secure07b-connect.itsaol.com Open in urlscan Pro
147.182.162.240 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secure07b-connect.itsaol.com/
Effective URL:
https://secure07b-connect.itsaol.com/
Submission: On December 25 via api (December 25th 2024, 7:12:16 am UTC) from US — Scanned from NZ

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 22 domains to perform 62 HTTP transactions. The main IP is 147.182.162.240, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is secure07b-connect.itsaol.com.
TLS certificate: Issued by E5 on December 3rd 2024. Valid for: 3 months.

This is the only time secure07b-connect.itsaol.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	147.182.162.240 147.182.162.240	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2404:6800:400... 2404:6800:4006:814::200a	15169 (GOOGLE) (GOOGLE)
2	23.22.127.44 23.22.127.44	14618 (AMAZON-AES) (AMAZON-AES)
5	2404:6800:400... 2404:6800:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
2	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
1	2404:6800:400... 2404:6800:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4006:813::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.71.67 142.250.71.67	15169 (GOOGLE) (GOOGLE)
1	172.217.167.68 172.217.167.68	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:db0... 2a02:6ea0:db00::11	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	2406:2600:7:1... 2406:2600:7:100::d	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	18.67.95.221 18.67.95.221	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:221... 2600:9000:2215:1c00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::69 2620:1ec:bdf::69	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	23.48.247.236 23.48.247.236	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	23.221.133.140 23.221.133.140	16625 (AKAMAI-AS) (AKAMAI-AS)
2	157.240.8.35 157.240.8.35	32934 (FACEBOOK) (FACEBOOK)
2	52.250.45.119 52.250.45.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	108.158.16.107 108.158.16.107	16509 (AMAZON-02) (AMAZON-02)
1	3.208.153.251 3.208.153.251	14618 (AMAZON-AES) (AMAZON-AES)
1 4	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd)
1	172.217.167.102 172.217.167.102	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4006:814::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.66.230 142.250.66.230	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b130:6a2e:9644:9d1:f0f2	14618 (AMAZON-AES) (AMAZON-AES)
1	44.194.222.109 44.194.222.109	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:809::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c04::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.204.3 142.250.204.3	15169 (GOOGLE) (GOOGLE)
3	20.122.63.128 20.122.63.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2406:2600:7:1... 2406:2600:7:100::9	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	134.209.162.206 134.209.162.206	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	20.125.62.241 20.125.62.241	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
62	34

5 147.182.162.240 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: jointhealthactivator.com

secure07b-connect.itsaol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:814::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.22.127.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-127-44.compute-1.amazonaws.com

secure.revitalizejoints.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4006:80f::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:80f::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:813::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.71.67 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.167.68 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:db00::11 (Sydney, Australia)

ASN60068 (CDN77 Datacamp Limited, GB)

tags.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::d (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.95.221 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-95-221.syd62.r.cloudfront.net

d9i5ve8f04qxt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2215:1c00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::69 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.48.247.236 (United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-48-247-236.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.221.133.140 (Rehovot, Israel)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-133-140.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.250.45.119 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.158.16.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-16-107.syd62.r.cloudfront.net

d1pqvb2h9xgm7r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.153.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-153-251.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.10.30 (Cyprus) 1 redirects

ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-10-30.rtbhouse.net

us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.167.102 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f6.1e100.net

14623190.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:814::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:6a2e:9644:9d1:f0f2 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.222.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-222-109.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::181 (United States) 1 redirects

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:809::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::9a (Singapore, Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net

www.google.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::9 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.162.206 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

service3.purehealthresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.125.62.241 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 625 p.clarity.ms — Cisco Umbrella Rank: 9040 c.clarity.ms — Cisco Umbrella Rank: 1269	31 KB
5	doubleclick.net 14623190.fls.doubleclick.net — Cisco Umbrella Rank: 648626 td.doubleclick.net — Cisco Umbrella Rank: 182 ad.doubleclick.net — Cisco Umbrella Rank: 145 stats.g.doubleclick.net — Cisco Umbrella Rank: 135	576 B
5	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3405 wave.outbrain.com — Cisco Umbrella Rank: 4277 tr.outbrain.com — Cisco Umbrella Rank: 3357	12 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	141 KB
5	creativecdn.com 1 redirects tags.creativecdn.com — Cisco Umbrella Rank: 6061 us.creativecdn.com — Cisco Umbrella Rank: 2955	4 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	429 KB
5	itsaol.com secure07b-connect.itsaol.com	274 KB
4	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3229 i.liadm.com — Cisco Umbrella Rank: 572 rp.liadm.com — Cisco Umbrella Rank: 966 rp4.liadm.com — Cisco Umbrella Rank: 5689	47 KB
4	cloudfront.net d9i5ve8f04qxt.cloudfront.net d1pqvb2h9xgm7r.cloudfront.net	22 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 142	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	202 B
2	criteo.com dynamic.criteo.com — Cisco Umbrella Rank: 3682 gum.criteo.com — Cisco Umbrella Rank: 450 sslwidget.criteo.com Failed	22 KB
2	gstatic.com fonts.gstatic.com	35 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	12 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	84 KB
2	revitalizejoints.com secure.revitalizejoints.com	2 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 205	775 B
1	purehealthresearch.com service3.purehealthresearch.com — Cisco Umbrella Rank: 310022
1	google.co.nz www.google.co.nz — Cisco Umbrella Rank: 41106	63 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
1	youtube-nocookie.com www.youtube-nocookie.com — Cisco Umbrella Rank: 3683
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
62	22

	Domain	Requested by
5	analytics.tiktok.com	secure07b-connect.itsaol.com analytics.tiktok.com
5	www.googletagmanager.com	secure07b-connect.itsaol.com www.googletagmanager.com
5	secure07b-connect.itsaol.com	secure07b-connect.itsaol.com
4	us.creativecdn.com	1 redirects secure07b-connect.itsaol.com
3	p.clarity.ms	www.clarity.ms
3	d1pqvb2h9xgm7r.cloudfront.net	d9i5ve8f04qxt.cloudfront.net
2	c.clarity.ms	1 redirects
2	analytics.google.com	1 redirects www.googletagmanager.com
2	td.doubleclick.net	www.googletagmanager.com
2	tr.outbrain.com	amplify.outbrain.com
2	www.facebook.com	secure07b-connect.itsaol.com
2	amplify.outbrain.com	secure07b-connect.itsaol.com amplify.outbrain.com
2	www.clarity.ms	secure07b-connect.itsaol.com www.clarity.ms
2	fonts.gstatic.com	fonts.googleapis.com
2	www.youtube.com	secure07b-connect.itsaol.com www.youtube.com
2	connect.facebook.net	secure07b-connect.itsaol.com connect.facebook.net
2	secure.revitalizejoints.com	secure07b-connect.itsaol.com secure.revitalizejoints.com
1	c.bing.com	1 redirects
1	service3.purehealthresearch.com	secure07b-connect.itsaol.com
1	gum.criteo.com	dynamic.criteo.com
1	www.google.co.nz	secure07b-connect.itsaol.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.google-analytics.com	secure07b-connect.itsaol.com
1	rp4.liadm.com	secure07b-connect.itsaol.com
1	rp.liadm.com	1 redirects
1	ad.doubleclick.net	secure07b-connect.itsaol.com
1	14623190.fls.doubleclick.net	www.googletagmanager.com
1	i.liadm.com	b-code.liadm.com
1	wave.outbrain.com	amplify.outbrain.com
1	b-code.liadm.com	www.googletagmanager.com
1	d9i5ve8f04qxt.cloudfront.net	www.googletagmanager.com
1	dynamic.criteo.com	www.googletagmanager.com
1	tags.creativecdn.com	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	www.youtube-nocookie.com	secure07b-connect.itsaol.com
1	fonts.googleapis.com	secure07b-connect.itsaol.com
0	sslwidget.criteo.com Failed	dynamic.criteo.com
62	37

This site contains no links.

