue, 19 Nov 2024 13:50:42 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc95e903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 frontend.js Show response
rawlsmd.com/wp-content/plugins/accesspress-social-icons/js/ 2 KB
1 KB 281ms
275ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/accesspress-social-icons/js/frontend.js?ver=1.8.5

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0750ec8d1dbe19502fce56357d68de36a83aeee014c378e8481e94f9199a3559

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"5e8d6d04-6c3"
age: 2591767
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u9yaHyxB98py2I3qJZiv%2BRDyme45xVphLD%2Fa7ZB9imEay54Nf2y8nk7oOanYWFe%2Fu4qBKlGEo9GVqqya3S%2BY5NnqKeJS0Gf823FmPZxIazSduYsdSmVQBCg6dF%2FO"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,f9d223703c7f3e8817507348fb5ed9cb7e6fc8c7a589dacf4b3a50cccdef1104
last-modified: Wed, 08 Apr 2020 06:19:48 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc95f903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 support-group.js Show response
rawlsmd.com/wp-content/themes/Avada-Child-Theme/js/ 5 KB
2 KB 283ms
277ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/themes/Avada-Child-Theme/js/support-group.js?ver=6.7

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdb8502b4d4bd98d6fb098227f16e29f0af77af571a3cd832431a661a3ace705

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"5d0c0eb1-133e"
age: 94339
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s9i0W04apjUNg2P6pPi3k1%2BjftPfBXSmycc7B4zmBRPMEhxb70uN0CBWag1jwKphDl04auOE864YFv1IO3EJzucmOYPt3TS3OGX6RSopCl2VO6iZljOW5gPSzUyD"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,d9811967ac56bd0d6101eb5297ac868dad86be8737610e7b7925aaaff108055a
last-modified: Thu, 20 Jun 2019 22:54:41 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc960903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 lazysizes.js Show response
rawlsmd.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/ 8 KB
4 KB 281ms
275ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/themes/Avada/includes/lib/assets/min/js/library/lazysizes.js?ver=6.7

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c023a36431f7d6f99fb694271b2e2680103597064824b55b52fa40a00bed11ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"63b6bb98-1f45"
age: 938620
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1rCO5REX88RDQD%2BmxyOqCLZRGVHspe1QfmFM2pcjsdBthzUfAfNtyXn%2BdR80Jkd5WMm8ZhtIpeiWwOUln8YqTD2ydyhALn8XnIB%2FPfyRf6tYUfKxJb3%2FqKfbWIp"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,4ccd5128db66beced8319f5498bbfc63ccebc372c4d06881ea88d40fb4ea99fe
last-modified: Thu, 05 Jan 2023 11:59:20 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc961903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 awb-icons.woff
rawlsmd.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 21 KB
21 KB 270ms
264ms Font
font/woff 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

288d156b63cea15974f8ced0963ccc03ca9688a0e2da4af409339c065faab72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: HIT
etag: "63b6bb98-5224"
age: 2591767
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RuIY2kWCeNIKIV9doHu0x7bBsoSl%2FElT28BEfTMJQmMAgGRYgbL1Wmzotgj3SOEHNxep23CwRiPgS4Oh1rfc%2BXbiF%2BkHzRxN3EqH9dABialWRLYyIv3jJ83wfyQ2"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: font/woff
ki-cf-cache-status: HIT
vary: Accept-Encoding
last-modified: Thu, 05 Jan 2023 11:59:20 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,c06a7eb54462aab5fc689fd40f5473a8aa33e98c415eebe1b0d7dd468190a40e
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc962903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21028
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 fa-brands-400.woff2
rawlsmd.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 75 KB
76 KB 281ms
275ms Font
font/woff2 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83238a9c118b388bee1eede2f1c04b6441ac0c4a543f502457e3d2309a9d3e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: HIT
etag: "63b6bb98-12bc0"
age: 94339
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YUHlLXCPHI%2FVTW0ZhFIqqmDXY2QUlZE6QkYIULtLTjtdDITzow41UkYbEopmb4DnnvZAFykDK6tyOAc0lF3WJtYWnhl53N6homQngmpV1RDIJPRPakFpf4mQ1JNi"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: font/woff2
ki-cf-cache-status: HIT
vary: Accept-Encoding
last-modified: Thu, 05 Jan 2023 11:59:20 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,9fca6e02075e5511f0f0a860b3ee9021b51915a56f703350005ac36f2ae511f3
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc963903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 76736
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 fa-regular-400.woff2
rawlsmd.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 13 KB
13 KB 257ms
252ms Font
font/woff2 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: HIT
etag: "63b6bb98-33d0"
age: 422975
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tM%2Fm54N0q%2B8hqAKF3LlvIfQMUWzj%2BdmZfAOmHhllNODpyYS6OZ1%2BqlTpStjzeYTvBvE0ed2vxHkLw3M1NiBpt78Zb2R5gfV6gVRzamDAh7viVTImPha4YjWlgPb%2B"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: font/woff2
ki-cf-cache-status: HIT
vary: Accept-Encoding
last-modified: Thu, 05 Jan 2023 11:59:20 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,3bec9ca5416ba2d9c35eab94915158b8ffced5b5620e70da4a591ac63f13844e
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc964903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13264
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 fa-solid-900.woff2
rawlsmd.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 76 KB
77 KB 280ms
275ms Font
font/woff2 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: HIT
etag: "63b6bb98-13184"
age: 289233
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjEjOlGYLCYLtolgISjBGrXl2MTpElxVVcG%2BFekkeeDRqPiDFTZwm2adXA%2Bl%2BoOYYB4Tueuq2o3ZCPAiN7q0fH9GKF%2F5Djur4JT6IoY6rnkh%2Bkocw181A8SYcUfI"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: font/woff2
ki-cf-cache-status: HIT
vary: Accept-Encoding
last-modified: Thu, 05 Jan 2023 11:59:20 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,30c7c9b6d2ebf3915f3c468bf3e4f3c881669b7fe7cabf2d71f030002255da28
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc965903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78212
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 jscripts.php Show response
rawlsmd.com/wp-content/plugins/wp-spamshield/js/ 703 B
1 KB 637ms
632ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/wp-spamshield/js/jscripts.php

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33d34d28eec8ceca6c03b00a6e32e4b62c8f7031af7f665faae4edbcd06db9d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

surrogate-control: no-cache, must-revalidate, max-age=0
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=085%2ByybjhQE2CbPDn5par0ipq0tNsF8%2BigFZTpjsxmO78D5Nt096Bng4yVtvUCBWvRRqNsigq6jwHx1fMTvw2IW9DBaHFTYc4y73Y7KUZyguscQ7jE9evihMbyfA"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, *
ki-cf-cache-status: BYPASS
ki-origin: g1p
x-kinsta-cache: BYPASS
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
x-edge-location-klb: 1
cf-ray: 8eaa48acc966903c-FRA
ki-cache-type: None
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 777ms
136ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

71a7d80995d742a26196e7af621a50daa08e0812fbb07c32b4d0374f42af0e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 30 Nov 2024 10:51:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 30 Nov 2024 10:20:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET klaviyo.js
static.klaviyo.com/onsite/js/ 0
0

GET
H2 200 wr-df1f0c5450b45d207fff752e23591e43.js Show response
widget.wickedreports.com/v2/2892/ 423 B
770 B 401ms
77ms Script
text/javascript 18.172.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/v2/2892/wr-df1f0c5450b45d207fff752e23591e43.js
Requested by: Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-117.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 997accfe3abb61f45ffa8ea738e0e671d41ec3582e3d41b7bd08c10961edfaf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

etag: "9a92c57b5fedebb01cf2e42871bef282"
age: 26365
via: 1.1 24c73aa8cdc4e254694e2ac7073f8aea.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 423
x-amz-cf-id: wmWQljKFxVdUuqBnEUC412Md8m1CLOIuYRY6gthpifJh0A50X2zU5w==
date: Sat, 30 Nov 2024 03:32:20 GMT
content-type: text/javascript
last-modified: Sat, 08 May 2021 22:43:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
vary: accept-encoding

GET
H2 200 1987.js Show response
script.crazyegg.com/pages/scripts/0031/ 7 KB
3 KB 1190ms
374ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0031/1987.js
Requested by: Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc38036b9435ab0d45ee588893c7a800b98347687dce2700f29b326fb136dcbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

access-control-expose-headers: CE-Version
content-encoding: gzip
cf-cache-status: HIT
age: 15755
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:45 GMT
content-type: text/javascript
last-modified: Fri, 29 Nov 2024 20:36:53 GMT
vary: Accept-Encoding
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8eaa48b67d94695b-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2479
ce-version: 11.5.324
server: cloudflare

GET
H2 200 RawlsMD-Logo.png
rawlsmd.com/wp-content/uploads/2016/11/ 1 KB
2 KB 81ms
78ms Image
image/png 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rawlsmd.com/wp-content/uploads/2016/11/RawlsMD-Logo.png

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d29ba44bdf1fca56280b0637f8e7b3980bc7b92c2eef607f3a35d23954f41cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: HIT
etag: "5d0b8fc1-5b2"
age: 92102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TGG%2FNo15GAlJV%2B5me09Jjf5%2F05OqPSzjTRt5KL%2BF4wc0swV5bDYk103nrrdyLiQn5vuP9iwkyWF4on3C65SaFHq06qu3JEo%2BCyGn37vdIvqu%2FL7Fywhn356hk8m8"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: image/png
ki-cf-cache-status: HIT
vary: Accept-Encoding
last-modified: Thu, 20 Jun 2019 13:53:05 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,936da65ea79cfb06709ac7acaa05e6d2a8a6c35e9e90baa962e6fa37a058851e
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b13bc1903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1458
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 search-ico.png
rawlsmd.com/wp-content/themes/Avada/img/ 361 B
762 B 262ms
261ms Image
image/png 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rawlsmd.com/wp-content/themes/Avada/img/search-ico.png

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

122cf07f8ec136404181b3d508b3cd59fac72b618fda1153741db6811b81491d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: HIT
etag: "63e619be-169"
age: 2510300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vXlZtNqB%2Foxy9d1pU6AmbldIQVQFARWq9M4TuJP2pZYXY368HDpnYg554qg9P8qAWlxy56bmmSYbxIcvTrkaAGhxSRY7r2%2Fu1qgtQaokPle6KZWdkp9Pr6W5YrOq"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: image/png
ki-cf-cache-status: HIT
vary: Accept-Encoding
last-modified: Fri, 10 Feb 2023 10:17:34 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,f8eebe8ac7620a3a3a79fd2030b2338d56e9d7af7d802a3d7ca633e92bf03c23
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc967903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 361
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 hamburger.png
rawlsmd.com/wp-content/themes/Avada/img/ 132 B
533 B 272ms
271ms Image
image/png 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rawlsmd.com/wp-content/themes/Avada/img/hamburger.png

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a4449ad8d386faf673b394cef17a6f181f8f9b487164565ae0b890c0a4a78b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: HIT
etag: "63e619be-84"
age: 1801946
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2BYTbWLXeVtvTctUAwyDhlQSxJ86miVJRK4JMEirwtIWabpq%2BbFa4cmUoCE2U6J6NV72SlRuVA9s8O7579fcZxMdVNH5Wkj9TmGb4MsSpfKR3QrDj1TU9PZZS5Lv"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: image/png
ki-cf-cache-status: HIT
vary: Accept-Encoding
last-modified: Fri, 10 Feb 2023 10:17:34 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,6ea41ee6259d0d72530c8d244cf09c61c63ec5a8770ce474d9c8bfd3844631ef
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc969903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 132
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 1058ms
123ms Script
text/javascript 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

ESF /

Resource Hash

944bb3e58c4315d2107aee6465710dbce7e8920c049d2aba3e09fefad12f1210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sat, 30 Nov 2024 10:51:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sat, 30 Nov 2024 10:51:44 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 klaviyo_subscribe.js Show response
www.klaviyo.com/media/js/public/ 21 KB
6 KB 1008ms
140ms Script
text/javascript 172.64.147.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.klaviyo.com/media/js/public/klaviyo_subscribe.js

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f2818d7620ede1e7f2b333529467365fd1b51264f1259f2ffd60e751d2ac2f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 27993
x-content-type-options: nosniff
expires: Sun, 01 Dec 2024 10:51:45 GMT
date: Sat, 30 Nov 2024 10:51:45 GMT
last-modified: Thu, 28 Nov 2024 23:55:45 GMT
content-type: text/javascript
vary: Accept-Encoding, Accept-Language, Cookie
content-disposition: inline; filename="klaviyo_subscribe.js"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
cache-control: public, max-age=86400
cf-ray: 8eaa48b70c8b3aa4-FRA
accept-ranges: bytes
content-length: 5797
content-language: en-us
server: cloudflare

GET
H/1.1 200
OK / Show response
addsearch.com/js/ 2 KB
1023 B 375ms
108ms Script
application/javascript 99.80.22.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://addsearch.com/js/?key=77c3bcbec665d8e8ed77bb614d94cb90
Requested by: Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 99.80.22.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-22-109.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0ce11e40719114ac6bec1e8928da11a332d522cfd34f9f8d5dcae635320cfced

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 776
Date: Sat, 30 Nov 2024 10:51:44 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H2 200 index.js Show response
rawlsmd.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 88ms
87ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.7

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65d019b0-2b6d"
age: 1855548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HbD2L7FXaCAnJpZbqezWdHy9H4qMnoi2UqzxAjgw8ArjyKuOi%2FElcY3ciayyZayOUjSnckM3F54Qe1ToMLdMfWhp4K33FQjBGjr1M8IYTeHp1ZiPjiABPNUZnwYC"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,4d2d8601e1d3be736e0bb9d8853030adf74304efe2378a65a21ddb68b3f7bbe0
last-modified: Sat, 17 Feb 2024 02:28:00 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b11ba7903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 index.js Show response
rawlsmd.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 76ms
71ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.7

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65d019b0-337e"
age: 1848439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h4Ry4GKxAVKmfniT2cYsg5%2Br5iTRqTON1rtfQjEUOy3JXKWk6uSBcSBytMR5POAPvbyYxSTqDeeGUxKN2okSdpGeQruSBsHyG0O6xo9s8Z%2FSqyYO%2BdrcBHfZt3ZG"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,fe26441d340929b02d5fd087385e437321f596146a70973a55a1856bde052881
last-modified: Sat, 17 Feb 2024 02:28:00 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b13bb9903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 script.min.js Show response
rawlsmd.com/wp-content/plugins/social-warfare/assets/js/ 21 KB
7 KB 77ms
72ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/social-warfare/assets/js/script.min.js?ver=4.4.7.3

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d16fd6a34517f29f62a8248d8fd9fc57748cdeee291a9f26e221ad9224bfad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"667d73fa-550d"
age: 484622
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kDex8W0PA2HrldlJnLeImcsnY7cIQ0E0sNmNZ9RNq6n%2BiUA1%2BlbcOrqHaLrR4r%2Bb3%2FMrJ3tGy7oXAA5eTUFj4I15oHmsn8fZmHkAzz3iHtD2HwP%2F0IYIxIKa3Z4e"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,bdef0563a16eaf16bb62cc6a4899e0525ebd4ccad3b44e1701ca66fbc78ce6e8
last-modified: Thu, 27 Jun 2024 14:15:22 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b13bba903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 scripts.js Show response
rawlsmd.com/wp-content/plugins/cf7-conditional-fields/js/ 54 KB
14 KB 182ms
178ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.4.7