Subject Issuer	Validity	Valid
jointhealthactivator.com E5	`2024-12-03` - `2025-03-03`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
secure.revitalizejoints.com Sectigo RSA Domain Validation Secure Server CA	`2024-06-03` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-03` - `2025-01-01`	3 months	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
1589314308.rsc.cdn77.org E5	`2024-10-16` - `2025-01-14`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2024-10-31` - `2025-11-28`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2024-12-09` - `2025-12-09`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2024-04-05` - `2025-04-30`	a year	crt.sh
*.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.co.nz WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
service3.purehealthresearch.com E6	`2024-12-02` - `2025-03-02`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://secure07b-connect.itsaol.com/
Frame ID: E6107B7527614A32BA598391C1D297D7
Requests: 51 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/Qt12taYAHXI?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Frame ID: CE6B6E1A184C98DA5BF6CEA41D70839A
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fsecure07b-connect.itsaol.com
Frame ID: 49480A8B7D6FD51F28C3ABB7E7232203
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AFA69B543BDBEBF9E6B2135352CBB29B
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/b-00mi?duid=bc6374f70603--01jfyah920qf5vmaqgkkngv9mw&euns=1&s=&version=v3.6.0&cd=.itsaol.com&pv=ddf1162e-0fa7-49bd-9ce6-a3a43076d634
Frame ID: 0CD435D41D8FF97766B247F00183AF44
Requests: 1 HTTP requests in this frame

Frame: https://14623190.fls.doubleclick.net/activityi;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=2677339878160;npa=0;auiddc=351449207.1735110730;ps=1;pcor=15487887;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101509156~101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F
Frame ID: 08FF07C43212BEB8B14EEC6C58CB0427
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=2677339878160;npa=0;auiddc=351449207.1735110730;ps=1;pcor=15487887;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101509156~101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F
Frame ID: BADE23DBCEB368A6ADF0BF30BEC5E20A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-633CCXW5Y6&gacid=1899179852.1735110731&gtm=45je4cc1v9171594360z89132898246za200zb9132898246&dma=0&gcs=G111&gcd=13v3v3v3v5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1280771644
Frame ID: 28EFCEB8E7396258EB0B2139C649AD45
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=secure07b-connect.itsaol.com&origin=onetag
Frame ID: E2BCC40967794079EA19FE3C1DC25600
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Joint Complex

Page URL History Show full URLs

http://secure07b-connect.itsaol.com/ HTTP 307
https://secure07b-connect.itsaol.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

62
Requests

84 %
HTTPS

43 %
IPv6

22
Domains

37
Subdomains

34
IPs

6
Countries

1114 kB
Transfer

2979 kB
Size

57
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secure07b-connect.itsaol.com/ HTTP 307
https://secure07b-connect.itsaol.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://us.creativecdn.com/tags/v2?type=json HTTP 307
https://us.creativecdn.com/tags/v2?type=json&tc=1

Request Chain 39

https://rp.liadm.com/j?dtstmp=1735110730969&aid=b-00mi&se=e30&duid=bc6374f70603--01jfyah920qf5vmaqgkkngv9mw&tv=v3.6.0&pu=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F&wpn=lc-bundle&wpv=v3.6.0&cd=.itsaol.com&c=PHRpdGxlPkpvaW50IENvbXBsZXg8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPjxoMSBjbGFzcz0idmlkZW8taGVhZGxpbmUiPkJvbmUgT24gQm9uZSBKb2ludHM_IFRyeSBUaGlzIDE1IFNlY29uZCBTb2x1dGlvbjwvaDE-&pv=ddf1162e-0fa7-49bd-9ce6-a3a43076d634 HTTP 302
https://rp4.liadm.com/j?dtstmp=1735110730969&aid=b-00mi&se=e30&duid=bc6374f70603--01jfyah920qf5vmaqgkkngv9mw&tv=v3.6.0&pu=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F&wpn=lc-bundle&wpv=v3.6.0&cd=.itsaol.com&c=PHRpdGxlPkpvaW50IENvbXBsZXg8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPjxoMSBjbGFzcz0idmlkZW8taGVhZGxpbmUiPkJvbmUgT24gQm9uZSBKb2ludHM_IFRyeSBUaGlzIDE1IFNlY29uZCBTb2x1dGlvbjwvaDE-&pv=ddf1162e-0fa7-49bd-9ce6-a3a43076d634&i6=MjQwNDpmNzgwOjU6ZGVmOjpjMmU%3D&n3pc=true

Request Chain 41

https://analytics.google.com/g/collect?v=2&tid=G-633CCXW5Y6&gtm=45je4cc1v9171594360z89132898246za200zb9132898246&_p=1735110729408&_gaz=1&gcs=G111&gcd=13v3v3v3v5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1899179852.1735110731&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1735110731&sct=1&seg=0&dl=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F&dt=Joint%20Complex&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=2729 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1899179852.1735110731&dbk=10989945081002407137&dma=0&en=page_view&gcs=G111&gtm=45je4cc1v9171594360z89132898246za200zb9132898246&npa=0&tid=G-633CCXW5Y6&dl=https%3A%2F%2Fsecure07b-connect.itsaol.com%3F

Request Chain 56

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B63EE1D4C52147FEBD8187AEFB23DCAC&RedC=c.clarity.ms&MXFR=07BBFC3BADCD6CE51043E95BA9CD62BF HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B63EE1D4C52147FEBD8187AEFB23DCAC&MUID=32446708ABA66CA92DDD7268AA5C6DDD

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
secure07b-connect.itsaol.com/
Redirect Chain

http://secure07b-connect.itsaol.com/
https://secure07b-connect.itsaol.com/

50 KB
14 KB

1062ms
451ms

Document
text/html

147.182.162.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure07b-connect.itsaol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 147.182.162.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jointhealthactivator.com
Software: nginx / Express
Resource Hash: 81970796dfb042e73ddc44c7642c5744158aac48437e65e00fca46c429e3add2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 25 Dec 2024 07:12:09 GMT
ETag: W/"c7f8-Tn3H+HFWQEs/y5yHd9NeLC7qKEk"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Express

Redirect headers

Location: https://secure07b-connect.itsaol.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
2 KB 398ms
168ms Stylesheet
text/css 2404:6800:4006:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap

Requested by

Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2698d1ea72f8cb956d690252e097acce37a5b722ff9bf1da499223e07b0e42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 25 Dec 2024 07:12:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Dec 2024 07:12:09 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 25 Dec 2024 07:07:09 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK play-img-d.gif
secure07b-connect.itsaol.com/img/video/ 191 KB
191 KB 228ms
228ms Image
image/gif 147.182.162.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure07b-connect.itsaol.com/img/video/play-img-d.gif
Requested by: Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 147.182.162.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jointhealthactivator.com
Software: nginx / Express
Resource Hash: d4ad32064fd80630bf6268c334ea5fa0e7a01828051761982d3c7c6c00708706

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

Cache-Control: public, max-age=0
ETag: W/"2fcbd-18fec5f3dcd"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 195773
Date: Wed, 25 Dec 2024 07:12:09 GMT
Content-Type: image/gif
X-Powered-By: Express
Server: nginx
Last-Modified: Thu, 06 Jun 2024 07:06:55 GMT

GET
H2 200 UCAffiliateNetworkPixel Show response
secure.revitalizejoints.com/cgi-bin/ 2 KB
1 KB 1031ms
264ms Script
text/javascript 23.22.127.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.revitalizejoints.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.22.127.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-22-127-44.compute-1.amazonaws.com

Software

Apache /

Resource Hash

0e9a75e38a031b9b09c05c8d122817256fac59698e92fce19dd1816c04a27ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
content-length: 855
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 25 Dec 2024 07:12:10 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Apache

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 426 KB
127 KB 423ms
193ms Script
application/javascript 2404:6800:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Requested by

Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a34faf97baf70a1f9a7e0f6c41c366ea1ccec4617b4587edb64f484d6912448a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 25 Dec 2024 07:12:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Dec 2024 07:12:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 25 Dec 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 129553
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 134ms
66ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-H2zil1XN' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 25 Dec 2024 07:12:09 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-H2zil1XN' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=23, mss=1232, tbw=4466, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: GfeprSwlpbzJJUdyCKvpSYmlNXiBehPlpR6TG0YpTXc63WTWaH0EvgqJVqngv5hCyayKknfaQNa8rC92+/swoA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 Qt12taYAHXI
www.youtube-nocookie.com/embed/ Frame CE6B 0
0 588ms
266ms Document
text/html 2404:6800:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/Qt12taYAHXI?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Requested by

Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure07b-connect.itsaol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-Kzx-aR83So1cJ4vJWsJ_aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Dec 2024 07:12:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 419ms
188ms Script
text/javascript 2404:6800:4006:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:813::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1daeb8f2b20e643498e588a0f3bc753699fe28c787205ece9b0fc5cd5a7b06be

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

content-encoding: br
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options: nosniff
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires: Wed, 25 Dec 2024 07:12:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Wed, 25 Dec 2024 07:12:10 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H3 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxMaC82U.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 17 KB
17 KB 228ms
67ms Font
font/woff2 142.250.71.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxMaC82U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f3.1e100.net

Software

sffe /

Resource Hash

dbcc0e48671e24477635ad90429f23e1dc948d3726b0a9487e79ce8e1a9112d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://secure07b-connect.itsaol.com
Referer: https://fonts.googleapis.com/

Response headers

age: 307627
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 21 Dec 2025 17:45:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Dec 2024 17:45:03 GMT
last-modified: Tue, 26 Apr 2022 16:09:33 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17404
x-xss-protection: 0
server: sffe

GET
H3 200 kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 18 KB
18 KB 231ms
70ms Font
font/woff2 142.250.71.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f3.1e100.net

Software

sffe /

Resource Hash

546db554b9a7c8dab36a67ca582d98882c575957bd515a4bc1e00563bc0b46d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://secure07b-connect.itsaol.com
Referer: https://fonts.googleapis.com/

Response headers

age: 307432
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 21 Dec 2025 17:48:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Dec 2024 17:48:18 GMT
last-modified: Tue, 26 Apr 2022 15:47:49 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17920
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK lisa-king-d.png
secure07b-connect.itsaol.com/img/featured-on/king/ 62 KB
62 KB 497ms
228ms Image
image/png 147.182.162.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure07b-connect.itsaol.com/img/featured-on/king/lisa-king-d.png
Requested by: Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 147.182.162.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jointhealthactivator.com
Software: nginx / Express
Resource Hash: d86dc3454bdf2110a74e7ba300b641a0700839347df9e6d08232dbbcde4fcde4

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

Cache-Control: public, max-age=0
ETag: W/"f6d8-18fec5f3cdd"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63192
Date: Wed, 25 Dec 2024 07:12:10 GMT
Content-Type: image/png
X-Powered-By: Express
Server: nginx
Last-Modified: Thu, 06 Jun 2024 07:06:55 GMT

GET
H/1.1 200
OK featured-logo-d.svg
secure07b-connect.itsaol.com/img/featured-on/king/ 8 KB
4 KB 680ms
230ms Image
image/svg+xml 147.182.162.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure07b-connect.itsaol.com/img/featured-on/king/featured-logo-d.svg
Requested by: Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 147.182.162.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jointhealthactivator.com
Software: nginx / Express
Resource Hash: 3bb5fdf2030456fac4167dd69ab5137a70fd2bbf29931859454ead1057cb0a71

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: public, max-age=0
Content-Encoding: gzip
ETag: W/"1e33-18fec5f3cdd"
Connection: keep-alive
Date: Wed, 25 Dec 2024 07:12:10 GMT
Content-Type: image/svg+xml
Vary: Accept-Encoding
Server: nginx
Last-Modified: Thu, 06 Jun 2024 07:06:55 GMT
X-Powered-By: Express

GET
H3 200 1564727430697990 Show response
connect.facebook.net/signals/config/ 118 KB
23 KB 441ms
440ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1564727430697990?v=2.9.179&r=stable&domain=secure07b-connect.itsaol.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

635fceda7b9b7f66e3768e26a5fb232efb7247c295a3d7681e8cb0ecb73a0e33

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-N6h5S451' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 25 Dec 2024 07:12:10 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-N6h5S451' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=67, rtx=0, c=77, mss=1232, tbw=70450, tp=65, tpl=0, uplat=374, ullat=0
pragma: public
x-fb-debug: BJf7TWukWE02rlqrZ04o/qsdTzwUAaZId7sGwhpAnoHI5XEADV8GmCUA3SCe0HMNVPDV6epxnw+hMuc2NfCn2A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/03dbdfab/www-widgetapi.vflset/ 30 KB
10 KB 66ms
65ms Script
text/javascript 2404:6800:4006:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/03dbdfab/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:813::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

content-encoding: br
age: 166793
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 23 Dec 2025 08:52:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 08:52:17 GMT
last-modified: Mon, 16 Dec 2024 05:14:15 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10165
x-xss-protection: 0
server: sffe

POST
H3 200 collect
www.google.com/ccm/ 0
0 324ms
163ms Ping
text/plain 172.217.167.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1365239642.1735110730&dt=Joint%20Complex&auid=351449207.1735110730&navt=n&npa=0&gtm=45He4cc1v9132898246za200&gcs=G111&gcd=13v3v3v3v5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735110730489&tfd=2176&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.167.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 431 KB
136 KB 193ms
192ms Script
application/javascript 2404:6800:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-633CCXW5Y6&l=dataLayer&cx=c&gtm=45He4cc1v9132898246za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a7bdacf5371774ce78a2ac158ec5b8c33a80f7c48d2ca7b0ed38c3710c77351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 25 Dec 2024 07:12:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Dec 2024 07:12:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 139014
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 233 KB
83 KB 278ms
277ms Script
application/javascript 2404:6800:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14623190&l=dataLayer&cx=c&gtm=45He4cc1v9132898246za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1cc63f5ff13fc5565862390d80b69e527009bab86999bad3235852a4955f277e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 25 Dec 2024 07:12:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Dec 2024 07:12:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 25 Dec 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 84657
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 EuTwXXOV4Sc7dJbpixmK.js Show response
tags.creativecdn.com/ 5 KB
3 KB 395ms
65ms Script
application/javascript 2a02:6ea0:db00::11
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/EuTwXXOV4Sc7dJbpixmK.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:db00::11 Sydney, Australia, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ca9e609ef3f582aec6955e30de3ea1a0a33186bf6b10105d9e8391c4ba8ad21

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=Dqq7NA==, md5=TM9Ddx5ISBq82bK8vb0n7Q==
content-encoding: gzip
etag: W/"4ccf43771e48481abcd9b2bcbdbd27ed"
x-77-cache: HIT
x-goog-stored-content-encoding: identity
expires: Mon, 07 Oct 2024 10:05:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 4724
date: Wed, 25 Dec 2024 07:12:10 GMT
content-type: application/javascript
last-modified: Mon, 07 Oct 2024 08:28:03 GMT
x-77-nzt-ray: 307af017654e91dc4ab06b674d4c4233
x-guploader-uploadid: AHmUCY0Em9w4zGmEJWRNId0UR0WGWwMe7fmGeuPGppS5rZtzw-LgQY-zjHKHo3a8Fua-FeAY7BIxZwrUTg
x-77-nzt: EwwBj/Q+BwH3AgUAAAwBj/QhpAH3VgoAAAwBw7WvAgG3DQAAAA
cache-control: public, max-age=3600
vary: Accept-Encoding
x-goog-storage-class: STANDARD
x-77-pop: sydneyAU
x-goog-generation: 1728289683362046
x-77-age: 1282
server: CDN77-Turbo

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 50 KB
22 KB 734ms
244ms Script
application/javascript 2406:2600:7:100::d
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=108887

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::d , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

dba7efd907cdd9f8c04e9b2f7b3368f4ea5b48c8ff3aa3b6263cbb7bc092a869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: public,max-age=10800
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
date: Wed, 25 Dec 2024 07:12:11 GMT
content-type: application/javascript; charset=utf-8
vary: Origin, Accept-Encoding
server: Kestrel

GET
H2 200 collect-g.js Show response
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 105 KB
20 KB 207ms
66ms Script
application/x-javascript 18.67.95.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.revitalizejoints.com
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.95.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-95-221.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbce52394fe6a49b42ec7c3eb2a5146948e786b7a6188502657ba28a062691dd