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0a0d87f2d0f9b7a37982c54b57129bf7d2b74b6e401cdd9adbe43e760c89bc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65d019c9-d9c4"
age: 2558766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=st0%2BgTeQPajexIKD5BrLdTKkU3TiVV5V1W94n%2F7XBLeoMH9yh5N%2FuL69ONObGJQbP3Vhvha8DzuqQ383QBaXIYRHBJ91NPfwys4fQr3ABAStKyYBYLmoCUyDfGI%2B"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,1fb8f91b7cff887972779584d79716e05150668d3ced0b12fcc29a1922df027b
last-modified: Sat, 17 Feb 2024 02:28:25 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b13bbc903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 jscripts-ftr-min.js Show response
rawlsmd.com/wp-content/plugins/wp-spamshield/js/ 945 B
1 KB 83ms
79ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/wp-spamshield/js/jscripts-ftr-min.js

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53223a44b83ee4eb90c46221d3a056cc405656bbb35351ea0c5038feb712383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"573b15ea-3b1"
age: 194464
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7p1LNWNvi9HlLIwmLLiCoaksBKX38KYvp5e98TmtasoZY6bPMHnk%2BOrCiKwQCJY20d9RzoShgRYRLJ%2BofpVL8gN8CQnhSfapHmdJXV0pDy563osPJvau7IUlsSdx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,dc78e90ea91abfb5a5b28fe96b6c4625fe21f7d58925700dbec6d43d28eb52de
last-modified: Tue, 17 May 2016 13:00:26 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b13bbd903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 morphext.min.js Show response
rawlsmd.com/wp-content/plugins/mystickymenu-pro/js/morphext/ 1 KB
967 B 87ms
84ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/mystickymenu-pro/js/morphext/morphext.min.js?ver=2.6.7

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6753b4b0cbc3c99e713bdc896de395bf1eb5246e2ff96555151fa515bda7cd78

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65d019ee-4e0"
age: 2575500
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilnEudf7tuFK20OhGuUC7%2BSQTZdwPC9gHj1tWnyF3IoDN23bp4J5iwve9RG8qvjY8gSElS3w%2FdfcYp9R%2FZ1MIYbX7om8IibmJXesGPsC08KCCq%2BKSjkYGWOhISat"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,a697de062534bd93e79af77154d23e45aea83ade8dfa98211f9c6a0f55f0baeb
last-modified: Sat, 17 Feb 2024 02:29:02 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b13bc3903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 welcomebar-front.js Show response
rawlsmd.com/wp-content/plugins/mystickymenu-pro/js/ 80 KB
11 KB 96ms
92ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/mystickymenu-pro/js/welcomebar-front.js?ver=2.6.7

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

424d621f24b67f04b66742bab5e94c7a5279bca1184799322b64540337638902

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65d019ee-13f3c"
age: 1413959
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wJQWCsNOluTDcvUYc2sQCllDwovrXQhoLiAw57Tywod7zwxYIcCFZMDjqxlv0DS7kyif5dlr%2Fxp8m4jP3V2EpYhtdzfcpSDm3hdhG%2BreOtIJjhehqdSN4dEcVt0"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,86e440fc37a9602e00b452c881038f1d69e1a48607aa04af12b51778e41ea4ce
last-modified: Sat, 17 Feb 2024 02:29:02 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b15bc9903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 detectmobilebrowser.js Show response
rawlsmd.com/wp-content/plugins/mystickymenu-pro/js/ 2 KB
2 KB 93ms
89ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/mystickymenu-pro/js/detectmobilebrowser.js?ver=2.6.7

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a258fa2108c7a4579876f75154378f19e3ee8af7753499bad8bfb18b56cb6dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65d019ee-8a9"
age: 314894
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jyTfZAtPDEEOGU5XhRowf4rCLXXJCMoQu99k06SnQvlaECB8Q3LSlmZrxW8s4RedT6p5RWe%2F4GOURhhbJFS%2FoggS7sxr4UGuWGJiAh6ltqMOmioLDZ6Gz5KiUzGL"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,c8b7cf530e592997ed1dd663b8abea366d5a06ef4d29218f3c64892314a5d67c
last-modified: Sat, 17 Feb 2024 02:29:02 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b15bca903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 mystickymenu.min.js Show response
rawlsmd.com/wp-content/plugins/mystickymenu-pro/js/ 4 KB
2 KB 95ms
92ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/mystickymenu-pro/js/mystickymenu.min.js?ver=2.6.7

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f919f4f75c6d63deeb97511e71e324b7d400bf98dc65cd7cbe899f72f3c96da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65d019ee-1011"
age: 1028675
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2BhF8RfLcuZ6uep1xQwZUUMZjJH%2FH%2B8N3LHIF2%2FjUu5QK1m1im00a%2Bnx4%2BsQ9jwgcPSf5TghMpj%2Bd7wXEOosOWG7S9zVVVvBSGf4jDkWC%2FnmtZUbxI3MyRQwsbix"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,d4eefc0b141c856ac7261d826d3c4ed06a0c4731d3791db096dfdb0e4e09bc30
last-modified: Sat, 17 Feb 2024 02:29:02 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b15bcc903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 21b2d1b9e7b1872a22c6242e7dcab3ac.min.js Show response
rawlsmd.com/wp-content/uploads/fusion-scripts/ 327 KB
77 KB 425ms
421ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/uploads/fusion-scripts/21b2d1b9e7b1872a22c6242e7dcab3ac.min.js?ver=3.9.1

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

156d69628f410cfbd7372e602e225b996df87c19f9b84d2002be4cf3a825f986

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"674aee3f-51d0b"
cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,300c773190c599d9e4c4be4f607e2fbacde3c94c621e99b2fd2004731a155a26
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5p%2FHlKACQ7F2iC3s7%2FoGbLbe%2BmQ9tmfd8g%2FscFJa6P6CtLGM691NTIleRUocNArY86VwOwwGWdppYbKAkQKgFG4jKDaVOOxHRKg2pnqjYAbdp4wl9xW3K1aCqfbA"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: SAVING
vary: Accept-Encoding
last-modified: Sat, 30 Nov 2024 10:51:43 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,300c773190c599d9e4c4be4f607e2fbacde3c94c621e99b2fd2004731a155a26
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b13bbe903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 helper.min.js Show response
rawlsmd.com/wp-content/plugins/optinmonster/assets/dist/js/ 3 KB
2 KB 84ms
79ms Script
application/javascript 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/optinmonster/assets/dist/js/helper.min.js?ver=2.15.3

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60a7eb0f25425d3cb621d7ad641aa292dfaec0a6b886234c427721ba7194c431

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65d0198c-bb9"
age: 1413959
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RRRlTPi4q9Z7%2B%2Fhb9r8Y4RJSh%2Fz%2Br5Hnz6a1tqAhpWj%2B5tZZg6Sylz6ojTztWNEbvZDUZELa2FVeBP8Y4rX%2BANsfIQQF1E4nofcgb5Tb%2BNKSqYKYOkeFiJVjZUg9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,a84c8f422b0532b1118fdd3194eb33341cbc6db1cfb6f910bc425065f1efec23
last-modified: Sat, 17 Feb 2024 02:27:24 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b13bbf903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 391 KB
121 KB 789ms
117ms Script
application/javascript 172.217.18.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCXP8C

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f104.1e100.net

Software

Google Tag Manager /

Resource Hash

432522c649156a48eeb2bd8dc343de5e4b58d622a35bc5bf20498f1c74a7f9dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 30 Nov 2024 10:51:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 30 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 123199
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 A2560243-ee1f-4e9c-858a-f2117d053bb11.js Show response
d.impactradius-event.com/ 37 KB
15 KB 505ms
232ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A2560243-ee1f-4e9c-858a-f2117d053bb11.js
Requested by: Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c487d98d4ea923fe8b34266bf0b65b3c5a3b0e967c50649c19da939e01f4209e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=DRhgEg==, md5=XRy74UyDN0OPDTsZc1w+hA==
etag: "5d1cbbe14c8337438f0d3b19735c3e84"
x-goog-stored-content-encoding: gzip
expires: Sat, 30 Nov 2024 10:56:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 15309
date: Sat, 30 Nov 2024 10:51:44 GMT
last-modified: Fri, 22 Mar 2024 17:04:36 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-guploader-uploadid: AFiumC7PpQeqK6qJOwXjeFU7qdOa8WMZ4eMabwBrtZn8BUBM_mRIJDwpbdTqYTV4H8fZp-UnlzakSjrcVA
cache-control: public,max-age=900,s-maxage=300
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1711127076112642
content-length: 15309
server: UploadServer

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
63 KB 713ms
142ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-FWFTuHFz' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-FWFTuHFz' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=16, mss=1288, tbw=2925, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: tMkBMqiJcAjJn63K8aJjYdx+WvXGc9cisC0tMdqxsY/bslbDZxGM8EvVX9btWBuw3n6S9+r1T7qKkHQ3GqRHSQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaed3504461ad7101cef967c5039ce3f86b9eec883221a5e031d9fc0d51796b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0924e1de911e85483448a331e1e13772fd2ea0251f7f0c085c923c8a8b3ba9af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51912db19cbbd6f3a18bd917148f307c000d1721a43803f0564bdc001944f21f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd699f823c0e680bd67d976dd24e1bdfc7e87c7661fadd9ec93bcb91f65961e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fe98c121585cb0e0008f576c076fb5bec11a5567af9aed82ca8d72993cbdeef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 269a58024d3bc491ce380fa2fc55ce0afc335b66c5fe9d40cfb0963c9777c333

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 Avenir.ttf
rawlsmd.com/wp-content/uploads/2016/12/ 136 KB
136 KB 95ms
90ms Font
application/x-font-ttf 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/uploads/2016/12/Avenir.ttf

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/wp-content/uploads/fusion-styles/5815bb4cda8cbc8d64ac20851e9e3d7b.min.css?ver=3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95b722a5c204d0169ea7dc7c0901ad7759b133c287b9d1aab370ad9bccd24142

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://rawlsmd.com/wp-content/uploads/fusion-styles/5815bb4cda8cbc8d64ac20851e9e3d7b.min.css?ver=3.9.1

Response headers

cf-cache-status: HIT
etag: W/"5d0b9039-21e8c"
age: 157781
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vg0e9UmgxewapuBlHTAApDXPUah44DNauoq4GcL6HhdwoGrbVcKcNHv2A21P9ksjRASAe2XlJVgBZ80zvuAE8jvFmRH0%2BSEsZeGvsC57TTzibbNiWVgZgGY4lJ6Q"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: application/x-font-ttf
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,4403127b55df09767673cf8ce3cb7acb5032ea011ae736a19161f6f92a1ac156
last-modified: Thu, 20 Jun 2019 13:55:05 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b15bd0903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 Roboto-BoldCondensed.ttf
rawlsmd.com/wp-content/themes/Avada-Child-Theme/ 158 KB
158 KB 117ms
112ms Font
application/x-font-ttf 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/themes/Avada-Child-Theme/Roboto-BoldCondensed.ttf

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/wp-content/themes/Avada-Child-Theme/style.css?ver=1732963902

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c9245c0246a9c745793c7eaa9cc1fc964a12570009031ea0223115bec6e9426

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://rawlsmd.com/wp-content/themes/Avada-Child-Theme/style.css?ver=1732963902

Response headers

cf-cache-status: HIT
etag: W/"5d0c0ea9-2761c"
age: 61309
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=skXsEgm58jMdOfCEa1bdcYkrC5hTXdtQcUT6fNlqd3CmCzFAVpwnQpUdylf3eKDNK9iLwu9oUbXkFaa%2Fza3L3lgVJpSqnBKFlYbA8YQwaUdgfJRNqxwRce4oHqTA"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: application/x-font-ttf
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,064e39486af24b488fd5f1219fe012dced15538b7494c56ad8311969f255edd3
last-modified: Thu, 20 Jun 2019 22:54:33 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b15bd3903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 993ms
145ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/wp-content/uploads/fusion-styles/5815bb4cda8cbc8d64ac20851e9e3d7b.min.css?ver=3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://rawlsmd.com/

Response headers

age: 243041
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 15:21:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 15:21:04 GMT
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45300
x-xss-protection: 0
server: sffe

GET
H2 200 AvenirLTStd-MediumOblique.otf
rawlsmd.com/wp-content/themes/Avada-Child-Theme/ 30 KB
31 KB 74ms
70ms Font
font/opentype 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/themes/Avada-Child-Theme/AvenirLTStd-MediumOblique.otf

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/wp-content/themes/Avada-Child-Theme/style.css?ver=1732963902

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42f4b1dfdac31e58f13e7f873f6fcbf3e0db8685c5f4d0a36bd87153008d5a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://rawlsmd.com/wp-content/themes/Avada-Child-Theme/style.css?ver=1732963902

Response headers

cf-cache-status: HIT
etag: W/"5d0c0ea9-7864"
age: 2001386
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FMdDFkP5Xp%2BZM5m3QACWsI6VjVQnx%2Bjsf0P%2F9Cma%2FFcqe9Pf4b5ExB8V5ERy6xckaN3nZrW%2Fmu3LQenhrG5ie5%2BvJSbF1IN%2FoLdGGCeE0e6t202HlMllWk07TjBB"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: font/opentype
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,de056f034530b703b42d3a8f1e37bcf04931156b3b9f14871069d3f5754f93e8
last-modified: Thu, 20 Jun 2019 22:54:33 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b15bd4903c-FRA
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 Unlcokgin-Lyme-Book-Mock-Up-page-2-400x579.png
rawlsmd.com/wp-content/uploads/2017/01/ 45 KB
46 KB 726ms
723ms Image
image/png 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rawlsmd.com/wp-content/uploads/2017/01/Unlcokgin-Lyme-Book-Mock-Up-page-2-400x579.png

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d8d207fa2356ff8144dddd5fc054ed942f68c4cf4f8c65e957f1d05e89f17fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: MISS
etag: "5d0b91fb-b4c6"
cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,25bdcfc46cb2f72226cd0b4d48f40b30c2846e05d8e1251d8a96302f4b66c5d6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ByqVdAvFJfRl5hMZ9GHXfQLlSy%2FrtJzomBkK49QZYVG86ebxltpx4skjBwYCBfK5gEQf9XcDuConh1Vk6v5FXS7QVYumufdHrPgmmD9Nhzw8Jkkv0PehVLKZU9fl"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: image/png
ki-cf-cache-status: SAVING
vary: Accept-Encoding
last-modified: Thu, 20 Jun 2019 14:02:35 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,25bdcfc46cb2f72226cd0b4d48f40b30c2846e05d8e1251d8a96302f4b66c5d6
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b16bd5903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 46278
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 Unlocking-Lyme-index-thumbnail.png
rawlsmd.com/wp-content/uploads/2020/11/ 50 KB
50 KB 437ms
434ms Image
image/png 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rawlsmd.com/wp-content/uploads/2020/11/Unlocking-Lyme-index-thumbnail.png

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

966784b5a88273fa12129967a5d9bd80ae945d105be69e378d03b8e48755f328

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: MISS
etag: "5fb50300-c73b"
cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,0b4bbb3d6bf6625595c9aa6ff834d0046c701700b20825850cfb7b6315f03f46
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lAJin6LZXgsLNuHOyWiSvnUEEt5HwfIWQBr4e%2B7wxC%2F8SMAv9BJpSdPw5VATEIArwmnSFRlYJfaXpeE9UvrqlVwP%2FyoUOlEGDeit4NkkXWQWrlBKbmo9ekWpXfIX"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: image/png
ki-cf-cache-status: SAVING
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 11:18:24 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,0b4bbb3d6bf6625595c9aa6ff834d0046c701700b20825850cfb7b6315f03f46
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b16bd7903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51003
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 UL-extras_vp-400x421.jpg
rawlsmd.com/wp-content/uploads/2022/11/ 53 KB
53 KB 284ms
282ms Image
image/jpeg 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rawlsmd.com/wp-content/uploads/2022/11/UL-extras_vp-400x421.jpg

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e492a726af4a2c4e0d057841683e03369d42cb81f0519ee19ec9d6e004f002