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

content-encoding: gzip
etag: "c8164200b1af114ca9af998ceedb1fc2"
age: 566074
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: NpxaeWR_WkXAGjTUmIz5tmQf0VRxmzVotlKy5K4j-4AkXD6SNmcnRQ==
date: Wed, 18 Dec 2024 17:57:36 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 12 Jul 2024 12:32:30 GMT
cache-control: max-age=604800,s-maxage=604800
via: 1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 20382
x-amz-cf-pop: SYD62-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 b-00mi.min.js Show response
b-code.liadm.com/ 136 KB
46 KB 221ms
77ms Script
application/javascript 2600:9000:2215:1c00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/b-00mi.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2215:1c00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2ebb90a14e5c4c41f82212b6fc33697a0ae7cb5d13e52ce9e46f8c9181ecd7b6

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

cache-control: public,max-age=86400
content-encoding: gzip
age: 23100
via: 1.1 9d6e86f5b232838ca6f2f480892525b2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 0ZUg2qdmGtnJYBOiwUndy1yNndWf_oMWbcIIUVuPBs0jxJxxX-xfIA==
date: Wed, 25 Dec 2024 00:47:10 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-cf-pop: SYD62-P2

GET
H2 200 lk2hxquxhr Show response
www.clarity.ms/tag/ 739 B
1 KB 686ms
464ms Script
application/x-javascript 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/lk2hxquxhr?ref=gtm2
Requested by: Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 566f3830ae7350099ef0e1fa17231d8b9e91fe16e466d27ec2214f36224a34a2

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 739
date: Wed, 25 Dec 2024 07:12:11 GMT
content-type: application/x-javascript
x-azure-ref: 20241225T071210Z-154d77576779tnj4hC1SYDf5f00000000kt0000000005wvh

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
83 KB 274ms
274ms Script
application/javascript 2404:6800:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-14623190

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e430845684a878fed3d17e887e60a21632b5c2998ad96efe58184132325cb7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 25 Dec 2024 07:12:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Dec 2024 07:12:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 25 Dec 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 84716
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 8 KB
3 KB 434ms
290ms Script
application/javascript 23.48.247.236
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF31TNRC77U6J4TVF330&lib=ttq
Requested by: Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.247.236 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-247-236.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d2090304a4771cf802e4e65e8698429a2943a9b9d57ac210f1d220397c8b568d

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-218-223-88.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires: Wed, 25 Dec 2024 07:12:10 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=206, origin; dur=7, inner; dur=4
x-cache: TCP_MISS from a23-46-180-209.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Wed, 25 Dec 2024 07:12:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 155d2f1b.8f90e534
x-tt-trace-host: 0134657a04b7a085f5a109bc87d2f6487ecc01528cbef0d7ed07abae66d6fd831d486d6930ba2bff2f294217d9487313486a5f63c2e2b10d3bb341d7e191e6947c9fecdcb63c2af170a629b0ed3154b1c66d795efab05f6ec9e1714eddaa05cfb2a9ce8cce130ad11a6913bbf18bea4bf1
x-origin-response-time: 8,23.218.223.88
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241225071210C19F26673CF300246D9E-53EF3D5257921491-00
content-length: 2343
x-parent-response-time: 211,23.46.180.209
x-tt-logid: 20241225071210C19F26673CF300246D9E
server: nginx

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 24 KB
9 KB 207ms
66ms Script
application/x-javascript 23.221.133.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.133.140 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-133-140.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 90eaf5dbf35b26c11fe6c57f5da9d9d9f57872aaea3abe1e10c4ddc604bd7ed7

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

Cache-Control: max-age=1200
Content-Encoding: gzip
ETag: "32f6b28da9ec7857a2f31f6650118a87:1734957062.79236"
Connection: keep-alive
Expires: Wed, 25 Dec 2024 07:32:10 GMT
Accept-Ranges: bytes
X-CC: NZ
Content-Length: 8471
X-RG: OC
Date: Wed, 25 Dec 2024 07:12:10 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 23 Dec 2024 09:09:28 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 4948 0
0 385ms
164ms Document
text/html 2404:6800:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fsecure07b-connect.itsaol.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Dec 2024 07:12:10 GMT
expires: Thu, 25 Dec 2025 07:12:10 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
202 B 358ms
286ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1564727430697990&ev=PageView&dl=https%3A%2F%2Fsecure07b-connect.itsaol.com&rl=&if=false&ts=1735110730555&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4124&fbp=fb.1.1735110730543.846663720561652787&pm=1&hrl=6fb213&ler=empty&cdl=API_unavailable&it=1735110730022&coo=false&cs_cc=1&cs_cc=1&cas=9336749453025580%2C9036266676424329%2C8363086123759757%2C7838478432919508%2C8310145692356020%2C7808196579309921%2C8291816517541543%2C26747147724898772%2C8091466284283326%2C7682833491828953%2C26354635170818523%2C8555092211170384%2C7943370402412903%2C7380041312118141%2C26332012029719400%2C7537928146268527%2C7569768856423732%2C6956987794406958%2C7643965295683699%2C7016066221832938%2C7034340400026828%2C7499405630081412%2C7849319038452565%2C7531362440252487%2C25098821783099281%2C6719320041512443%2C7102936886501940%2C8276521995696166%2C8802519899781626%2C6962207387217245%2C27429031483411275%2C25483935424583699%2C7553474568045692%2C7283762228396572%2C7421018521278531%2C7915744731874721%2C7458278260953465%2C7341818752581711%2C7638175802899297%2C6915087971930441%2C6641473062599882%2C7491519880884208%2C6070152103082584%2C6229531447108410%2C7346808755354401%2C8574786112581764%2C7383774944992711%2C8770218846327864&cas=9336749453025580%2C9036266676424329%2C8363086123759757%2C7838478432919508%2C8310145692356020%2C7808196579309921%2C8291816517541543%2C26747147724898772%2C8091466284283326%2C7682833491828953%2C26354635170818523%2C8555092211170384%2C7943370402412903%2C7380041312118141%2C26332012029719400%2C7537928146268527%2C7569768856423732%2C6956987794406958%2C7643965295683699%2C7016066221832938%2C7034340400026828%2C7499405630081412%2C7849319038452565%2C7531362440252487%2C25098821783099281%2C6719320041512443%2C7102936886501940%2C8276521995696166%2C8802519899781626%2C6962207387217245%2C27429031483411275%2C25483935424583699%2C7553474568045692%2C7283762228396572%2C7421018521278531%2C7915744731874721%2C7458278260953465%2C7341818752581711%2C7638175802899297%2C6915087971930441%2C6641473062599882%2C7491519880884208%2C6070152103082584%2C6229531447108410%2C7346808755354401%2C8574786112581764%2C7383774944992711%2C8770218846327864&chmd=&chpv=&chfv=undefined&rqm=FGET

Requested by

Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 25 Dec 2024 07:12:10 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: FQ9iYR1LyWl5bpQY3gWZ9Njbnq4A//obdzEgcVyb5wQrjm1Ba9FGfpfPAmO04Td3qqROY4GjHvC9YwUrFitcHA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=67, rtx=0, c=23, mss=1232, tbw=4467, tp=9, tpl=0, uplat=219, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 200 /
www.facebook.com/tr/ Frame AFA6 0
0 134ms
65ms Document
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://secure07b-connect.itsaol.com
Referer: https://secure07b-connect.itsaol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://secure07b-connect.itsaol.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 25 Dec 2024 07:12:10 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=23, mss=1232, tbw=4498, tp=9, tpl=0, uplat=0, ullat=0

GET
H/1.1 200
OK 001ac323a28065f3d332528e5524186644 Show response
wave.outbrain.com/mtWavesBundler/handler/ 3 KB
2 KB 209ms
65ms Script
text/html 23.221.133.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/001ac323a28065f3d332528e5524186644

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.221.133.140 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-221-133-140.deploy.static.akamaitechnologies.com

Software

Resource Hash

396a44df54c64f3bf2e9d078b103eb02948726b022734e3bd36f1aac28099ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=60
ob-sent-time: 1735081643080
Content-Encoding: gzip
ETag: W/"d43-hkNBbE3b/lcGVL0t4M/e7hmJ5Fo"
Connection: keep-alive
Expires: Wed, 25 Dec 2024 07:13:10 GMT
Access-Control-Allow-Origin: *
X-CC: NZ
Content-Length: 1553
X-RG: OC
Date: Wed, 25 Dec 2024 07:12:10 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
x-traceid: 45876a5356e1369c807a0c2a8755fe70

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ 26 B
301 B 198ms
67ms Fetch
text/html 23.221.133.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.133.140 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-133-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

Cache-Control: max-age=1200
Connection: keep-alive
Observe-Browsing-Topics: ?1
Expires: Wed, 25 Dec 2024 07:32:10 GMT
Access-Control-Allow-Origin: *
X-CC: NZ
Content-Length: 26
X-RG: OC
Date: Wed, 25 Dec 2024 07:12:10 GMT
Content-Type: text/html

GET
H/1.1 200
OK unifiedPixel Show response
tr.outbrain.com/ 53 B
321 B 702ms
227ms Fetch
image/gif 52.250.45.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?au=false&bust=016041688022578793&referrer=&marketerId=001ac323a28065f3d332528e5524186644&name=PAGE_VIEW&dl=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F&g=1&zone=all&obApiVersion=1.1&obtpVersion=2.18.156

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.250.45.119 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 54
content-encoding: br
date: Wed, 25 Dec 2024 07:12:11 GMT
content-type: image/gif;
x-traceid: bf9265e29495ad06854f6e7b54279cbb

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 700ms
229ms Script
application/javascript 52.250.45.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=001ac323a28065f3d332528e5524186644

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.250.45.119 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 39
content-encoding: br
date: Wed, 25 Dec 2024 07:12:11 GMT
content-type: application/javascript
x-traceid: d0706ed0b02012143ea708cd193b491f

GET
H2 200 id Show response
d1pqvb2h9xgm7r.cloudfront.net/v1/ 30 B
370 B 931ms
790ms XHR
text/plain 108.158.16.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/id?channel=secure.revitalizejoints.com
Requested by: Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.revitalizejoints.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.16.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-16-107.syd62.r.cloudfront.net
Software: /
Resource Hash: 0c0b3ed36a6b438823b2d09f0eb0987566cd6b30aee22a2419fa27a619257d2c

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

access-control-expose-headers: date, x-api-id
via: 1.1 1b68da67ecd8210b43b9ded7550536ca.cloudfront.net (CloudFront)
apigw-requestid: DVh71jhTIAMEYsQ=
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 30
alt-svc: h3=":443"; ma=86400
date: Wed, 25 Dec 2024 07:12:11 GMT
content-type: text/plain; charset=utf-8
x-amz-cf-pop: SYD62-P3
x-amz-cf-id: 3_karKt_1-z64W4ZeReHVdx-i3gMjI7SH7MpWBohrIi5B2hoQqv5Kw==

GET
H/1.1 200
OK b-00mi
i.liadm.com/s/c/ Frame 0CD4 0
0 1018ms
260ms Document
text/html 3.208.153.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/b-00mi?duid=bc6374f70603--01jfyah920qf5vmaqgkkngv9mw&euns=1&s=&version=v3.6.0&cd=.itsaol.com&pv=ddf1162e-0fa7-49bd-9ce6-a3a43076d634

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/b-00mi.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.153.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-153-251.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure07b-connect.itsaol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 660
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 Dec 2024 07:12:11 GMT
Request-Time: 12
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
trace-id: 6770636235017567

POST
H2

204

v2 Show response
us.creativecdn.com/tags/
Redirect Chain

https://us.creativecdn.com/tags/v2?type=json
https://us.creativecdn.com/tags/v2?type=json&tc=1

0
182 B

226ms
224ms

Fetch

185.184.10.30
RTB-HOUSE-ASH RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json&tc=1
Requested by: Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/
Protocol: H2
Server: 185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://secure07b-connect.itsaol.com
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
location: https://us.creativecdn.com/tags/v2?type=json&tc=1
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://secure07b-connect.itsaol.com
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
date: Wed, 25 Dec 2024 07:12:12 GMT, Wed, 25 Dec 2024 07:12:12 GMT
vary: Origin

OPTIONS
H2 200 v2
us.creativecdn.com/tags/ Frame 0
0 670ms
222ms Preflight 185.184.10.30
RTB-HOUSE-ASH RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure07b-connect.itsaol.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://secure07b-connect.itsaol.com
access-control-max-age: 3600
content-length: 0
date: Wed, 25 Dec 2024 07:12:11 GMT
vary: Origin

GET
H2 200 activityi;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=2677339878160;npa=0;auiddc=351449207.1735110730;ps=1;pcor=15487887;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe...
14623190.fls.doubleclick.net/ Frame 08FF 0
0 415ms
170ms Document
text/html 172.217.167.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14623190.fls.doubleclick.net/activityi;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=2677339878160;npa=0;auiddc=351449207.1735110730;ps=1;pcor=15487887;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101509156~101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14623190&l=dataLayer&cx=c&gtm=45He4cc1v9132898246za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure07b-connect.itsaol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 610
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Dec 2024 07:12:11 GMT
expires: Wed, 25 Dec 2024 07:12:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=2677339878160;npa=0;auiddc=351449207.1735110730;ps=1;pcor=15487887;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0...
td.doubleclick.net/td/fls/rul/ Frame BADE 0
0 417ms
177ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=2677339878160;npa=0;auiddc=351449207.1735110730;ps=1;pcor=15487887;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101509156~101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14623190&l=dataLayer&cx=c&gtm=45He4cc1v9132898246za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure07b-connect.itsaol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Dec 2024 07:12:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=2677339878160;npa=0;auiddc=351449207.1735110730;ps=1;pcor=15487887;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl...
ad.doubleclick.net/ 0
23 B 382ms
218ms Image
image/png 142.250.66.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=2677339878160;npa=0;auiddc=351449207.1735110730;ps=1;pcor=15487887;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101509156~101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F?

Requested by

Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 25 Dec 2024 07:12:11 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"4551600036554971469"}],"aggregatable_trigger_data":[{"filters":[{"14":["102347144"]}],"key_piece":"0x4091720b1e241caf","source_keys":["12","13","14","15","16","17","18","19","20","21","30256384","30256385","30256386","30256387","30266496","30266497","30266498","30266499","644012468","644012469","644012470","644012471","644022452","644022453","644022454","644022455"]},{"key_piece":"0x68659e9d3d2fc31e","not_filters":{"14":["102347144"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","30256384","30256385","30256386","30256387","30266496","30266497","30266498","30266499","644012468","644012469","644012470","644012471","644022452","644022453","644022454","644022455"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"30256384":50,"30256385":50,"30256386":50,"30256387":4889,"30266496":65,"30266497":65,"30266498":65,"30266499":6356,"644012468":36,"644012469":36,"644012470":36,"644012471":3530,"644022452":34,"644022453":34,"644022454":34,"644022455":3345},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"17456515119506553984","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"4551600036554971469","filters":[{"14":["102347144"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"4551600036554971469","filters":[{"14":["102347144"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"4551600036554971469","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"4551600036554971469","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14623190"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H2 200 UCAffiliateNetworkPixel
secure.revitalizejoints.com/cgi-bin/ 0
374 B 262ms
261ms Stylesheet
text/plain 23.22.127.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.revitalizejoints.com/cgi-bin/UCAffiliateNetworkPixel?t=0.6619696514884006&r=&u=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F
Requested by: Host: secure.revitalizejoints.com
URL: https://secure.revitalizejoints.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.127.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-127-44.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

date: Wed, 25 Dec 2024 07:12:11 GMT
server: Apache
content-length: 0

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1735110730969&aid=b-00mi&se=e30&duid=bc6374f70603--01jfyah920qf5vmaqgkkngv9mw&tv=v3.6.0&pu=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F&wpn=lc-bundle&wpv=v3.6.0&cd=.i...
https://rp4.liadm.com/j?dtstmp=1735110730969&aid=b-00mi&se=e30&duid=bc6374f70603--01jfyah920qf5vmaqgkkngv9mw&tv=v3.6.0&pu=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F&wpn=lc-bundle&wpv=v3.6.0&cd=....