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: MISS
etag: "636c305a-d27e"
cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,8c8772f02103f3601261cdf69150f92536bf376892ea2d20aa2789b980d0fe86
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WcKJ8AMY373Z95%2FXv3EiN3VG9GFI4OHGHAgujruPrQw9xRFWTNXxfTRGIakaxd7s4L3K89P3zQ%2FL%2BKsOZfafiOOWpwoAMlD4C7MiPJ9CZwiLfvPqMNpYTnAZ78YH"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: image/jpeg
ki-cf-cache-status: SAVING
vary: Accept-Encoding
last-modified: Wed, 09 Nov 2022 22:57:30 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,8c8772f02103f3601261cdf69150f92536bf376892ea2d20aa2789b980d0fe86
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b16bd9903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 53886
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 UL-extras_vplanner-400x421.jpg
rawlsmd.com/wp-content/uploads/2022/11/ 65 KB
66 KB 451ms
449ms Image
image/jpeg 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rawlsmd.com/wp-content/uploads/2022/11/UL-extras_vplanner-400x421.jpg

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd99e9de6574beb0980a544dd061f6bd4dc1f961522374814e232ba40414e07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: MISS
etag: "636c306f-104e4"
cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,28a105dc75083033b6086389819e384133eb0e6f19a1e89cc4990d5796f59bef
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LgxJfTHgaTiuk9jGzzqwF%2FQ0OP5uOHDPjOIFhPdfxdHRGmnMTCBL06gBsBpsvUi3HNeNv1UNqzzXKwo2P15vrHOK9TLESbkiKjVKlpEy2eEczDnwweJ76Z8oOjOx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: image/jpeg
ki-cf-cache-status: SAVING
vary: Accept-Encoding
last-modified: Wed, 09 Nov 2022 22:57:51 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,28a105dc75083033b6086389819e384133eb0e6f19a1e89cc4990d5796f59bef
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b16bdc903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 66788
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 brown-Wooden-Background-2-3.jpg
rawlsmd.com/wp-content/uploads/2017/01/ 279 KB
280 KB 306ms
304ms Image
image/jpeg 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rawlsmd.com/wp-content/uploads/2017/01/brown-Wooden-Background-2-3.jpg

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eac162ef915fcffef4fc0fb6725b1afffc122b6a0ba4ab52d8d3589ecacda4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: MISS
etag: "5d0b9220-45b87"
cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,913632e700729a7585ed2836ad2493a68e6170f0e8af67bf1f9208a8a1647d6f
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VcFEFuuAyav5TIJsp2mPzCHwdamIwLXBhaUBiMFmGHZWNabcN2mqJ2eruGZGBi%2FkDG6F6PA6L5D%2FLjNLhUp0nKNPZgTd4XNyDJztwG7PDNJBtGqQffFC3ptzrJjc"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: image/jpeg
ki-cf-cache-status: SAVING
vary: Accept-Encoding
last-modified: Thu, 20 Jun 2019 14:03:12 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,913632e700729a7585ed2836ad2493a68e6170f0e8af67bf1f9208a8a1647d6f
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b16bd6903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 285575
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 UL-extras_rk-cta.jpg
rawlsmd.com/wp-content/uploads/2022/11/ 79 KB
79 KB 376ms
375ms Image
image/jpeg 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rawlsmd.com/wp-content/uploads/2022/11/UL-extras_rk-cta.jpg

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a11a82d5758aee9e63c308102660804c6bb56153947c30c4d1fbda07853cb696

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: MISS
etag: "636eaa04-13af9"
cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,1576c3d6d95a88d8de17d71247409994b787ee2ba287d88fd7d3956588894276
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kO2HTeO1QIzpgno6u%2F0kgjSiKNVL9w8RFtGfqOJPoUqAo2b8pMFY%2Fmr3PgqP8D39tHGFTYUKU5827bPaMZ%2FAJ7Ja%2FBzQupXH5gzM27Ws9IXz%2BIPG7%2BWTaB3FOwjW"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: image/jpeg
ki-cf-cache-status: SAVING
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 20:01:08 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,1576c3d6d95a88d8de17d71247409994b787ee2ba287d88fd7d3956588894276
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b37d34903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 80633
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 widget.js Show response
widget.wickedreports.com/ 26 KB
9 KB 165ms
165ms Script
application/javascript 18.172.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/widget.js
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/v2/2892/wr-df1f0c5450b45d207fff752e23591e43.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-117.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b74487af8761c9be10987f564aca761a5202c43ab28309c5cf8d2ea81d677d73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

x-amz-cf-pop: FRA60-P8
content-encoding: gzip
etag: W/"5512ee0e9bca9fbad6c56f558c98ec26"
age: 5331
via: 1.1 24c73aa8cdc4e254694e2ac7073f8aea.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: I6JQdZRK0pAXaUNXpwuI-hQWVuJ8WOnNlzRi-9tE0En9Gwo0qud0eQ==
date: Sat, 30 Nov 2024 09:22:55 GMT
content-type: application/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Wed, 27 Nov 2024 09:22:49 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 recaptcha__it.js Show response
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 548 KB
217 KB 605ms
55ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__it.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

f11b59029aa57b52e4d5a99995674982b2c497e7719a7e4dc5d342b182b29082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://rawlsmd.com/

Response headers

content-encoding: gzip
age: 39060
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 00:00:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 00:00:45 GMT
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 221864
x-xss-protection: 0
server: sffe

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 47 KB
17 KB 1672ms
525ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: 87c631607d118e02e847112aca0a2800bfd2a9cfe5bc01b48eeb60b0ff86804c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "673cdc01-bb7b"
cdn-fileserver: 863
date: Sat, 30 Nov 2024 10:51:46 GMT
cdn-storageserver: WA-626
last-modified: Tue, 19 Nov 2024 18:42:09 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/19/2024 18:43:03
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 917ab38b3471e4d8b588b2bdac2399c0
cdn-pullzone: 293267
cdn-proxyver: 1.07
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H/1.1 200
OK / Show response
addsearch.com/searchui/v3/ 55 KB
14 KB 164ms
164ms Script
application/javascript 99.80.22.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://addsearch.com/searchui/v3/?key=77c3bcbec665d8e8ed77bb614d94cb90&i=
Requested by: Host: addsearch.com
URL: https://addsearch.com/js/?key=77c3bcbec665d8e8ed77bb614d94cb90
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 99.80.22.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-22-109.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e8456f64408384b987373a2be657830e8a667d802d40d1a2f040c93367bb3d68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Origin: *
Date: Sat, 30 Nov 2024 10:51:44 GMT
Content-Type: application/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H2 200 index.php Show response
track.wickedreports.com/ 118 B
342 B 1813ms
178ms XHR
text/html 54.147.125.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.wickedreports.com/index.php?WickedClientID=2892&WickedEmail=&WickedTrackingDate=1732963904848&WickedURL=https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras&WickedReferrerURL=&WickedNullURL=https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras%2F%3Futm_source%3DDirect%26utm_medium%3DDirect%26utm_campaign%3DDirect%26utm_content%3Drawlsmd.com%2Funlocking-lyme-extras%26utm_term%3DOrganic%20traffic&WickedNullReferrerURL=
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.147.125.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-125-227.compute-1.amazonaws.com
Software: nginx / PHP/8.1.26
Resource Hash: 6ef8f643ab0cc60bfe24a11e377ef31232d655c23046d8cba5a0bdfb866c44cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://rawlsmd.com/

Response headers

access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin: *
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.26
server: nginx
access-control-allow-headers: *

GET
H2 200 sw-icon-font.woff
rawlsmd.com/wp-content/plugins/social-warfare/assets/fonts/ 8 KB
8 KB 108ms
108ms Font
font/woff 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/plugins/social-warfare/assets/fonts/sw-icon-font.woff?ver=4.4.7.3

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc510b264cc5b68ed3dd91056d54b022dac511df6f4f3c8051b5562aad7912ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: HIT
etag: "667d73fa-1e58"
age: 526998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MjuGxtMu5k7KE348hMUHjdkFaKeQeu9%2FuPQVg%2FQoWCiwNBxfVRidCbYkOWlPOivm9uOEByK7XR8Q%2FPvIeMlWxcopdJH%2BPtifaTvlkIlaHTNCUdo49qIc9jf1%2BLFy"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:44 GMT
content-type: font/woff
ki-cf-cache-status: HIT
vary: Accept-Encoding
last-modified: Thu, 27 Jun 2024 14:15:22 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,803f5a812802da63413cc227fb8a1eda553bed05992ffdd754d7995b48825e11
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48b5ae5f903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7768
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H2 200 261608407524163 Show response
connect.facebook.net/signals/config/ 90 KB
19 KB 278ms
276ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/261608407524163?v=2.9.176&r=stable&domain=rawlsmd.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

3a905d75b2af739dfb798031e6cccdaa16a04a8b9112931fe8ecdb80e1434817

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-3j9J8BrV' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:45 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-3j9J8BrV' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=51, mss=1288, tbw=67732, tp=-1, tpl=-1, uplat=195, ullat=0
pragma: public
x-fb-debug: agO7O1At6hqDS2yyjAlfSiUmFmKJeYxiajD7NcW9ArTFCTtBaU59cMPxrWK80Ndsl2ge0+HtWO1q2qz5JNMXuQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 collect
www.google.com/ccm/ 0
0 90ms
89ms Ping
text/plain 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras&scrsrc=www.googletagmanager.com&frm=0&rnd=2088086054.1732963905&auid=431544078.1732963905&npa=0&gtm=45He4bk0v6621524za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732963905194&tfd=4962&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCXP8C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr35s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 426 KB
133 KB 149ms
148ms Script
application/javascript 172.217.18.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SEKTF469LJ&l=dataLayer&cx=c&gtm=45He4bk0v6621524za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCXP8C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f104.1e100.net

Software

Google Tag Manager /

Resource Hash

9f30df20011e2f1a7871fd83d8c2178efa8bbf89dc357fec96efd3cd6432458a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 30 Nov 2024 10:51:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 10:51:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 135891
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 287 KB
98 KB 95ms
95ms Script
application/javascript 172.217.18.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-970654155&l=dataLayer&cx=c&gtm=45He4bk0v6621524za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCXP8C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f104.1e100.net

Software

Google Tag Manager /

Resource Hash

50d4871c4adadf03dbd85520f320580ed7527927ad689d2fb7c5482e4f47cc0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 30 Nov 2024 10:51:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 10:51:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 30 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100468
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 836ms
93ms Script
application/javascript 150.171.27.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCXP8C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F36BEA73186E457984F69507C4BEC699 Ref B: MIL30EDGE1408 Ref C: 2024-11-30T10:51:45Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Sat, 30 Nov 2024 10:51:45 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 809ms
67ms Script
application/javascript 88.221.110.136
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCXP8C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.110.136 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a88-221-110-136.deploy.static.akamaitechnologies.com

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

cache-control: max-age=77984
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Sat, 30 Nov 2024 10:51:45 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 31 KB
10 KB 251ms
68ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e37dcb6f734d00d75a25fbf066e04283dbc5167fef68c8bff5e0977b83a3f3ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

Cache-Control: max-age=1200
Content-Encoding: gzip
ETag: "6d3071e7937674c226546116c276cfec:1732649923.286849"
Connection: keep-alive
Expires: Sat, 30 Nov 2024 11:11:45 GMT
Accept-Ranges: bytes
X-CC: IT
Content-Length: 9328
X-RG: EU
Date: Sat, 30 Nov 2024 10:51:45 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 18 Nov 2024 08:29:07 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 797ms
55ms Script
application/javascript 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-224-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 991d494be54f4f4777d6941532633b89976ed82be1c46275d910c1407d022725

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

access-control-max-age: 86400
cache-control: max-age=7200
access-control-expose-headers: X-CDN
content-encoding: br
etag: "56ab8670135f76d12eef4f347a61fb24"
x-cdn: akamai
access-control-allow-methods: GET
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
access-control-allow-origin: *
content-length: 1859
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 btp.js Show response
www.rtb123.com/tags/843EAC1D-D98B-D2CE-8D50-12AB9DF88F1D/ 6 KB
2 KB 1418ms
214ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/843EAC1D-D98B-D2CE-8D50-12AB9DF88F1D/btp.js
Requested by: Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rtb123.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0d8934208c6fe6723cddab3cc0e7f966557c8822091717a40c033e78114210d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

content-encoding: gzip
etag: "803ac05e9ab3d61:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
access-control-allow-origin: *
content-length: 1696
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: application/javascript
last-modified: Thu, 05 Nov 2020 17:37:45 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 50 KB
16 KB 1054ms
178ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCXP8C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

42fef7a7c13be12c7c7e48756a9d7798df382decf4d132b5e2843cec70c79636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"6706b6f2-c61f"
cross-origin-resource-policy: cross-origin
expires: Sun, 01 Dec 2024 10:51:46 GMT
access-control-allow-origin: *
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: text/javascript
last-modified: Wed, 09 Oct 2024 17:01:38 GMT
server: nginx

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame A23C 0
0 918ms
108ms Document
text/html 172.217.18.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Frawlsmd.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCXP8C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f104.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 61309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Nov 2024 17:49:57 GMT
expires: Sat, 29 Nov 2025 17:49:57 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 2025952611002130 Show response
connect.facebook.net/signals/config/ 34 KB
6 KB 219ms
218ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2025952611002130?v=2.9.176&r=stable&domain=rawlsmd.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C163%2C196%2C198%2C122%2C145%2C151%2C129%2C233%2C116%2C127%2C146%2C173%2C159%2C118%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C147%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

09d89d465f9b5064a168a6f4d2576e5a5cd58efa54d2b254128832ef42616e17

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-EAm0L1Fu' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:45 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-EAm0L1Fu' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=1, c=52, mss=1288, tbw=87206, tp=-1, tpl=-1, uplat=143, ullat=0
pragma: public
x-fb-debug: renf5XwuNnSU9Lv10TeAlKtRDNPxyODW8rKijyvSZh5AkTokQmIie/V3Ge1kczTuPvFOSIZHVhIVKsHUhds1Kw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 638ms
49ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=261608407524163&ev=PageView&dl=https%3A%2F%2Frawlsmd.com&rl=&if=false&ts=1732963905348&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.1.1732963905347.678138857645554614&pm=1&hrl=e183b4&ler=empty&cdl=API_unavailable&it=1732963905039&coo=false&cs_cc=1&cas=26806149709000060%2C7789182381163750%2C9182271291846200%2C3303270613113023%2C2287190444734059%2C2173486202729360%2C1949270348527720%2C2420715124612913%2C1637542332959636&rqm=GET

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1288, tbw=2932, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 30 Nov 2024 10:51:45 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
848 B 816ms
249ms Image
image/png 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=261608407524163&ev=PageView&dl=https%3A%2F%2Frawlsmd.com&rl=&if=false&ts=1732963905348&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.1.1732963905347.678138857645554614&pm=1&hrl=e183b4&ler=empty&cdl=API_unavailable&it=1732963905039&coo=false&cs_cc=1&cas=26806149709000060%2C7789182381163750%2C9182271291846200%2C3303270613113023%2C2287190444734059%2C2173486202729360%2C1949270348527720%2C2420715124612913%2C1637542332959636&rqm=FGET

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443023303280797448"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: A5t6VKgedosA7ZT4RdxIm36QWhhWhVOrpHutpsXXeVFb5KK3Ll3iPszo5bXtVhOWZtnTtcDFoQCHxw/5+uOIFQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443023303280797448", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=12, mss=1288, tbw=6325, tp=-1, tpl=-1, uplat=169, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 rawlsmd.com.json Show response
script.crazyegg.com/pages/data-scripts/0031/1987/site/ 6 KB
2 KB 618ms
68ms XHR
application/json 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0031/1987/site/rawlsmd.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/1987.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53fde8a20646f8fda0761032c1b1eaa0efb3e210784713d46ed98688dc7b312b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

access-control-expose-headers: CE-Version
content-encoding: gzip
cf-cache-status: HIT
age: 15755
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:45 GMT
content-type: application/json
last-modified: Fri, 29 Nov 2024 20:36:54 GMT
vary: Accept-Encoding
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8eaa48bc2e1f1e60-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1944
ce-version: 11.5.324
server: cloudflare

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/970654155/ 5 KB
3 KB 782ms
163ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970654155/?random=1732963905391&cv=11&fst=1732963905391&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9168099470z86621524za201zb6621524&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras&hn=www.googleadservices.com&frm=0&tiba=Unlocking%20Lyme%20Extras%20%7C%20RawlsMD&npa=0&pscdl=noapi&auid=431544078.1732963905&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-970654155&l=dataLayer&cx=c&gtm=45He4bk0v6621524za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

f86b5d7a69cbcd24e1c526efe4e8fa053d771030ab13876efeba49826756cbf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2333
date: Sat, 30 Nov 2024 10:51:46 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 970654155
td.doubleclick.net/td/rul/ Frame 6C6E 0
0 633ms
79ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/970654155?random=1732963905391&cv=11&fst=1732963905391&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9168099470z86621524za201zb6621524&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras&hn=www.googleadservices.com&frm=0&tiba=Unlocking%20Lyme%20Extras%20%7C%20RawlsMD&npa=0&pscdl=noapi&auid=431544078.1732963905&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-970654155&l=dataLayer&cx=c&gtm=45He4bk0v6621524za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rawlsmd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Nov 2024 10:51:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 788ms
162ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-SEKTF469LJ&gtm=45je4bk0v867857906z86621524za200zb6621524&_p=1732963904171&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=388616825.1732963905&ul=it-it&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1732963905&sct=1&seg=0&dl=https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras&dt=Unlocking%20Lyme%20Extras%20%7C%20RawlsMD&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5221
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SEKTF469LJ&l=dataLayer&cx=c&gtm=45He4bk0v6621524za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://rawlsmd.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
551 B 664ms
94ms Ping
text/plain 74.125.71.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SEKTF469LJ&cid=388616825.1732963905&gtm=45je4bk0v867857906z86621524za200zb6621524&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SEKTF469LJ&l=dataLayer&cx=c&gtm=45He4bk0v6621524za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.71.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wn-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://rawlsmd.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame D08E 0
0 409ms
72ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-SEKTF469LJ&gacid=388616825.1732963905&gtm=45je4bk0v867857906z86621524za200zb6621524&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=764441490

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SEKTF469LJ&l=dataLayer&cx=c&gtm=45He4bk0v6621524za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rawlsmd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Nov 2024 10:51:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 00c0dddb4a6f417e89d47729e91fb5cea8 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 2104ms
381ms Script
text/html 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/00c0dddb4a6f417e89d47729e91fb5cea8

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-185-60.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=60
ob-sent-time: 1732938277546
Content-Encoding: gzip
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Connection: keep-alive
Expires: Sat, 30 Nov 2024 10:52:47 GMT
Access-Control-Allow-Origin: *
X-CC: IT
Content-Length: 22
X-RG: EU
Date: Sat, 30 Nov 2024 10:51:47 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
x-traceid: 27bbadf44e69dfb6c85808420a71d8de

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ 26 B
301 B 325ms
47ms Fetch
text/html 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

Cache-Control: max-age=1200
Connection: keep-alive
Observe-Browsing-Topics: ?1
Expires: Sat, 30 Nov 2024 11:11:45 GMT
Access-Control-Allow-Origin: *
X-CC: IT
Content-Length: 26
X-RG: EU
Date: Sat, 30 Nov 2024 10:51:45 GMT
Content-Type: text/html

GET
H/1.1 200
OK unifiedPixel Show response
tr.outbrain.com/ 53 B
321 B 616ms
157ms Fetch
image/gif 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?au=false&bust=0061527693336085765&referrer=&cht=gtm&marketerId=00c0dddb4a6f417e89d47729e91fb5cea8&name=PAGE_VIEW&dl=https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras&g=1&zone=all&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 54
content-encoding: br
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: image/gif;
x-traceid: 7eb4ca03fc357d8cbaed9cd3bf39ed75

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 270ms
160ms Script
application/javascript 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=00c0dddb4a6f417e89d47729e91fb5cea8

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 39
content-encoding: br
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: application/javascript
x-traceid: be6fb0697d27961b90d5b2084d28c943

GET
H2 200 /
www.facebook.com/tr/ 0
126 B 75ms
75ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2025952611002130&ev=PageView&dl=https%3A%2F%2Frawlsmd.com&rl=&if=false&ts=1732963905577&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.1.1732963905347.678138857645554614&pm=1&hrl=3c8e26&ler=empty&cdl=API_unavailable&it=1732963905039&coo=false&cs_cc=1&rqm=GET

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=12, mss=1288, tbw=3298, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 196ms
196ms Image
image/png 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2025952611002130&ev=PageView&dl=https%3A%2F%2Frawlsmd.com&rl=&if=false&ts=1732963905577&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.1.1732963905347.678138857645554614&pm=1&hrl=3c8e26&ler=empty&cdl=API_unavailable&it=1732963905039&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443023302780213589"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-fb-server-load: 31
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: qEVA+JteFwkzBItlR3R/eUOz74oW+cV7BZvH+RY0OoDOdg9jSzD7zkEkAeZgy4IluehjgZ0F5DjKRUil1jBCHA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443023302780213589", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=12, mss=1288, tbw=3468, tp=-1, tpl=-1, uplat=110, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame F36E 0
0 679ms
97ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyY-AUAAAAAGKV6Qf1A5lJh8zgrEkcUP3RQt5Q&co=aHR0cHM6Ly9yYXdsc21kLmNvbTo0NDM.&hl=it&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=yl43cb7pszxl

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__it.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xLAeRDYrUx4VVraYe0BvXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rawlsmd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xLAeRDYrUx4VVraYe0BvXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Nov 2024 10:51:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 klaviyo_subscribe.css
a.klaviyo.com/media/css/public/ 29 KB
4 KB 656ms
101ms Stylesheet
text/css 172.64.147.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/media/css/public/klaviyo_subscribe.css

Requested by

Host: www.klaviyo.com
URL: https://www.klaviyo.com/media/js/public/klaviyo_subscribe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10bef3b064f8cca0d068891052b927a95f9a10db372a59a0099743046785d43a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
cf-cache-status: HIT
age: 34807
x-content-type-options: nosniff
expires: Sun, 01 Dec 2024 10:51:46 GMT
date: Sat, 30 Nov 2024 10:51:46 GMT
last-modified: Thu, 28 Nov 2024 23:55:44 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Language, Cookie
content-disposition: inline; filename="klaviyo_subscribe.css"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
cache-control: public, max-age=86400
cf-ray: 8eaa48bf48a21e60-FRA
accept-ranges: bytes
content-length: 3515
content-language: en-us
server: cloudflare

GET
H2 200 jquery.form.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.form/3.32/ 15 KB
6 KB 672ms
88ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.form/3.32/jquery.form.min.js

Requested by

Host: www.klaviyo.com
URL: https://www.klaviyo.com/media/js/public/klaviyo_subscribe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35b137aac13ccdefc4116a827dffd01c0e919c1436c5b1d0f5ed9089859ae26c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec2-3c6b"
age: 20788
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BqH3usDMXP5JJQwBrfxHvGBN7rhibMOb0RWsIKcCDKZD2226qYELcfLOeynN0tX%2B2xBagw4nTvBAo1szILjmGWU%2FvjRhaejNZWGgZDAJhmdBPR6663n4Z0fh5xTReOVeN4uWnVlO"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 10:51:46 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8eaa48c07f959205-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5202
server: cloudflare

GET
H2 200 1db8eb7ffc8594e42c0729400701d1a8.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 105 KB
36 KB 92ms
92ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/1987.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36fff107db5298724b3acc76f374ab35db4ce90067347613a2ebbcbafd28caa6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 52185
cf-ray: 8eaa48bcb966695b-FRA
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 36609
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: text/javascript
last-modified: Thu, 21 Nov 2024 14:37:57 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 main.babde0ae.js Show response
s.pinimg.com/ct/lib/ 81 KB
23 KB 121ms
120ms Script
application/javascript 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.babde0ae.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-224-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 838c7bdf2d92bc0f36f690776dba53c2718f84f2b1f9b1e403df8e1ad652d7cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

access-control-max-age: 86400
cache-control: max-age=1209600
access-control-expose-headers: X-CDN
content-encoding: br
etag: "8b081f101a84d3f43538d221491c793e"
x-cdn: akamai
access-control-allow-methods: GET
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23434
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
813 B 1020ms
443ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=1372801&time=1732963906077&url=https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Referer: https://rawlsmd.com/

Response headers

x-li-pop: afd-prod-lva1-x
content-encoding: gzip
x-fs-uuid: 0006281f1a11c79834b05f1c3a87ec1a
x-msedge-ref: Ref A: 13F95F092A2442D291E57363B08EC044 Ref B: MIL30EDGE1514 Ref C: 2024-11-30T10:51:46Z
x-li-fabric: prod-lva1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYoHxoRx5g0sF8cOofsGg==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2 200 collect
px.ads.linkedin.com/ 0
668 B 1054ms
242ms Image
application/javascript 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1372801&time=1732963906077&url=https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras
Requested by: Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 876A2880F4C54875AE85A1B11C190D30 Ref B: MIL30EDGE1507 Ref C: 2024-11-30T10:51:46Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYoHxoW6CLeHwhlynTnMQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: application/javascript

GET
H2 200 4057105.js Show response
bat.bing.com/p/action/ 364 B
412 B 121ms
121ms Script
application/javascript 150.171.27.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4057105.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F0F206D8B461435CBC26296FE5989E39 Ref B: MIL30EDGE1408 Ref C: 2024-11-30T10:51:46Z
x-cache: CONFIG_NOCACHE
date: Sat, 30 Nov 2024 10:51:45 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 / Show response
ct.pinterest.com/user/ 326 B
741 B 107ms
97ms XHR
application/json 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=549755950815&cb=1732963906186&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.babde0ae.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: 849b943c0e42f2393fa52817fe8ae53e
expires: Sat, 01 Jan 2000 00:00:00 GMT
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPVlXTTBZek15WldRdFpqQmpPQzAwTlRRekxXRmxOelV0WkRaaU5tRTNNVGd4WVRGaw
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: https://rawlsmd.com
content-length: 185
akamai-grn: 0.25d53e17.1732963906.5937056
x-pinterest-rid: 4586115879066592

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
539 B 111ms
103ms Fetch
image/gif 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?tid=549755950815&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22babde0ae%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1732963906187

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.babde0ae.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

x-pinterest-rid-128bit: 901f61320ce806b731d84e40db090bd4
expires: Sat, 01 Jan 2000 00:00:00 GMT
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: image/gif
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: https://rawlsmd.com
content-length: 35
akamai-grn: 0.25d53e17.1732963906.5937055
x-pinterest-rid: 3591706743287647

GET
H2 200 rawlsmd.com.json Show response
script.crazyegg.com/pages/data-scripts/0031/1987/sampling/ 156 B
260 B 182ms
182ms XHR
application/json 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0031/1987/sampling/rawlsmd.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94c50b068aea2eda22067ace33aaafd0bdf19602f9ca60c344ecd585656b9d0c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

access-control-expose-headers: CE-Version
content-encoding: gzip
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: application/json
last-modified: Sat, 30 Nov 2024 10:51:46 GMT
vary: Accept-Encoding
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8eaa48be2faf1e60-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 143
ce-version: 11.5.324
server: cloudflare

GET
H2 200 /
www.google.com/pagead/1p-user-list/970654155/ 42 B
278 B 78ms
77ms Image
image/gif 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/970654155/?random=1732963905391&cv=11&fst=1732960800000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9168099470z86621524za201zb6621524&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras&hn=www.googleadservices.com&frm=0&tiba=Unlocking%20Lyme%20Extras%20%7C%20RawlsMD&npa=0&pscdl=noapi&auid=431544078.1732963905&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7duKQPh9wTZXxoigiJ-AnjSDjBiOHLnQ&random=2082897910&rmt_tld=0&ipr=y

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 30 Nov 2024 10:51:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 0
bat.bing.com/action/ 0
288 B 106ms
105ms Image
text/plain 150.171.27.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4057105&tm=gtm002&Ver=2&mid=de8e265c-fa95-4079-8a62-a047de7e49c5&bo=1&sid=17e8d8b0af0911ef8a7873057c2c66e9&vid=17e8c520af0911ef82436bed3170704d&vids=1&msclkid=N&pi=918639831&lg=it-IT&sw=1600&sh=1200&sc=24&tl=Unlocking%20Lyme%20Extras%20%7C%20RawlsMD&p=https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras&r=&lt=4617&evt=pageLoad&sv=1&cdb=AQAQ&rn=237565

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A63F0CE90EDD418CB860C0BC1CAD7628 Ref B: MIL30EDGE1408 Ref C: 2024-11-30T10:51:46Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sat, 30 Nov 2024 10:51:45 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 1C71 0
0 720ms
85ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=rawlsmd.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://rawlsmd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 30 Nov 2024 10:51:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 359535
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

OPTIONS
H2 204 clock
tracking.crazyegg.com/ Frame 0
0 415ms
117ms Preflight 46.137.150.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?u=311987&st=242526&t=1732963906431&tk=e3c07b5389a0089489dbc4d7cedde513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.150.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-150-200.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rawlsmd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Access-Control-Allow-Origin,Access-Control-Allow-Methods
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public, max-age=86400
date: Sat, 30 Nov 2024 10:51:46 GMT
server: awselb/2.0
vary: Access-Control-Request-Headers, Origin, Access-Control-Request-Method

POST
H2 200 clock Show response
tracking.crazyegg.com/ 40 B
146 B 403ms
403ms XHR
text/plain 46.137.150.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?u=311987&st=242526&t=1732963906431&tk=e3c07b5389a0089489dbc4d7cedde513
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.150.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-150-200.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: f81f06a4f45daabf72ecde445bdab7f0656fb4741aabd4cf975853f8b2d75a0c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://rawlsmd.com/

Response headers

cache-control: no-store
access-control-allow-origin: *
content-length: 40
date: Sat, 30 Nov 2024 10:51:46 GMT
content-type: text/plain
server: awselb/2.0

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
460 B 354ms
72ms XHR
application/json 13.35.58.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-27.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

access-control-max-age: 31536000
access-control-expose-headers: Access-Control-Allow-Origin
etag: "d06f04fccf68d0b228a5923187ce1afd"
age: 5888152
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: CgAGHA2cjQk_b0Rit936djCe25nk56rl4EgORAZk04_9OGjL9z1xfQ==
date: Mon, 23 Sep 2024 07:15:55 GMT
content-type: application/json
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
via: 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19
x-amz-cf-pop: FRA60-P10
server: AmazonS3

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
460 B 344ms
74ms XHR
application/json 99.86.4.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-88.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

access-control-max-age: 31536000
access-control-expose-headers: Access-Control-Allow-Origin
etag: "d06f04fccf68d0b228a5923187ce1afd"
age: 6403169
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: f-VfzK6Wp7AqeY2bGnqxO6YVjNCt0JzIVi1blzFOgA8JMt3hMWDUDA==
date: Tue, 17 Sep 2024 08:12:17 GMT
content-type: application/json
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19
x-amz-cf-pop: FRA6-C1
server: AmazonS3