13 B
367 B

757ms
251ms

XHR
application/json

44.194.222.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?dtstmp=1735110730969&aid=b-00mi&se=e30&duid=bc6374f70603--01jfyah920qf5vmaqgkkngv9mw&tv=v3.6.0&pu=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F&wpn=lc-bundle&wpv=v3.6.0&cd=.itsaol.com&c=PHRpdGxlPkpvaW50IENvbXBsZXg8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPjxoMSBjbGFzcz0idmlkZW8taGVhZGxpbmUiPkJvbmUgT24gQm9uZSBKb2ludHM_IFRyeSBUaGlzIDE1IFNlY29uZCBTb2x1dGlvbjwvaDE-&pv=ddf1162e-0fa7-49bd-9ce6-a3a43076d634&i6=MjQwNDpmNzgwOjU6ZGVmOjpjMmU%3D&n3pc=true
Requested by: Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/
Protocol: H2
Server: 44.194.222.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-222-109.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

x-pixel-event-id: 9a839212-abbf-4202-a582-206291e2f63a
access-control-max-age: 86400
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: null
content-length: 13
date: Wed, 25 Dec 2024 07:12:12 GMT
content-type: application/json

Redirect headers

access-control-max-age: 86400
access-control-expose-headers: *
location: https://rp4.liadm.com/j?dtstmp=1735110730969&aid=b-00mi&se=e30&duid=bc6374f70603--01jfyah920qf5vmaqgkkngv9mw&tv=v3.6.0&pu=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F&wpn=lc-bundle&wpv=v3.6.0&cd=.itsaol.com&c=PHRpdGxlPkpvaW50IENvbXBsZXg8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPjxoMSBjbGFzcz0idmlkZW8taGVhZGxpbmUiPkJvbmUgT24gQm9uZSBKb2ludHM_IFRyeSBUaGlzIDE1IFNlY29uZCBTb2x1dGlvbjwvaDE-&pv=ddf1162e-0fa7-49bd-9ce6-a3a43076d634&i6=MjQwNDpmNzgwOjU6ZGVmOjpjMmU%3D&n3pc=true
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://secure07b-connect.itsaol.com
content-length: 0
date: Wed, 25 Dec 2024 07:12:11 GMT

GET
H2 200 main.MWE1OTI4NzI4MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 352 KB
98 KB 75ms
74ms Script
application/javascript 23.48.247.236
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF31TNRC77U6J4TVF330&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.247.236 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-247-236.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ba3710ffb62361879a717271253bcda8d3a4d1c61f22abc95e00181ca2fea228

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

x-cache: TCP_MEM_HIT from a23-46-180-209.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
x-tt-trace-id: 00-241219132430287F68690B96050B984A-74BEDA566BBA9ECC-00
content-length: 99191
date: Wed, 25 Dec 2024 07:12:11 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241219132430287F68690B96050B984A
server: nginx
x-akamai-request-id: 8f90edb6
x-tt-trace-host: 01f73bc7411aaa31226e38c30982848d21fe140bc01090f9f614007052ae848e8703efb13f922accdf1c6703af8dbcfa5cee94be730718b72072651e6151d629e6deceb8f8331aa29780537acd95b72dd664e5095841bc7f20ea0c4a88d66c856f

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-633CCXW5Y6&gtm=45je4cc1v9171594360z89132898246za200zb9132898246&_p=1735110729408&_gaz=1&gcs=G111&gcd=13v3v3v3v5l1&npa=0&dma=0&tag_exp=101925629~1020...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1899179852.1735110731&dbk=10989945081002407137&dma=0&en=page_view&gcs=G111&gtm=45je4cc1v9171594360z89132898246za200zb91...

0
0

397ms
169ms

Fetch
text/plain

2404:6800:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1899179852.1735110731&dbk=10989945081002407137&dma=0&en=page_view&gcs=G111&gtm=45je4cc1v9171594360z89132898246za200zb9132898246&npa=0&tid=G-633CCXW5Y6&dl=https%3A%2F%2Fsecure07b-connect.itsaol.com%3F
Requested by: Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/
Protocol: H2
Server: 2404:6800:4006:809::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 25 Dec 2024 07:12:11 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1899179852.1735110731&dbk=10989945081002407137&dma=0&en=page_view&gcs=G111&gtm=45je4cc1v9171594360z89132898246za200zb9132898246&npa=0&tid=G-633CCXW5Y6&dl=https%3A%2F%2Fsecure07b-connect.itsaol.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Dec 2024 07:12:11 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
553 B 480ms
160ms Ping
text/plain 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-633CCXW5Y6&cid=1899179852.1735110731&gtm=45je4cc1v9171594360z89132898246za200zb9132898246&aip=1&dma=0&gcs=G111&gcd=13v3v3v3v5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-633CCXW5Y6&l=dataLayer&cx=c&gtm=45He4cc1v9132898246za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secure07b-connect.itsaol.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Dec 2024 07:12:11 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 28EF 0
0 292ms
171ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-633CCXW5Y6&gacid=1899179852.1735110731&gtm=45je4cc1v9171594360z89132898246za200zb9132898246&dma=0&gcs=G111&gcd=13v3v3v3v5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1280771644

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-633CCXW5Y6&l=dataLayer&cx=c&gtm=45He4cc1v9132898246za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure07b-connect.itsaol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Dec 2024 07:12:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.nz/ads/ 42 B
63 B 372ms
206ms Image
image/gif 142.250.204.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.nz/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-633CCXW5Y6&cid=1899179852.1735110731&gtm=45je4cc1v9171594360z89132898246za200zb9132898246&aip=1&dma=0&gcs=G111&gcd=13v3v3v3v5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=594591653

Requested by

Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 25 Dec 2024 07:12:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.59/ 67 KB
28 KB 132ms
132ms Script
application/javascript 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.59/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/lk2hxquxhr?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

x-azure-ref: 20241225T071211Z-154d77576779tnj4hC1SYDf5f00000000kt0000000005wvw
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD202F1480E82A"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: d3285079-501e-0029-2d47-5210af000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Wed, 25 Dec 2024 07:12:11 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 19 Dec 2024 13:14:33 GMT

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 69ms
69ms Script
application/javascript 23.48.247.236
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.247.236 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-247-236.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

x-cache: TCP_MEM_HIT from a23-46-180-209.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-2411150502372F8853A162A9AF21B3C8-7E1A43B93B4AD828-00
content-length: 39453
date: Wed, 25 Dec 2024 07:12:11 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202411150502372F8853A162A9AF21B3C8
server: nginx
x-akamai-request-id: 8f90f37a
x-tt-trace-host: 013a87bd2f4610e151dfcacb01452ca32e8038b690ff2ee4d4b8fc3487aa07a7953c842bd9d59eb181167f26f016af4c547cb7230a5e2318453051b3260b12f3ef8b60f19dbbc88b085aa9e61de2f6b7a6eb47485c5acc377be2d430e682ff9f92

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
721 B 320ms
318ms Ping
text/plain 23.48.247.236
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.247.236 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-247-236.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://secure07b-connect.itsaol.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 25 Dec 2024 07:12:11 GMT
server-timing: inner; dur=19, cdn-cache; desc=MISS, edge; dur=10, origin; dur=233
x-cache: TCP_MISS from a23-46-180-209.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Wed, 25 Dec 2024 07:12:11 GMT
x-akamai-request-id: 8f90f425
access-control-allow-headers: Authorization,*
x-tt-trace-host: 0134657a04b7a085f5a109bc87d2f6487e49d376b459a53d77527f8afe46f38036a5073949e04d3b73956682321d55031bb513c3c55912834393f15d563dc42d1ef9dc416b66315c24e829ec685f0bfbf5f4e3ddec1aab14b04f0cfbc2aafb7e24
x-origin-response-time: 233,23.46.180.209
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2412250712111C7CA6EF740B73554443-79097DB639682938-00
content-length: 0
x-tt-logid: 202412250712111C7CA6EF740B73554443
server: nginx