GET 583d028d-2d13-461d-8de6-d2163c4a3d55
https://rawlsmd.com/ Frame 0
0

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 10 KB
3 KB 249ms
248ms Stylesheet
text/css 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: bf283fef88d8fe04783a585b86d196a404a9b2d3ed87fad6758db1ab311fd0e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "673cdbf7-2644"
cdn-fileserver: 863
date: Sat, 30 Nov 2024 10:51:46 GMT
cdn-storageserver: WA-407
last-modified: Tue, 19 Nov 2024 18:41:59 GMT
content-type: text/css
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/19/2024 18:42:47
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 16c1a9a407e59dedb8b22b4dc2229047
cdn-pullzone: 293267
cdn-proxyver: 1.07
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 eretuivatzhxupon2tbd Show response
api.omappapi.com/v2/embed/15003/ 5 KB
2 KB 836ms
264ms XHR
application/json 172.66.42.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/15003/eretuivatzhxupon2tbd
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.42.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7a3cf12cd23aadd1bb7394728c9a160c9c223aac6703bf204734eed3ed541be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

x-user-agent: standard--
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"c6b875d89289bee893bd56e88d875d1a"
expires: Sat, 30 Nov 2024 10:52:17 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: z2-nN458C9nKIN7RIVTTgOdj9ZWl-t8kigigoCkmS-VayD3Qou8qwg==
date: Sat, 30 Nov 2024 10:51:47 GMT
x-cache-config: 0 0
content-type: application/json
last-modified: Wed, 12 Jun 2024 08:50:22 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-headers: X-CSRF-Token
x-cache-status: EXPIRED
cache-control: public, max-age=30, stale-while-revalidate=1800
x-optinmonster-campaign: eretuivatzhxupon2tbd
via: 1.1 35cfa6fbcb341fd2ae15e24a43e2f57a.cloudfront.net (CloudFront)
cf-ray: 8eaa48c36b448c40-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: cloudflare

GET
H2 200 abbu34tzl2tkjx6ldlo2 Show response
api.omappapi.com/v2/embed/15003/ 5 KB
2 KB 730ms
160ms XHR
application/json 172.66.42.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/15003/abbu34tzl2tkjx6ldlo2
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.42.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe695f21d2983c4a04ad1b422f791ad13fa4ed70bbf5c40297b15a352b41e341

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

x-user-agent: standard--
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"db74f60ef9d7d6ba9c109f23f5a67110"
expires: Sat, 30 Nov 2024 10:44:08 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: _H4L5ztsqJlSaTpyCWCHb07bhmyDkFOAUc49qKQ3z--3ahICVFwiaQ==
date: Sat, 30 Nov 2024 10:51:47 GMT
x-cache-config: 0 0
content-type: application/json
last-modified: Wed, 25 Sep 2024 01:52:43 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-headers: X-CSRF-Token
x-cache-status: HIT
cache-control: public, max-age=30, stale-while-revalidate=1800
x-optinmonster-campaign: abbu34tzl2tkjx6ldlo2
via: 1.1 35cfa6fbcb341fd2ae15e24a43e2f57a.cloudfront.net (CloudFront)
cf-ray: 8eaa48c36b458c40-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: cloudflare

GET
H2 200 qadxeralwqfdwi2ed5z3 Show response
api.omappapi.com/v2/embed/15003/ 4 KB
2 KB 794ms
228ms XHR
application/json 172.66.42.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/15003/qadxeralwqfdwi2ed5z3
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.42.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d794fd0796f710f76d3e1e15113532da5c45ce705dcab6de88a120e9b467313

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

x-user-agent: standard--
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"26687240fe8eeb75f208653af4b2869c"
expires: Sat, 30 Nov 2024 10:52:17 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: OcJA2zGBXsN55tUHOEkINGjJD58xhyep8_AAjRBVQdh4af808U1Cng==
date: Sat, 30 Nov 2024 10:51:47 GMT
x-cache-config: 0 0
content-type: application/json
last-modified: Mon, 25 Nov 2024 13:53:04 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-headers: X-CSRF-Token
x-cache-status: EXPIRED
cache-control: public, max-age=30, stale-while-revalidate=1800
x-optinmonster-campaign: qadxeralwqfdwi2ed5z3
via: 1.1 35cfa6fbcb341fd2ae15e24a43e2f57a.cloudfront.net (CloudFront)
cf-ray: 8eaa48c36b468c40-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: cloudflare

GET
H2 200 bienuar1bxpc9dwfy1eb Show response
api.omappapi.com/v2/embed/15003/ 3 KB
2 KB 736ms
172ms XHR
application/json 172.66.42.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/15003/bienuar1bxpc9dwfy1eb
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.42.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 391ea3554dd46b2c0159d7dbfa4449ad62b566ad019f11342350de2c7d32239a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

x-user-agent: standard--
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"237d6f475fbe0c798266083792aeaecf"
expires: Sat, 30 Nov 2024 10:44:08 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: A1H_kjYVbMl9HHdGuWp0-_-VLXPqL0MrpXU7YFNT-SprbR3_AL9Dug==
date: Sat, 30 Nov 2024 10:51:47 GMT
x-cache-config: 0 0
content-type: application/json
last-modified: Wed, 25 Sep 2024 01:51:17 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-headers: X-CSRF-Token
x-cache-status: HIT
cache-control: public, max-age=30, stale-while-revalidate=1800
x-optinmonster-campaign: bienuar1bxpc9dwfy1eb
via: 1.1 35cfa6fbcb341fd2ae15e24a43e2f57a.cloudfront.net (CloudFront)
cf-ray: 8eaa48c36b478c40-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: cloudflare

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=24469328&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24469328%26t%3D2

43 B
1 KB

52ms
52ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24469328%26t%3D2

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 185.198.62.224; 185.198.62.224; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 00c24b9c-78a1-48c8-b4d9-141798269bab
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sat, 30 Nov 2024 10:51:47 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24469328%26t%3D2
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 185.198.62.224; 185.198.62.224; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: c03223bc-3669-46a2-b99f-796b0c021af4
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sat, 30 Nov 2024 10:51:47 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=19895710&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19895710%26t%3D2

43 B
1 KB

51ms
51ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19895710%26t%3D2

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 185.198.62.224; 185.198.62.224; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: dbc6f4db-6a16-4513-b9f9-62f2915fe459
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sat, 30 Nov 2024 10:51:47 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19895710%26t%3D2
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 185.198.62.224; 185.198.62.224; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: c0b0837f-a8b1-44b7-bbbb-db67c09f97be
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sat, 30 Nov 2024 10:51:47 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=66983&v=5.29.0&otl=1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520user%252523%252523%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dd...
https://widget.us.criteo.com/event?a=66983&v=5.29.0&otl=1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520user%252523%252523%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Dd...

10 KB
4 KB

612ms
214ms

Script
application/x-javascript

74.119.117.16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=66983&v=5.29.0&otl=1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520user%252523%252523%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Afk2-V9XTHNzNVNGSWk5NnMwYSUyQmxMMkYxNkhrTzZMJTJGTVAyZGFjQURDbTAlMkJuVm1XMHY5JTJGUFRGUDBHWEF1cE5oOWoxWHlIc1RZNTNZZUswOEdITnlzVkdsSlJGWGxmWmNnaGZEJTJGJTJGRDRYMjg5bDRJUFhyUW5IQXhsUHNuTUxrR3ZOcTc3TXdoS3lqMkRGaWdmYWdKMjBCNjlPWHclM0QlM0Q&sc=%7B%22fbp%22%3A%22fb.1.1732963905347.678138857645554614%22%7D&tld=rawlsmd.com&fu=https%253A%252F%252Frawlsmd.com%252Funlocking-lyme-extras&ceid=5d5f6320-ea63-4e08-83e6-9cc5e12f76bf

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/unlocking-lyme-extras

Protocol

Server

74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

11939010f3ca7630ce649deaef8dd2ba4d929fb8250dbe9c909c9b0849c91e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9954933
expires: 0
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
date: Sat, 30 Nov 2024 10:51:47 GMT
content-type: application/x-javascript
server: Kestrel

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
location: https://widget.us.criteo.com/event?a=66983&v=5.29.0&otl=1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252520of%252520user%252523%252523%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Afk2-V9XTHNzNVNGSWk5NnMwYSUyQmxMMkYxNkhrTzZMJTJGTVAyZGFjQURDbTAlMkJuVm1XMHY5JTJGUFRGUDBHWEF1cE5oOWoxWHlIc1RZNTNZZUswOEdITnlzVkdsSlJGWGxmWmNnaGZEJTJGJTJGRDRYMjg5bDRJUFhyUW5IQXhsUHNuTUxrR3ZOcTc3TXdoS3lqMkRGaWdmYWdKMjBCNjlPWHclM0QlM0Q&sc=%7B%22fbp%22%3A%22fb.1.1732963905347.678138857645554614%22%7D&tld=rawlsmd.com&fu=https%253A%252F%252Frawlsmd.com%252Funlocking-lyme-extras&ceid=5d5f6320-ea63-4e08-83e6-9cc5e12f76bf
content-encoding: gzip
pragma: no-cache
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2577659
expires: 0
access-control-allow-origin: *
content-length: 0
date: Sat, 30 Nov 2024 10:51:46 GMT
server: Kestrel

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
194 B 207ms
206ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rawlsmd.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 98C001A78DD5464281BE5C86A4EFBBE7 Ref B: MIL30EDGE1507 Ref C: 2024-11-30T10:51:47Z
x-li-fabric: prod-ltx1
access-control-allow-credentials: true
x-li-uuid: AAYoHxoZ7TpH9rZ3A4hNSw==
x-li-proto: http/2
access-control-allow-origin: https://rawlsmd.com
x-cache: CONFIG_NOCACHE
date: Sat, 30 Nov 2024 10:51:46 GMT
vary: Origin

GET
H2 200 5.8d87cdc9.min.js Show response
a.omappapi.com/app/js/ 13 KB
5 KB 234ms
233ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/5.8d87cdc9.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: 7d5c91bba288f8d52bece6eb27a646578f0c935f8890f9f1fb5349060c7ce77b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

x-amz-server-side-encryption: AES256
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "c73fbe3f0cf913da77cf06d1659eeaee"
date: Sat, 30 Nov 2024 10:51:47 GMT
last-modified: Tue, 19 Nov 2024 18:41:53 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: /doStz7B5YQo1TUDpfYwJ9ey9sgsG4rl1vXHqxHp3NwSCTR3JoxnpgU1T89zf/vf2uB2rYXBtcI=
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-storagebalancer: WA-626
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 59508b741b7fe87b229719112b54a7dc
cdn-pullzone: 293267
cdn-proxyver: 1.07
x-amz-request-id: PVZV0224VT9Z2V9C
access-control-allow-origin: *
cdn-cachedat: 11/19/2024 18:42:02
cdn-edgestorageid: 1120
perma-cache: MISS
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET baf5cc8f-68ec-4ff4-9231-d4f58a4e791d
https://rawlsmd.com/ Frame 0
0

GET
H2 200 json Show response
api.omappapi.com/v3/geolocate/ 513 B
563 B 413ms
413ms XHR
application/json 172.66.42.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v3/geolocate/json
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.42.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8b108611bcd7d4e51584c02972607a10fd79f9df3a4ecec7693255b2d6d040b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

x-user-agent: standard--
content-encoding: br
cf-cache-status: DYNAMIC
x-pagely-debug: mainblock
x-cache: Miss from cloudfront
x-amz-cf-id: OpkfJDROOnCJbc9c5kT6q2cwgi8Vj-WV0tZ25_1i8_ODZVFw8RknQQ==
date: Sat, 30 Nov 2024 10:51:47 GMT
x-cache-config: 0 0
content-type: application/json
x-cache-status: BYPASS
x-ratelimit-reset: 1732963967
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-ratelimit-remaining: 999
cf-ray: 8eaa48c75e088c40-FRA
access-control-allow-origin: *
x-ratelimit-limit: 1000
x-amz-cf-pop: FRA6-C1
server: cloudflare

GET
H2 200 4.22b86587.min.js Show response
a.omappapi.com/app/js/ 44 KB
13 KB 498ms
498ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/4.22b86587.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: a95f4f272fb7ee161327a5f3f4f669d3d5a7974b6bba7cb936b01b5468394ab4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "672cd5df-ae69"
cdn-fileserver: 863
date: Sat, 30 Nov 2024 10:51:47 GMT
cdn-storageserver: WA-626
last-modified: Thu, 07 Nov 2024 14:59:43 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2024 11:01:48
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: b3a44a012f6021191dd59ded82d5d4ab
cdn-pullzone: 293267
cdn-proxyver: 1.07
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 3572 0
0 92ms
92ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=it&v=pPK749sccDmVW_9DSeTMVvh2&k=6LfyY-AUAAAAAGKV6Qf1A5lJh8zgrEkcUP3RQt5Q

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__it.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gOy7EIEoOW55omovBbwc6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rawlsmd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gOy7EIEoOW55omovBbwc6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Nov 2024 10:51:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 25.7a0ef50d.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 244ms
244ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/25.7a0ef50d.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: 39bb5021d0931d53358aacc884ca5af95bc5cb960c2dc459f4955c80d6f2ab12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "66fefc7f-aed"
cdn-fileserver: 863
date: Sat, 30 Nov 2024 10:51:48 GMT
cdn-storageserver: WA-626
last-modified: Thu, 03 Oct 2024 20:20:15 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/08/2024 08:02:12
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: d953acfe4aa4dce68bbe212b63607ee3
cdn-pullzone: 293267
cdn-proxyver: 1.06
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 13.0d9bec5f.min.js Show response
a.omappapi.com/app/js/ 2 KB
1 KB 246ms
245ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/13.0d9bec5f.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: 9ee00d07b79fe34f2bd25d5b4341483cc9b3561b414a986f542c9f903acc2835

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "66fefc89-8b1"
cdn-fileserver: 863
date: Sat, 30 Nov 2024 10:51:48 GMT
cdn-storageserver: WA-407
last-modified: Thu, 03 Oct 2024 20:20:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2024 11:01:50
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 8b8c1431a35ead66ad4497ee16849c2f
cdn-pullzone: 293267
cdn-proxyver: 1.07
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 19.a0925dda.min.js Show response
a.omappapi.com/app/js/ 4 KB
2 KB 563ms
560ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/19.a0925dda.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: 8f299bce1c4968647aa3727f390aef0cd75da150a614ae61540d6cce44207e20

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "6707e1a9-ed6"
cdn-fileserver: 863
date: Sat, 30 Nov 2024 10:51:48 GMT
cdn-storageserver: WA-626
last-modified: Thu, 10 Oct 2024 14:16:09 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2024 12:31:27
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: cf766538f89b43ae2ea651c9a0df8487
cdn-pullzone: 293267
cdn-proxyver: 1.07
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 27.78befebd.min.js Show response
a.omappapi.com/app/js/ 6 KB
2 KB 245ms
242ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/27.78befebd.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: b536245d5d1912397f06964694ae416b45a26a3bc39021850852c647bee46bab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "66fefc81-174f"
cdn-fileserver: 863
date: Sat, 30 Nov 2024 10:51:48 GMT
cdn-storageserver: WA-407
last-modified: Thu, 03 Oct 2024 20:20:17 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/08/2024 08:02:12
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: f647cc42c26e6982c76b29738da242d4
cdn-pullzone: 293267
cdn-proxyver: 1.06
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 33.db83743a.min.js Show response
a.omappapi.com/app/js/ 34 KB
9 KB 496ms
494ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/33.db83743a.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: eff50ee97749192a01ffbe5c7d7b3b88d11cc53dcbd6d659b22b37e8cc0754d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "6728ef64-878e"
cdn-fileserver: 626
date: Sat, 30 Nov 2024 10:51:48 GMT
cdn-storageserver: WA-407
last-modified: Mon, 04 Nov 2024 15:59:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/08/2024 08:02:12
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: cfc7d4f3fdfe835e85b9f21ad61e109f
cdn-pullzone: 293267
cdn-proxyver: 1.06
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 10.f3e1fec4.min.js Show response
a.omappapi.com/app/js/ 31 KB
10 KB 519ms
517ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/10.f3e1fec4.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: 46be8975c077af9ee628b95903df417598a0df10350acb20e678ab3fe9a54f36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "673cdbfc-7cf4"
cdn-fileserver: 863
date: Sat, 30 Nov 2024 10:51:48 GMT
cdn-storageserver: WA-407
last-modified: Tue, 19 Nov 2024 18:42:04 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/23/2024 04:14:45
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 623dea550905afa47b24cfbb99d6bada
cdn-pullzone: 293267
cdn-proxyver: 1.07
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 0.8d8ea138.min.js Show response
a.omappapi.com/app/js/ 7 KB
3 KB 521ms
518ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/0.8d8ea138.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: 7d83be6c00b69fd13021966579f40390e19a7638de7a33fbb01997f793937432

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "66fefc81-1a8f"
cdn-fileserver: 626
date: Sat, 30 Nov 2024 10:51:48 GMT
cdn-storageserver: WA-407
last-modified: Thu, 03 Oct 2024 20:20:17 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/08/2024 08:02:12
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: c184fcc9cc911b2f35b2459a35f5602c
cdn-pullzone: 293267
cdn-proxyver: 1.06
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 9.b36e2a05.min.js Show response
a.omappapi.com/app/js/ 2 KB
1 KB 519ms
517ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/9.b36e2a05.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: f14b33b9d5a249b41c2c3ab1065df21780f8d7d681c6a745244848dff1845c58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "66fefc88-650"
cdn-fileserver: 626
date: Sat, 30 Nov 2024 10:51:48 GMT
cdn-storageserver: WA-626
last-modified: Thu, 03 Oct 2024 20:20:24 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/23/2024 04:14:23
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: be67595a76364b27775b6135d9d93af6
cdn-pullzone: 293267
cdn-proxyver: 1.07
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 11.c5ec45ff.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 522ms
520ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/11.c5ec45ff.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: 39dd4eedf59461aa0bb42f57f4663d3b3224f5efcdf95f7e571e829aae135905

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "66fefc89-838"
cdn-fileserver: 863
date: Sat, 30 Nov 2024 10:51:48 GMT
cdn-storageserver: WA-407
last-modified: Thu, 03 Oct 2024 20:20:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/23/2024 04:14:23
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 2543d9ed110a06ff974496b0bf042676
cdn-pullzone: 293267
cdn-proxyver: 1.07
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 28.43a9d7cb.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 522ms
520ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/28.43a9d7cb.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: 215d04e8a15809c25cc259626bfdf609ea695c32199d1b1b482cf7395a19faaf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "66fefca5-b21"
cdn-fileserver: 626
date: Sat, 30 Nov 2024 10:51:48 GMT
cdn-storageserver: WA-407
last-modified: Thu, 03 Oct 2024 20:20:53 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2024 11:01:49
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 765f247f7f65b2de200a07a3c4a28605
cdn-pullzone: 293267
cdn-proxyver: 1.07
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 26.6128bd2e.min.js Show response
a.omappapi.com/app/js/ 1 KB
1 KB 563ms
561ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/26.6128bd2e.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: 7c345c812c6c32c007d7fe0f4968df8f847ea5006e76c8633da70d446b1936a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "66fefc81-4e1"
cdn-fileserver: 626
date: Sat, 30 Nov 2024 10:51:48 GMT
cdn-storageserver: WA-407
last-modified: Thu, 03 Oct 2024 20:20:17 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2024 11:01:49
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: ba3ce087b2b0e9b972e9f51ea4769736
cdn-pullzone: 293267
cdn-proxyver: 1.07
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 16.d9461827.min.js Show response
a.omappapi.com/app/js/ 830 B
1 KB 698ms
696ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/16.d9461827.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: 140eedc23b5929c1bb8a74d021936779b48156ccb5445431659d656f8aa104cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "66fefc7f-33e"
cdn-fileserver: 626
date: Sat, 30 Nov 2024 10:51:48 GMT
cdn-storageserver: WA-626
last-modified: Thu, 03 Oct 2024 20:20:15 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/08/2024 08:02:12
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: e07ba4e80c2a3b3238cc57c4cc4e7248
cdn-pullzone: 293267
cdn-proxyver: 1.06
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 1.45b31b69.min.js Show response
a.omappapi.com/app/js/ 9 KB
3 KB 700ms
698ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/1.45b31b69.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: 83a3d365514cd49659d6d7906936b0f3ac0db4d743643006afdbe09f6d5b3d03

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "66fefc88-23d2"
cdn-fileserver: 863
date: Sat, 30 Nov 2024 10:51:48 GMT
cdn-storageserver: WA-407
last-modified: Thu, 03 Oct 2024 20:20:24 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2024 12:31:27
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 5ab7afa096fdec333637285c913483df
cdn-pullzone: 293267
cdn-proxyver: 1.07
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 21.8fe2e52f.min.js Show response
a.omappapi.com/app/js/ 2 KB
1 KB 698ms
696ms Script
application/javascript 212.102.46.118
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/21.8fe2e52f.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.102.46.118 Seattle, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 212-102-46-118.bunnyinfra.net
Software: BunnyCDN-WA1-1120 /
Resource Hash: e92b5c4af8c5c6115f09955c6aa8577a45c65effe782e0593540f09177f69a29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

perma-cache: HIT
cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "66fefc88-65a"
cdn-fileserver: 863
date: Sat, 30 Nov 2024 10:51:48 GMT
cdn-storageserver: WA-626
last-modified: Thu, 03 Oct 2024 20:20:24 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2024 11:01:49
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 7062d52a2127b0cdf8f4a485c5b42fbf
cdn-pullzone: 293267
cdn-proxyver: 1.07
access-control-allow-origin: *
cdn-edgestorageid: 1120
server: BunnyCDN-WA1-1120
cdn-requestcountrycode: IT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 801ms
246ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

content-encoding: gzip
age: 624
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 30 Nov 2024 12:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 10:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
2 KB 275ms
275ms Script
application/javascript 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/static/ct/token_create.js

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.babde0ae.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

85ab852bfb2016bce3933a1c7107b1bce807179f46364db291ab1f86b89addbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: max-age=7200
content-encoding: gzip
etag: "6d0ca67bea866259c359c2d1e93bf622"
x-cdn: akamai
content-length: 2092
date: Sat, 30 Nov 2024 10:51:49 GMT
akamai-grn: 0.25d53e17.1732963909.593769b
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 ct.html
ct.pinterest.com/ Frame 82D6 0
0 1595ms
75ms Document
text/html 2.19.224.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.babde0ae.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://rawlsmd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

akamai-grn: 0.25d53e17.1732963911.593798a
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sat, 30 Nov 2024 10:51:51 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1131173075483843
x-pinterest-rid-128bit: fffae7fd405da9b49cfb57307d019703

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 86D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Lhh1knF7gS6-EVIvo4Cme4v-6YG-9lhf7RltvA&google_cm&google_hm=ay1MaGgxa25GN2dTNi1FVkl2bzRDbWU0di02WUctOWxoZ...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Lhh1knF7gS6-EVIvo4Cme4v-6YG-9lhf7RltvA&google_gid=CAESEAv-EgsTzrQeMege26YAqlw&google_cver=1&google_ula=913071,0

43 B
370 B

54ms
53ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Lhh1knF7gS6-EVIvo4Cme4v-6YG-9lhf7RltvA&google_gid=CAESEAv-EgsTzrQeMege26YAqlw&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1694971
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date: Sat, 30 Nov 2024 10:51:51 GMT
content-type: image/gif
server: Kestrel

Redirect headers

cache-control: no-cache, must-revalidate
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Lhh1knF7gS6-EVIvo4Cme4v-6YG-9lhf7RltvA&google_gid=CAESEAv-EgsTzrQeMege26YAqlw&google_cver=1&google_ula=913071,0
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 398
date: Sat, 30 Nov 2024 10:51:51 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2 200 sync
x.bidswitch.net/ Frame 86D9 43 B
183 B 706ms
105ms Image
image/gif 35.214.136.108
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-d7vMK3F7gS6-EVIvo4Cme4v-6YEX8Q9N4qdVIw&expires=30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Sat, 30 Nov 2024 10:51:50 GMT
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 86D9
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2903052867774048992

43 B
369 B

60ms
53ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2903052867774048992

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 898360
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date: Sat, 30 Nov 2024 10:51:51 GMT
content-type: image/gif
server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2903052867774048992
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 185.198.62.224; 185.198.62.224; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 50bc2f0a-3df3-4033-b1f4-4c43884bc43e
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sat, 30 Nov 2024 10:51:51 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 86D9 43 B
114 B 1629ms
60ms Image
image/gif 5.135.209.104
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-3RWKxHF7gS6-EVIvo4Cme4v-6YFl67Q52m8g8w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.104 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip104.ip-5-135-209.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date: Sat, 30 Nov 2024 10:51:51 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 86D9 0
99 B 1623ms
63ms Image
text/plain 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-j-fsG3F7gS6-EVIvo4Cme4v-6YGpYLXi4QXIYQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt: 35862
date: Sat, 30 Nov 2024 10:51:51 GMT
server: nginx
access-control-allow-credentials: true

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 86D9 49 B
342 B 660ms
93ms Image
image/gif 185.255.84.153
IGUANE-FR Iguane ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-aANEKnF7gS6-EVIvo4Cme4v-6YEk2T2nDYWJLA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-FR Iguane Solutions SAS, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 0
x-content-type-options: nosniff
expires: 0
p3p: CP="CAO PSA OUR"
content-length: 49
date: Sat, 30 Nov 2024 10:51:50 GMT
content-type: image/gif
vary: Accept-Encoding
server: ayl-lb-fra02

GET
H2

200

rum
r.casalemedia.com/ Frame 86D9
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rHfsEnF7gS6-EVIvo4Cme4v-6YFRYCsNpCNSjg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rHfsEnF7gS6-EVIvo4Cme4v-6YFRYCsNpCNSjg&C=1

43 B
325 B

77ms
77ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-rHfsEnF7gS6-EVIvo4Cme4v-6YFRYCsNpCNSjg&C=1
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Oi9%2BXXHPC90TiDEH80ghQS5tkHDCC2d7tSDx6FRd%2BfsM0hFZZFQ%2Fp1kzM1LVNyx31XpoIHfyrhAIT0gGbWym3IXKhc7jzjtYEvEDmiosU1zWMrJu3Ry0mMXaEaQqbXN1LII"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eaa48d84947d27d-FRA
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Sat, 30 Nov 2024 10:51:50 GMT
content-type: image/gif
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: no-cache
location: /rum?cm_dsp_id=20&external_user_id=k-rHfsEnF7gS6-EVIvo4Cme4v-6YFRYCsNpCNSjg&C=1
cf-cache-status: DYNAMIC
pragma: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IuPR4flF9St2Zyyqg141h%2F5%2FBzRoG8kVxgFA0P%2FD2vdE61GuNuSct95S6rybgHLwUt27qm6bN5RGc3DLcKAa9n%2B3c%2BzJF2IzLBkRooEqRWg5lVP5nUF5qIMlj1lIsyj7nhCi"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eaa48d7a83ad27d-FRA
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Sat, 30 Nov 2024 10:51:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 86D9
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=y0kH5DaGz2Y9f94T9IR5Ad1FnW2IwHm4
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=y0kH5DaGz2Y9f94T9IR5Ad1FnW2IwHm4

42 B
716 B

74ms
74ms

Image
image/gif

52.212.192.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=y0kH5DaGz2Y9f94T9IR5Ad1FnW2IwHm4

Protocol

Server

52.212.192.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-192-25.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v069-0e8ac9087.edge-irl1.demdex.com 3 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: map+Vzz2Qn4=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Sat, 30 Nov 2024 10:51:51 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=y0kH5DaGz2Y9f94T9IR5Ad1FnW2IwHm4
dcs: dcs-prod-irl1-2-v069-0961f26fe.edge-irl1.demdex.com 0 ms
pragma: no-cache
x-tid: AJi0snEQS4I=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Sat, 30 Nov 2024 10:51:51 GMT

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame 86D9 43 B
1 KB 655ms
94ms Image
image/gif 141.95.98.64
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-93-Jm3F7gS6-EVIvo4Cme4v-6YGzyKyFMze0pw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
date: Sat, 30 Nov 2024 10:51:50 GMT
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 match
ad.360yield.com/ Frame 86D9 43 B
199 B 443ms
103ms Image
image/gif 63.33.115.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-As9HuXF7gS6-EVIvo4Cme4v-6YH9ihBXiLRTNQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 63.33.115.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-115-87.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin: *
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Sat, 30 Nov 2024 10:51:50 GMT
content-type: image/gif

GET
H2 200 sync
matching.ivitrack.com/ Frame 86D9 42 B
265 B 373ms
149ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-6yy3nHF7gS6-EVIvo4Cme4v-6YHxFKZwQOLjDw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
date: Sat, 30 Nov 2024 10:51:50 GMT
content-type: image/gif
server: istio-envoy

GET
H2 200 cksync.php
contextual.media.net/ Frame 86D9 59 B
832 B 568ms
262ms Image
image/gif 2.19.216.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-JC_De3F7gS6-EVIvo4Cme4v-6YH8jLU5EtRnrQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bd95e8a7f7c6225934f3f14a6cdc3876566284966667fc32f88fe141e3713da6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
pragma: no-cache
expires: Sat, 30 Nov 2024 10:51:50 GMT
x-mnet-hl2: E
alt-svc: h3=":443"; ma=93600
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-length: 59
date: Sat, 30 Nov 2024 10:51:50 GMT
content-type: image/gif
server: Apache

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 86D9 0
877 B 368ms
83ms Image
text/html 18.184.93.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-5r075XF7gS6-EVIvo4Cme4v-6YHchDPW96l8kQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.93.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-93-163.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache
content-encoding: gzip
date: Sat, 30 Nov 2024 10:51:50 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 86D9 43 B
423 B 898ms
206ms Image
image/gif 44.241.7.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-u7ViyXF7gS6-EVIvo4Cme4v-6YFJ0pIFtU4w2g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.7.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-7-64.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin: *
content-length: 43
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 30 Nov 2024 10:51:51 GMT
content-type: image/gif
server: nginx

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 86D9 0
218 B 609ms
193ms Image
text/plain 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-bF2-r3F7gS6-EVIvo4Cme4v-6YHZwv48x6w5LQ&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 0
date: Sat, 30 Nov 2024 10:51:50 GMT
x-traceid: 32676912f3330a832fbb96cc298ccd66

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 86D9 0
225 B 452ms
84ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-RqaWonF7gS6-EVIvo4Cme4v-6YE8p1LG0uZNBg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Sat, 30 Nov 2024 10:51:51 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 86D9 0
239 B 589ms
44ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-D7SS0XF7gS6-EVIvo4Cme4v-6YE3u5aznZz2kw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: b71bced807741b20dd93dce6c2d26405
Pragma: no-cache
Content-Type: image/gif

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 86D9 0
58 B 334ms
51ms Image
text/plain 3.72.38.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-3hworHF7gS6-EVIvo4Cme4v-6YFK3e-5QdjldQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.38.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-38-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H2 200 um
criteo-sync.teads.tv/ Frame 86D9 23 B
163 B 360ms
132ms Image
image/gif 2.19.217.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-KhUVk3F7gS6-EVIvo4Cme4v-6YG6WE_hXdYyrw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

expires: Sat, 30 Nov 2024 10:51:51 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
pragma: no-cache
date: Sat, 30 Nov 2024 10:51:51 GMT
content-type: image/gif
server: pekko-http/1.0.1

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 86D9 43 B
399 B 826ms
155ms Image
image/gif 54.243.100.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-3IojLXF7gS6-EVIvo4Cme4v-6YGMbCsqAYkhCg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.100.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-100-87.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 30 Nov 2024 10:51:52 GMT
content-type: image/gif
server: nginx