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
719 B 298ms
297ms Ping
text/plain 23.48.247.236
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.247.236 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-247-236.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://secure07b-connect.itsaol.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 25 Dec 2024 07:12:11 GMT
server-timing: inner; dur=17, cdn-cache; desc=MISS, edge; dur=6, origin; dur=222
x-cache: TCP_MISS from a23-46-180-209.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Wed, 25 Dec 2024 07:12:11 GMT
x-akamai-request-id: 8f90f911
access-control-allow-headers: Authorization,*
x-tt-trace-host: 0134657a04b7a085f5a109bc87d2f6487e49d376b459a53d77527f8afe46f38036048d1c7c332b8e31d9f3cd2230454b180a46684a8fe82539ba1bba3633b988afbf8ab92cf902100626eca1e9f55c1b9df29d95455f9433bcc7e2972a1e740c97
x-origin-response-time: 222,23.46.180.209
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2412250712117B23263BA1107C5C3A67-2D0C33533151E28F-00
content-length: 0
x-tt-logid: 202412250712117B23263BA1107C5C3A67
server: nginx

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
292 B 799ms
277ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://secure07b-connect.itsaol.com/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://secure07b-connect.itsaol.com
Date: Wed, 25 Dec 2024 07:12:12 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 syncframe
gum.criteo.com/ Frame E2BC 0
0 869ms
320ms Document
text/html 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=secure07b-connect.itsaol.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=108887

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://secure07b-connect.itsaol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 Dec 2024 07:12:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 357641
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

OPTIONS
H2 204 rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 0
0 66ms
66ms Preflight 108.158.16.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.16.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-16-107.syd62.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure07b-connect.itsaol.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 300
age: 41251
alt-svc: h3=":443"; ma=86400
apigw-requestid: DT9OVgG4IAMETkw=
date: Tue, 24 Dec 2024 19:44:40 GMT
via: 1.1 1b68da67ecd8210b43b9ded7550536ca.cloudfront.net (CloudFront)
x-amz-cf-id: xj5zqS-fCqlk4rhPK_HXhkwUNrn4_FLLyaP-Hj7-1Y_D_kUNkYvFSw==
x-amz-cf-pop: SYD62-P3
x-cache: Hit from cloudfront

POST
H2 200 rt Show response
d1pqvb2h9xgm7r.cloudfront.net/v1/ 514 B
884 B 667ms
666ms XHR
text/xml 108.158.16.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by: Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.revitalizejoints.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.16.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-16-107.syd62.r.cloudfront.net
Software: /
Resource Hash: c0a9269e659241c0fb2694fef9c64d8e216f58c8ee455f39b4d5ac43f764f55a

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-type: application/json
Referer: https://secure07b-connect.itsaol.com/

Response headers

access-control-expose-headers: date, x-api-id
x-amzn-requestid: 19e08834-5162-56c7-b4d3-d7d1e3ee9f7b
via: 1.1 1b68da67ecd8210b43b9ded7550536ca.cloudfront.net (CloudFront)
apigw-requestid: DVh7-h3dIAMEYVg=
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 514
alt-svc: h3=":443"; ma=86400
date: Wed, 25 Dec 2024 07:12:12 GMT
content-type: text/xml
x-amz-cf-pop: SYD62-P3
x-amz-cf-id: 9AWAwKHK5-PfVh6U8ttnRkP9ikNakp92bWg4J44Xv6CU3b0F-zUU1g==

OPTIONS
H2 200 v2
us.creativecdn.com/tags/ Frame 0
0 222ms
222ms Preflight 185.184.10.30
RTB-HOUSE-ASH RTB...

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH RTB Marketing and Tech Services Ltd, CY),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure07b-connect.itsaol.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://secure07b-connect.itsaol.com
access-control-max-age: 3600
content-length: 0
date: Wed, 25 Dec 2024 07:12:12 GMT
vary: Origin

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
292 B 261ms
260ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://secure07b-connect.itsaol.com/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://secure07b-connect.itsaol.com
Date: Wed, 25 Dec 2024 07:12:12 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1 201
Created adnypeu
service3.purehealthresearch.com/ 0
0 781ms
227ms Fetch 134.209.162.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://service3.purehealthresearch.com/adnypeu
Requested by: Host: secure07b-connect.itsaol.com
URL: https://secure07b-connect.itsaol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 134.209.162.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 0
Date: Wed, 25 Dec 2024 07:12:14 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Methods: GET

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B63EE1D4C52147FEBD8187AEFB23DCAC&RedC=c.clarity.ms&MXFR=07BBFC3BADCD6CE51043E95BA9CD62BF
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B63EE1D4C52147FEBD8187AEFB23DCAC&MUID=32446708ABA66CA92DDD7268AA5C6DDD

42 B
442 B

224ms
223ms

Image
image/gif

20.125.62.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B63EE1D4C52147FEBD8187AEFB23DCAC&MUID=32446708ABA66CA92DDD7268AA5C6DDD
Protocol: H2
Server: 20.125.62.241 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "d6b26d9334bdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Wed, 25 Dec 2024 07:12:14 GMT
content-type: image/gif
last-modified: Tue, 10 Dec 2024 13:01:06 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B63EE1D4C52147FEBD8187AEFB23DCAC&MUID=32446708ABA66CA92DDD7268AA5C6DDD
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 76137A76E489460B81ED458C49F1AB25 Ref B: SYD03EDGE2108 Ref C: 2024-12-25T07:12:14Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Wed, 25 Dec 2024 07:12:14 GMT
x-powered-by: ASP.NET

GET
H/1.1 200
OK favicon.png
secure07b-connect.itsaol.com/img/ 2 KB
2 KB 230ms
230ms Other
image/png 147.182.162.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure07b-connect.itsaol.com/img/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 147.182.162.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jointhealthactivator.com
Software: nginx / Express
Resource Hash: 20d1160d4baa8eb4c0ad192f9497de3a531a2a2d4357006ea7d5bb29f8b0d838

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

Cache-Control: public, max-age=0
ETag: W/"788-18fec5f3cdd"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1928
Date: Wed, 25 Dec 2024 07:12:13 GMT
Content-Type: image/png
X-Powered-By: Express
Server: nginx
Last-Modified: Thu, 06 Jun 2024 07:06:55 GMT

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
292 B 259ms
257ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://secure07b-connect.itsaol.com/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://secure07b-connect.itsaol.com
Date: Wed, 25 Dec 2024 07:12:14 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 204 collect
analytics.google.com/g/ 0
0 165ms
164ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-633CCXW5Y6&gtm=45je4cc1v9171594360za200zb9132898246&_p=1735110729408&gcs=G111&gcd=13v3v3v3v5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1899179852.1735110731&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1735110731&sct=1&seg=0&dl=https%3A%2F%2Fsecure07b-connect.itsaol.com%2F&dt=Joint%20Complex&en=scroll&epn.percent_scrolled=90&_et=41&tfd=7778
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-633CCXW5Y6&l=dataLayer&cx=c&gtm=45He4cc1v9132898246za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://secure07b-connect.itsaol.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secure07b-connect.itsaol.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Dec 2024 07:12:16 GMT
content-type: text/plain
server: Golfe2

GET event
sslwidget.criteo.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sslwidget.criteo.com
URL: https://sslwidget.criteo.com/event?a=%5B108887%5D&v=5.29.0&otl=1&p0=e%3Dvpg&adce=1&bundle=HZon6F9rejJienoxTWJEVmVWN1N2JTJGbHZ6TlBjVVRrVnMlMkJSYVJPZVBjeiUyQmFCM2ZJWUVCJTJGcTVFb0hUem05ODY2TlVrU2J2SFhiZkdDOEZMYk1XWWpKNzFGWjVCOElUajBJakd3ZEx2Y29uTGJnQk1UaVd1aDdqTVZwV0UlMkJsbzBpN1ZOZmxnYTJlcVptUWFkamFIUml3aThVdkFBJTNEJTNE&sc=%7B%22fbp%22%3A%22fb.1.1735110730543.846663720561652787%22%2C%22ttp%22%3A%227oq-gw3rakU3ajdm16mcy_kppMZ.tt.1%22%7D&tld=itsaol.com&dy=1&fu=https%253A%252F%252Fsecure07b-connect.itsaol.com%252F&ceid=4bf2f892-453d-4554-85f0-6f3fb253be53