GET
H2 200 xuid
eb2.3lift.com/ Frame 86D9 37 B
140 B 237ms
60ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-rf_ONnF7gS6-EVIvo4Cme4v-6YHs8F7tNNSnNQ&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Sat, 30 Nov 2024 10:51:51 GMT
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 86D9 0
235 B 318ms
93ms Image
text/plain 23.213.165.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-PZYhbXF7gS6-EVIvo4Cme4v-6YGcZyPxeU9XfQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-82.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Expires: Fri, 29 Nov 2024 10:51:51 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Date: Sat, 30 Nov 2024 10:51:51 GMT
Connection: keep-alive

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 86D9 0
38 B 338ms
85ms Image
text/plain 52.214.170.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-ijEVPnF7gS6-EVIvo4Cme4v-6YHL7-3BrZe69A&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.170.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-170-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date: Sat, 30 Nov 2024 10:51:51 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame 86D9 0
44 B 243ms
50ms Image
text/plain 3.127.101.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-gJyX_nF7gS6-EVIvo4Cme4v-6YEoStdBBYcxmQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.101.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-101-141.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date: Sat, 30 Nov 2024 10:51:51 GMT
server: awselb/2.0

GET
H2

200

RX-a88a16af-7c92-4416-97e3-861cdcfc6cf2-003
sync.targeting.unrulymedia.com/csync/ Frame 86D9
Redirect Chain

https://sync.1rx.io/usersync/criteodsp/k-0DQc9HF7gS6-EVIvo4Cme4v-6YE4_nDIqzQ2oQ
https://sync.1rx.io/usersync/criteodsp/k-0DQc9HF7gS6-EVIvo4Cme4v-6YE4_nDIqzQ2oQ?zcc=1&cb=1732963911741
https://sync.targeting.unrulymedia.com/csync/RX-a88a16af-7c92-4416-97e3-861cdcfc6cf2-003

43 B
378 B

258ms
67ms

Image
image/gif

46.228.174.117
Amobee NEXXEN GRO...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-a88a16af-7c92-4416-97e3-861cdcfc6cf2-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Sat, 30 Nov 2024 10:51:52 GMT
content-length: 43

Redirect headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
location: https://sync.targeting.unrulymedia.com/csync/RX-a88a16af-7c92-4416-97e3-861cdcfc6cf2-003
date: Sat, 30 Nov 2024 10:51:51 GMT
pragma: no-cache
content-type: text/html

GET
H2 200 35b2b8992307607ef42189f622f286e4.png
rawlsmd.com/wp-content/uploads/2016/10/ 680 B
1 KB 85ms
84ms Other
image/png 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/uploads/2016/10/35b2b8992307607ef42189f622f286e4.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af4da055de235629bf7524b477430093e8ca78b2d31956457e159cf71f5348c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: HIT
etag: "5d0b8f90-2a8"
age: 1578233
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6eAeV01MB%2BquWhESDxL8stXX7umozVNxegGtVThyGy8eHGQ%2FhEqoXYqXyvr58GF1wmNmEHeVewY%2F8GFLm5zGJQDckqPY9%2FuNi7Uy3Bf%2F33rvGiDccpZrXkUwUM1V"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:51 GMT
content-type: image/png
ki-cf-cache-status: HIT
vary: Accept-Encoding
last-modified: Thu, 20 Jun 2019 13:52:16 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,70fb0444b90e618a2ac82abce24cc6d78e9ff0eeacf0399321daefeecb2a5837
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48de4b5b903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 680
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 setuid
ib.adnxs.com/ Frame 86D9 43 B
1 KB 47ms
47ms Image
image/gif 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-9lTJAXF7gS6-EVIvo4Cme4v-6YHTsLJQ_6a2XA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 185.198.62.224; 185.198.62.224; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 4d28830c-f810-4cf1-a9cc-6bf1fd0c2261
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sat, 30 Nov 2024 10:51:51 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

GET
H2 200 cropped-web-icon-07-32x32.jpg
rawlsmd.com/wp-content/uploads/2017/08/ 690 B
1 KB 97ms
97ms Other
image/jpeg 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/uploads/2017/08/cropped-web-icon-07-32x32.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a3273e19923d42bd49f36608ac0b528e87f33d7d1de2a5e16e19e62c4766624

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/unlocking-lyme-extras

Response headers

cf-cache-status: HIT
etag: "5d0b925e-2b2"
age: 61309
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GUG4GUKIogliGnt4ufe8DUwbZfYSOKlGhsTAug%2FXLW76UPSWFCtq28KR5RtvlMlXF31X%2FvaG0aYaUwApya%2Ff8kTAvS9lZp8h8cSCoDUP9bBTU3cHQ5NqRsXZ1Wr4"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:51 GMT
content-type: image/jpeg
last-modified: Thu, 20 Jun 2019 14:04:14 GMT
vary: Accept-Encoding
ki-origin: g1p
ki-cf-cache-status: HIT
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,34b8941117c1585d464ad6bd3d1950bbdc64c74fce9e075266163a1e05b7cb6d
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48deebcd903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 690
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 22 KB
2 KB 77ms
77ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600&family=Roboto%3Aital%2Cwght%400%2C400%3B0%2C700&family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C600&display=swap

Requested by

Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/4.22b86587.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

86f2a3e29ebd3c107197a943a34c59483cc513b3d34a63b23e307b4d3878d10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://rawlsmd.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 30 Nov 2024 10:51:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 10:51:51 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 30 Nov 2024 10:51:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 49ms
47ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600&family=Roboto%3Aital%2Cwght%400%2C400%3B0%2C700&family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://fonts.googleapis.com/

Response headers

age: 272846
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 07:04:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 07:04:26 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
0 47ms
46ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://fonts.googleapis.com/

Response headers

age: 272846
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 07:04:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 07:04:26 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
0 47ms
47ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://fonts.googleapis.com/

Response headers

age: 272846
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 07:04:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 07:04:26 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 105ms
104ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/wp-content/uploads/fusion-styles/5815bb4cda8cbc8d64ac20851e9e3d7b.min.css?ver=3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://rawlsmd.com/

Response headers

age: 336790
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 13:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 13:18:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
0 106ms
106ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://fonts.googleapis.com/

Response headers

age: 336790
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 13:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 13:18:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
0 106ms
106ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://fonts.googleapis.com/

Response headers

age: 336790
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 13:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 13:18:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 110ms
110ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://fonts.googleapis.com/

Response headers

age: 378547
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 01:42:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 01:42:45 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 134ms
134ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://fonts.googleapis.com/

Response headers

age: 391949
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 21:59:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 21:59:23 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
0 135ms
135ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://fonts.googleapis.com/

Response headers

age: 391949
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 21:59:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 21:59:23 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H2 200 awb-icons.woff
rawlsmd.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 21 KB
0 0ms
0ms Font
font/woff 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawlsmd.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff

Requested by

Host: rawlsmd.com
URL: https://rawlsmd.com/wp-content/uploads/fusion-styles/5815bb4cda8cbc8d64ac20851e9e3d7b.min.css?ver=3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

288d156b63cea15974f8ced0963ccc03ca9688a0e2da4af409339c065faab72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://rawlsmd.com
Referer: https://rawlsmd.com/wp-content/uploads/fusion-styles/5815bb4cda8cbc8d64ac20851e9e3d7b.min.css?ver=3.9.1

Response headers

cf-cache-status: HIT
etag: "63b6bb98-5224"
age: 2591767
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RuIY2kWCeNIKIV9doHu0x7bBsoSl%2FElT28BEfTMJQmMAgGRYgbL1Wmzotgj3SOEHNxep23CwRiPgS4Oh1rfc%2BXbiF%2BkHzRxN3EqH9dABialWRLYyIv3jJ83wfyQ2"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 30 Nov 2024 10:51:43 GMT
content-type: font/woff
ki-cf-cache-status: HIT
vary: Accept-Encoding
last-modified: Thu, 05 Jan 2023 11:59:20 GMT
ki-origin: g1p
ki-cache-tag: ae54f65c-b080-4919-a099-c12452824cdb,c06a7eb54462aab5fc689fd40f5473a8aa33e98c415eebe1b0d7dd468190a40e
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8eaa48acc962903c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21028
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET ba7c55a4804a893d5c4b09500ac29423-optin.json
a.omappapi.com/app/campaign-views/5c1ff720bb3b/qadxeralwqfdwi2ed5z3/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=pk_7cc3bb3f77ecfaf53a5640236757e497f3

Domain: rawlsmd.com
URL: blob:https://rawlsmd.com/583d028d-2d13-461d-8de6-d2163c4a3d55

Domain: rawlsmd.com
URL: blob:https://rawlsmd.com/baf5cc8f-68ec-4ff4-9231-d4f58a4e791d

Domain: a.omappapi.com
URL: https://a.omappapi.com/app/campaign-views/5c1ff720bb3b/qadxeralwqfdwi2ed5z3/ba7c55a4804a893d5c4b09500ac29423-optin.json

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rawlsmd.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5793e181dbdb20ec7d0d3bf928c11533
rawlsmd.com/	1970-01-21 01:22:47	Name: NCS_INENTIM Value: 1732963903
rawlsmd.com/	1969-12-31 23:59:59	Name: bff375220b13b38d469693406fc7979f Value: 256f40d7fa29adc2f8d066ddd800c678
rawlsmd.com/	1969-12-31 23:59:59	Name: SJECT16 Value: CKON16
rawlsmd.com/	1970-01-21 01:22:47	Name: JCS_INENREF Value:
rawlsmd.com/	1970-01-21 01:22:47	Name: JCS_INENTIM Value: 1732963904825
.rawlsmd.com/	1969-12-31 23:59:59	Name: IR_gbd Value: rawlsmd.com
.rawlsmd.com/	1969-12-31 23:59:59	Name: IR_12659 Value: 1732963904804%7C0%7C1732963904804%7C%7C
.rawlsmd.com/	1970-01-21 01:24:10	Name: wickedfu_null Value: %7B%22url%22%3A%22https%3A%2F%2Frawlsmd.com%2Funlocking-lyme-extras%2F%3Futm_source%3DDirect%26utm_medium%3DDirect%26utm_campaign%3DDirect%26utm_content%3Drawlsmd.com%252Funlocking-lyme-extras%26utm_term%3DOrganic%2520traffic%22%2C%22referrer%22%3A%22%22%2C%22time%22%3A1732963904848%2C%22c%22%3A2892%7D
.rawlsmd.com/	1970-01-21 03:32:19	Name: _gcl_au Value: 1.1.431544078.1732963905
.rawlsmd.com/	1970-01-21 03:32:19	Name: _fbp Value: fb.1.1732963905347.678138857645554614
.rawlsmd.com/	1970-01-21 10:58:43	Name: _ga_SEKTF469LJ Value: GS1.1.1732963905.1.0.1732963905.60.0.0
.rawlsmd.com/	1970-01-21 10:58:43	Name: _ga Value: GA1.1.388616825.1732963905
.rawlsmd.com/	1970-01-21 01:24:10	Name: _uetsid Value: 17e8d8b0af0911ef8a7873057c2c66e9
.rawlsmd.com/	1970-01-21 10:44:19	Name: _uetvid Value: 17e8c520af0911ef82436bed3170704d
rawlsmd.com/	1970-01-21 01:22:44	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1732963906261%7D
.rawlsmd.com/	1970-01-21 10:08:19	Name: _pin_unauth Value: dWlkPVlXTTBZek15WldRdFpqQmpPQzAwTlRRekxXRmxOelV0WkRaaU5tRTNNVGd4WVRGaw
.pinterest.com/	1970-01-21 10:08:19	Name: ar_debug Value: 1
.bing.com/	1970-01-21 10:44:19	Name: MUID Value: 1EEDBDED8BB96417361BA8AA8ACE6570
.rawlsmd.com/	1969-12-31 23:59:59	Name: cebs Value: 1
rawlsmd.com/	1970-01-21 10:58:43	Name: _omappvp Value: vFXHfGGtkbRq1ic3pseHXmCVo2qrs64Z7d4wmjBM1nxkqtYmg80IESo9W9jmlJDLqSjHdCshtb9yMfW35tiMY9CT1QWFuAJ0
rawlsmd.com/	1970-01-21 01:22:45	Name: _omappvs Value: 1732963906510
.adnxs.com/	1970-01-21 10:58:43	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:32:19	Name: XANDR_PANID Value: SBJwFg82hklz-Y4HY3VgI8fxD1wYBskvNJgGK62yiatlR7Ow9KA3yH894iF2E-gj-yookx28udGuONAu_4bWSIwcSFwNHxrorm0mGw_hJYc.
.adnxs.com/	1970-01-21 03:32:19	Name: uuid2 Value: 2903052867774048992
.criteo.com/	1970-01-21 10:44:19	Name: uid Value: 84d9e66e-ee90-4d19-b06f-6adb18c98235
.criteo.com/	1970-01-21 10:44:19	Name: receive-cookie-deprecation Value: 1
.rawlsmd.com/	1970-01-21 10:52:07	Name: cto_bundle Value: Afk2-V9XTHNzNVNGSWk5NnMwYSUyQmxMMkYxNkhrTzZMJTJGTVAyZGFjQURDbTAlMkJuVm1XMHY5JTJGUFRGUDBHWEF1cE5oOWoxWHlIc1RZNTNZZUswOEdITnlzVkdsSlJGWGxmWmNnaGZEJTJGJTJGRDRYMjg5bDRJUFhyUW5IQXhsUHNuTUxrR3ZOcTc3TXdoS3lqMkRGaWdmYWdKMjBCNjlPWHclM0QlM0Q
.linkedin.com/	1970-01-21 10:08:19	Name: bcookie Value: "v=2&f1d4cc86-c566-4838-8cb8-2815ecd02339"
.linkedin.com/	1970-01-21 05:41:55	Name: li_gc Value: MTswOzE3MzI5NjM5MDc7MjswMjE8COOSHfT40WyfsajsQcXKyKxI8i1f9T6xfyBpEBv6Vw==
.linkedin.com/	1970-01-21 01:24:10	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3382:u=1:x=1:i=1732963907:t=1733050307:v=2:sig=AQFva_2WG0RGlYYZm0wrkMvZ9n89dLvf"
.rawlsmd.com/	1970-01-21 01:24:10	Name: _ce.clock_data Value: 330%2C185.198.62.224%2C1%2Ca11f5da7336cfe2e2fd950a3d968fdb0%2CChrome%2CIT
.rawlsmd.com/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.rawlsmd.com/	1970-01-21 10:08:19	Name: _ce.s Value: v~80276e09eb065c0626a7b5e41dc2b2dafafd7d53~lcw~1732963907259~vir~new~lva~1732963906429~vpv~0~v11.fhb~1732963907257~v11.lhb~1732963907257~v11.cs~242526~v11.s~188301a0-af09-11ef-bcca-fb846219114d~lcw~1732963907259
.casalemedia.com/	1970-01-21 10:08:19	Name: CMID Value: Z0ruRrlQJM4AAEJcApDaIwAA
.casalemedia.com/	1970-01-21 03:32:19	Name: CMPS Value: 294
.casalemedia.com/	1970-01-21 03:32:19	Name: CMPRO Value: 294
.omnitagjs.com/	1970-01-21 02:05:55	Name: ayl_visitor Value: bbe070ffc0fb3773aeac956d708f3950
.criteo.com/	1970-01-21 10:44:19	Name: cto_bundle Value: WZAlXF9nWkpGR3l4cTlKTlFWZ0U1eUJCJTJGSmY4TmUyJTJCdnpzSERQTmJQT3RwYVRLJTJCQmFLNHhDR3l5WWgzN0JLbmhZNldMZkp4bFR3SVJMblVJQU5JMlZiRTJzTFIlMkJ2SXBEVkEyWllGR3o2SjJzV3JxeGtIT2tVNTclMkZ4S203Tm1tVnJ6QlE
exchange.mediavine.com/	1970-01-21 01:42:53	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%221a9f2ae0-af09-11ef-9875-0106ec1c7380%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 01:42:53	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%221a9f2ae0-af09-11ef-9875-0106ec1c7380%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 01:42:53	Name: am_tokens Value: %7B%22mv_uuid%22%3A%221a9f2ae0-af09-11ef-9875-0106ec1c7380%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 01:42:53	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%221a9f2ae0-af09-11ef-9875-0106ec1c7380%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 01:42:53	Name: criteo Value: %7B%22id%22%3A%22k-5r075XF7gS6-EVIvo4Cme4v-6YHchDPW96l8kQ%22%2C%22version%22%3A%22criteo%22%7D
.media.net/	1970-01-21 10:08:19	Name: visitor-id Value: 3759655107718439000V10
.media.net/	1970-01-21 02:05:55	Name: data-c-ts Value: 1732963910
.media.net/	1970-01-21 02:05:55	Name: data-c Value: k-JC_De3F7gS6-EVIvo4Cme4v-6YH8jLU5EtRnrQ~~3
.postrelease.com/	1970-01-21 10:08:19	Name: opt_out Value: 1
.doubleclick.net/	1970-01-21 10:58:43	Name: IDE Value: AHWqTUlufMuhx9ISTW5Ggj_53gJz_n79e8Kepxh5qD90pFdfOqjyTjJ8fOCuCANix_I
.demdex.net/	1970-01-21 05:41:55	Name: demdex Value: 10067789626976695120723184662428213230
.adnxs.com/	1970-01-21 03:32:19	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2Hb=tH3:I!A#FI(<h!zS[j?WZ61qvV4sXEzbz-h1dB+[p4lHwV>ZG2YuICqI2r/NkyHoK(RnD(`GhOaaS(j#iP(Md+>)fy]N2VdW
.dpm.demdex.net/	1970-01-21 05:41:55	Name: dpm Value: 10067789626976695120723184662428213230
.1rx.io/	1970-01-21 10:08:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a88a16af-7c92-4416-97e3-861cdcfc6cf2-003%22%7D
.tremorhub.com/	1970-01-21 10:08:40	Name: tvid Value: b19a3a5a686f4cc498f29e3b0fc9cf63
.tremorhub.com/	1970-01-21 02:05:55	Name: tv_UICR Value: k-3IojLXF7gS6-EVIvo4Cme4v-6YGMbCsqAYkhCg
.targeting.unrulymedia.com/	1970-01-21 10:08:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a88a16af-7c92-4416-97e3-861cdcfc6cf2-003%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.klaviyo.com
a.omappapi.com
ad.360yield.com
ad.yieldlab.net
addsearch.com
amplify.outbrain.com
analytics.google.com
api.omappapi.com
assets-tracking.crazyegg.com
bat.bing.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
d.impactradius-event.com
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
extras.unlockinglyme.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
pagestates-tracking.crazyegg.com
pixel.rubiconproject.com
px.ads.linkedin.com
r.casalemedia.com
rawlsmd.com
rtb-csync.smartadserver.com
s.pinimg.com
script.crazyegg.com
secure.adnxs.com
simage2.pubmatic.com
snap.licdn.com
sslwidget.criteo.com
static.criteo.net
static.klaviyo.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
sync.targeting.unrulymedia.com
td.doubleclick.net
tr.outbrain.com
track.wickedreports.com
tracking.crazyegg.com
visitor.omnitagjs.com
wave.outbrain.com
widget.us.criteo.com
widget.wickedreports.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.klaviyo.com
www.rtb123.com
x.bidswitch.net
a.omappapi.com
rawlsmd.com
static.klaviyo.com
104.17.25.14
104.18.27.193
104.19.148.8
13.107.42.14
13.35.58.27
141.226.228.48
141.95.98.64
142.250.184.238
142.250.185.106
142.250.185.195
142.250.185.66
142.250.186.131
142.250.186.162
142.250.186.66
150.171.27.10
157.240.252.35
157.240.253.1
162.159.134.42
162.159.135.42
172.217.18.104
172.64.147.119
172.66.42.248
178.250.1.11
178.250.1.3
178.250.1.9
18.172.112.117
18.184.93.163
185.255.84.153
185.64.191.210
185.89.210.212
2.19.216.27
2.19.217.101
2.19.224.184
212.102.46.118
216.239.36.181
216.58.206.68
23.213.165.82
23.32.185.60
3.127.101.141
3.72.38.170
34.117.157.22
35.186.249.72
35.214.136.108
37.252.173.215
44.241.7.64
46.137.150.200
46.228.174.117
5.135.209.104
52.212.192.25
52.214.170.42
54.147.125.227
54.243.100.87
63.33.115.87
67.225.220.126
69.173.144.138
70.42.32.159
74.119.117.16
74.125.71.155
76.223.111.18
88.221.110.136
99.80.22.109
99.86.4.88
0750ec8d1dbe19502fce56357d68de36a83aeee014c378e8481e94f9199a3559
0924e1de911e85483448a331e1e13772fd2ea0251f7f0c085c923c8a8b3ba9af
09d89d465f9b5064a168a6f4d2576e5a5cd58efa54d2b254128832ef42616e17
0af4da055de235629bf7524b477430093e8ca78b2d31956457e159cf71f5348c
0ce11e40719114ac6bec1e8928da11a332d522cfd34f9f8d5dcae635320cfced
0d16fd6a34517f29f62a8248d8fd9fc57748cdeee291a9f26e221ad9224bfad7
0f919f4f75c6d63deeb97511e71e324b7d400bf98dc65cd7cbe899f72f3c96da
10bef3b064f8cca0d068891052b927a95f9a10db372a59a0099743046785d43a
11939010f3ca7630ce649deaef8dd2ba4d929fb8250dbe9c909c9b0849c91e46
122cf07f8ec136404181b3d508b3cd59fac72b618fda1153741db6811b81491d
140eedc23b5929c1bb8a74d021936779b48156ccb5445431659d656f8aa104cd
156d69628f410cfbd7372e602e225b996df87c19f9b84d2002be4cf3a825f986
1a4449ad8d386faf673b394cef17a6f181f8f9b487164565ae0b890c0a4a78b3
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d8d207fa2356ff8144dddd5fc054ed942f68c4cf4f8c65e957f1d05e89f17fc
215d04e8a15809c25cc259626bfdf609ea695c32199d1b1b482cf7395a19faaf
269a58024d3bc491ce380fa2fc55ce0afc335b66c5fe9d40cfb0963c9777c333
288d156b63cea15974f8ced0963ccc03ca9688a0e2da4af409339c065faab72f
28eadb514a489c24eba0e5d54ec975ea2e68599742bb8244a66c34bef772835a
2c9245c0246a9c745793c7eaa9cc1fc964a12570009031ea0223115bec6e9426
2cd99e9de6574beb0980a544dd061f6bd4dc1f961522374814e232ba40414e07
2e7040ade4291db50d1fc733c01614e563bfb93be310874b5226670642c45d77
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33d34d28eec8ceca6c03b00a6e32e4b62c8f7031af7f665faae4edbcd06db9d3
35b137aac13ccdefc4116a827dffd01c0e919c1436c5b1d0f5ed9089859ae26c
36e82fcc14bb45f4f40d07b4f195505ecd4b0db1cd3aca1e70dfd5136d2065fe
36fff107db5298724b3acc76f374ab35db4ce90067347613a2ebbcbafd28caa6
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38fa0b6989fd7990e69409c0398ab6854799c045a80d367adbb902ea40a1152d
391ea3554dd46b2c0159d7dbfa4449ad62b566ad019f11342350de2c7d32239a
39bb5021d0931d53358aacc884ca5af95bc5cb960c2dc459f4955c80d6f2ab12
39dd4eedf59461aa0bb42f57f4663d3b3224f5efcdf95f7e571e829aae135905
3a3273e19923d42bd49f36608ac0b528e87f33d7d1de2a5e16e19e62c4766624
3a905d75b2af739dfb798031e6cccdaa16a04a8b9112931fe8ecdb80e1434817
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
424d621f24b67f04b66742bab5e94c7a5279bca1184799322b64540337638902
42f4b1dfdac31e58f13e7f873f6fcbf3e0db8685c5f4d0a36bd87153008d5a36
42fef7a7c13be12c7c7e48756a9d7798df382decf4d132b5e2843cec70c79636
432522c649156a48eeb2bd8dc343de5e4b58d622a35bc5bf20498f1c74a7f9dc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45517fc587c421319770b8a0a613934142385573b6a2fcd1e97caa3c4da0ea1e
46be8975c077af9ee628b95903df417598a0df10350acb20e678ab3fe9a54f36
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d794fd0796f710f76d3e1e15113532da5c45ce705dcab6de88a120e9b467313
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2818d7620ede1e7f2b333529467365fd1b51264f1259f2ffd60e751d2ac2f5
50d4871c4adadf03dbd85520f320580ed7527927ad689d2fb7c5482e4f47cc0b
50e492a726af4a2c4e0d057841683e03369d42cb81f0519ee19ec9d6e004f002
51912db19cbbd6f3a18bd917148f307c000d1721a43803f0564bdc001944f21f
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
53223a44b83ee4eb90c46221d3a056cc405656bbb35351ea0c5038feb712383c
53fde8a20646f8fda0761032c1b1eaa0efb3e210784713d46ed98688dc7b312b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
60a7eb0f25425d3cb621d7ad641aa292dfaec0a6b886234c427721ba7194c431
65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d
6753b4b0cbc3c99e713bdc896de395bf1eb5246e2ff96555151fa515bda7cd78
6aa736f40eaad43214fcf3866fa8b56f002668d2da78b570a758241ee44c0046
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
6ef8f643ab0cc60bfe24a11e377ef31232d655c23046d8cba5a0bdfb866c44cf
6fe98c121585cb0e0008f576c076fb5bec11a5567af9aed82ca8d72993cbdeef
71a7d80995d742a26196e7af621a50daa08e0812fbb07c32b4d0374f42af0e13
7c345c812c6c32c007d7fe0f4968df8f847ea5006e76c8633da70d446b1936a5
7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f
7d5c91bba288f8d52bece6eb27a646578f0c935f8890f9f1fb5349060c7ce77b
7d83be6c00b69fd13021966579f40390e19a7638de7a33fbb01997f793937432
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
82743b3378fbfc777e764d0e9f107afc8948686518cc57676a6ef77ee56199a0
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
83238a9c118b388bee1eede2f1c04b6441ac0c4a543f502457e3d2309a9d3e99
838c7bdf2d92bc0f36f690776dba53c2718f84f2b1f9b1e403df8e1ad652d7cb
83a3d365514cd49659d6d7906936b0f3ac0db4d743643006afdbe09f6d5b3d03
85ab852bfb2016bce3933a1c7107b1bce807179f46364db291ab1f86b89addbb
86f2a3e29ebd3c107197a943a34c59483cc513b3d34a63b23e307b4d3878d10f
87c631607d118e02e847112aca0a2800bfd2a9cfe5bc01b48eeb60b0ff86804c
88683b0a41b07f465377c8846933bdfb1e57fc9a54accef3e5fd0125bd052cc7
88a7e4cccc0b6c41c2083d7ab0ee74767320246b2ce97fa78339068b15fbb854
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8f299bce1c4968647aa3727f390aef0cd75da150a614ae61540d6cce44207e20
944bb3e58c4315d2107aee6465710dbce7e8920c049d2aba3e09fefad12f1210
94c50b068aea2eda22067ace33aaafd0bdf19602f9ca60c344ecd585656b9d0c
95b722a5c204d0169ea7dc7c0901ad7759b133c287b9d1aab370ad9bccd24142
966784b5a88273fa12129967a5d9bd80ae945d105be69e378d03b8e48755f328
991d494be54f4f4777d6941532633b89976ed82be1c46275d910c1407d022725
997accfe3abb61f45ffa8ea738e0e671d41ec3582e3d41b7bd08c10961edfaf4
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9ee00d07b79fe34f2bd25d5b4341483cc9b3561b414a986f542c9f903acc2835
9f30df20011e2f1a7871fd83d8c2178efa8bbf89dc357fec96efd3cd6432458a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11a82d5758aee9e63c308102660804c6bb56153947c30c4d1fbda07853cb696
a258fa2108c7a4579876f75154378f19e3ee8af7753499bad8bfb18b56cb6dfc
a4e8946f4edbc204e4e4822f96b08991f6d435b241d042936d9950a1c7434bdb
a8b108611bcd7d4e51584c02972607a10fd79f9df3a4ecec7693255b2d6d040b
a95f4f272fb7ee161327a5f3f4f669d3d5a7974b6bba7cb936b01b5468394ab4
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
aaed3504461ad7101cef967c5039ce3f86b9eec883221a5e031d9fc0d51796b9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b536245d5d1912397f06964694ae416b45a26a3bc39021850852c647bee46bab
b74487af8761c9be10987f564aca761a5202c43ab28309c5cf8d2ea81d677d73
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd95e8a7f7c6225934f3f14a6cdc3876566284966667fc32f88fe141e3713da6
bdb8502b4d4bd98d6fb098227f16e29f0af77af571a3cd832431a661a3ace705
bf283fef88d8fe04783a585b86d196a404a9b2d3ed87fad6758db1ab311fd0e0
c023a36431f7d6f99fb694271b2e2680103597064824b55b52fa40a00bed11ad
c487d98d4ea923fe8b34266bf0b65b3c5a3b0e967c50649c19da939e01f4209e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba
cce85c90852b56cfdeceadeea42fd5425fc1329238897ff2809f45894e71e6ad
cd699f823c0e680bd67d976dd24e1bdfc7e87c7661fadd9ec93bcb91f65961e5
cedc9155263d1f634191e71f3c9ce256b315f833e375739ed0e65087996428cc
d0d8934208c6fe6723cddab3cc0e7f966557c8822091717a40c033e78114210d
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d29ba44bdf1fca56280b0637f8e7b3980bc7b92c2eef607f3a35d23954f41cbf
d7a3cf12cd23aadd1bb7394728c9a160c9c223aac6703bf204734eed3ed541be
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dc510b264cc5b68ed3dd91056d54b022dac511df6f4f3c8051b5562aad7912ca
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e37dcb6f734d00d75a25fbf066e04283dbc5167fef68c8bff5e0977b83a3f3ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8456f64408384b987373a2be657830e8a667d802d40d1a2f040c93367bb3d68
e92b5c4af8c5c6115f09955c6aa8577a45c65effe782e0593540f09177f69a29
eac162ef915fcffef4fc0fb6725b1afffc122b6a0ba4ab52d8d3589ecacda4c8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
eff50ee97749192a01ffbe5c7d7b3b88d11cc53dcbd6d659b22b37e8cc0754d7
f0a0d87f2d0f9b7a37982c54b57129bf7d2b74b6e401cdd9adbe43e760c89bc3
f11b59029aa57b52e4d5a99995674982b2c497e7719a7e4dc5d342b182b29082
f14b33b9d5a249b41c2c3ab1065df21780f8d7d681c6a745244848dff1845c58
f81f06a4f45daabf72ecde445bdab7f0656fb4741aabd4cf975853f8b2d75a0c
f86b5d7a69cbcd24e1c526efe4e8fa053d771030ab13876efeba49826756cbf1
fc38036b9435ab0d45ee588893c7a800b98347687dce2700f29b326fb136dcbe
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
fe695f21d2983c4a04ad1b422f791ad13fa4ed70bbf5c40297b15a352b41e341

rawlsmd.com Open in urlscan Pro 162.159.135.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

179 Requests

93 %HTTPS

0 %IPv6

50 Domains

69 Subdomains

61 IPs

8 Countries

2642 kBTransfer

6420 kBSize

56 Cookies

15 Outgoing links

Page URL History

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rawlsmd.com Open in urlscan Pro
162.159.135.42 Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

93 %
HTTPS

0 %
IPv6

50
Domains

69
Subdomains

61
IPs

8
Countries

2642 kB
Transfer

6420 kB
Size

56
Cookies

179 HTTP transactions
7 data transactions