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-21 02:41:42	Name: _li_ss Value: CjYKBQgKENYZCgYIpAEQ1hkKBgjdARDWGQoGCIEBENYZCgYIogEQ1hkKBgjSARDWGQoFCH4Q1hk
.liadm.com/j	1970-01-21 11:34:30	Name: lidid Value: a7d788c3-10c2-4002-a211-ab01b0d7b314
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: VRyVpem0fHw
.youtube.com/	1970-01-21 06:17:42	Name: VISITOR_INFO1_LIVE Value: bPNB8VeZSnA
.youtube.com/	1970-01-21 06:17:42	Name: VISITOR_PRIVACY_METADATA Value: CgJOWhIEGgAgZw%3D%3D
.youtube.com/	1970-01-21 06:17:42	Name: __Secure-ROLLOUT_TOKEN Value: CNnF286d_c-0gQEQ_uDbla_CigMY_uDbla_CigM%3D
.itsaol.com/	1970-01-21 04:08:06	Name: _gcl_au Value: 1.1.351449207.1735110730
.itsaol.com/	1970-01-21 04:08:06	Name: _fbp Value: fb.1.1735110730543.846663720561652787
.itsaol.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .itsaol.com
.itsaol.com/	1970-01-21 11:34:30	Name: _lc2_fpi Value: bc6374f70603--01jfyah920qf5vmaqgkkngv9mw
secure07b-connect.itsaol.com/	1970-01-21 10:44:06	Name: __rtbh.lid Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22e7XVgG5IjUtZMxOxE2t6%22%2C%22expiryDate%22%3A%222025-12-25T07%3A12%3A10.894Z%22%7D
.tiktok.com/	1970-01-21 11:20:06	Name: _ttp Value: 2qhNDtX14v0C6dRT36ceMEnulyH
.itsaol.com/	1970-01-21 11:34:30	Name: _ga Value: GA1.1.1899179852.1735110731
.itsaol.com/	1970-01-21 11:34:30	Name: _ga_633CCXW5Y6 Value: GS1.1.1735110731.1.0.1735110731.60.0.0
www.clarity.ms/	1970-01-21 10:44:06	Name: CLID Value: 9b44dec9a93f4ed581724ecc2b7b4e4f.20241225.20251225
.itsaol.com/	1970-01-21 11:20:06	Name: _tt_enable_cookie Value: 1
.itsaol.com/	1970-01-21 11:20:06	Name: _ttp Value: 7oq-gw3rakU3ajdm16mcy_kppMZ.tt.1
secure.revitalizejoints.com/	1970-01-21 02:08:35	Name: AWSALBCORS Value: 6+iORCRssViVr2bFe8SHVEg8sUyAbChbWXMu+ahxwldx1RlZgpyuwF1TvS8QhwbwPFqKzPJonAQ0G1jpDQD5qb0QRD8dx7eYPkxYh3njsd90KgwBunc0H43kpbod
.doubleclick.net/	1970-01-21 02:41:42	Name: ar_debug Value: 1
.itsaol.com/	1970-01-21 10:44:06	Name: _clck Value: 1oek0zi%7C2%7Cfs0%7C0%7C1820
.doubleclick.net/	1970-01-21 06:17:42	Name: receive-cookie-deprecation Value: 1
secure07b-connect.itsaol.com/	1970-01-21 01:58:31	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1735110731426%7D
.itsaol.com/	1970-01-21 10:44:06	Name: ucacid Value: 1235997989.454220
.liadm.com/	1970-01-21 11:34:30	Name: lidid Value: a7d788c3-10c2-4002-a211-ab01b0d7b314
secure07b-connect.itsaol.com/	1969-12-31 23:59:59	Name: /:watchVideoTime:Qt12taYAHXI Value: 0
.adsrvr.org/	1970-01-21 10:44:06	Name: TDID Value: 551ed793-f2d7-47ac-a7ae-dc507cb6ae68
.adsrvr.org/	1970-01-21 10:44:06	Name: TDCPM Value: CAESGQoKbGl2ZWludGVudBILCJr978Svr9I9EAUYBSABKAIyCwjiganxxa_SPRAFOAE.
.creativecdn.com/	1970-01-21 10:44:06	Name: g Value: mKyLHkePUmzKubwNviw0_1735110732118
.creativecdn.com/	1970-01-21 10:44:06	Name: c Value: mKyLHkePUmzKubwNviw0_EuTwXXOV4Sc7dJbpixmK_1735110732118
.creativecdn.com/	1970-01-21 10:44:06	Name: ts Value: 1735110732
.itsaol.com/	1970-01-21 01:59:57	Name: _clsk Value: wyrqag%7C1735110732255%7C1%7C1%7Cp.clarity.ms%2Fcollect
.doubleclick.net/	1970-01-21 11:34:30	Name: IDE Value: AHWqTUnVAWMcQNCrGNF5IF4ePo613qN12W-nT638ae7ahAkHb87hKm6JU5UVprxr
.turn.com/	1970-01-21 06:17:42	Name: uid Value: 8497321208748768783
.rezync.com/	1970-01-21 11:20:06	Name: zync-uuid Value: 6d730553-3550-4655-a1da-2387fec811ef:1735110732.28637
.criteo.com/	1970-01-21 11:20:06	Name: uid Value: 335c3312-8382-4ac3-aae9-aaf2f28d081e
.criteo.com/	1970-01-21 11:20:06	Name: receive-cookie-deprecation Value: 1
.zemanta.com/	1970-01-21 10:44:06	Name: zuid Value: 31zn-F50UzvidaL_BMRk
.demdex.net/	1970-01-21 06:17:42	Name: demdex Value: 27804361160887036571986270394275760243
.bidr.io/	1970-01-21 11:27:00	Name: bito Value: AAFyOE7O12EAABYsmR5eZw
.bidr.io/	1970-01-21 11:27:00	Name: bitoIsSecure Value: ok
.dpm.demdex.net/	1970-01-21 06:17:42	Name: dpm Value: 27804361160887036571986270394275760243
.rfihub.com/	1970-01-21 11:20:06	Name: eud Value: H4sIAAAAAAAA_1XIuRGAMAwEwAqIXIcYy8dJMt14_BRESEilhAzh7pVow5FJCMgsh5HSdDQpCF-zh-pcpzqomh1lL2HwO21fVcbzd30BHB-cQVgAAAA
.rfihub.com/	1970-01-21 11:20:06	Name: rud Value: H4sIAAAAAAAA_-MSNjIwtLAwsLA0sjA2NTOxMDE0MxHiM9St0HU3NjOucjZ0KXQDAMsSBI0lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjIwtLAwsLA0sjA2NTOxMDE0MxHiM9St0HU3NjOucjZ0KXQDAMsSBI0lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXBwQ3AMAgDwE_XocI4BtRtoiYZpJP37ruUq-gSjZLbSMkm1rRg19lvA_s8KArwYtzRyfoBDehs3TgAAAA
.outbrain.com/	1970-01-21 10:44:06	Name: obuid Value: 34e67a19-0444-48c3-9608-bfb2d4c22308
live.rezync.com/	1970-01-21 11:20:06	Name: sd-session-id Value: .eJwNylEOgyAMANC79FsWSil0XMYQqQmZ4iL6M-Pd5-dL3gXjV_c1N20HpGM_dYBpqY86pAt6_a36gQTOooiVtxPi4MVj8HAP0LX3urWxlueEEskykyFma3xgNhlLNo4kzjoJos4JIzGijeReTgJFuP9IASSi.Z2uwTQ.-qJwCZ7T3cqBfuWoslhK9TipDEk
.itsaol.com/	1970-01-21 11:27:54	Name: cto_bundle Value: HZon6F9rejJienoxTWJEVmVWN1N2JTJGbHZ6TlBjVVRrVnMlMkJSYVJPZVBjeiUyQmFCM2ZJWUVCJTJGcTVFb0hUem05ODY2TlVrU2J2SFhiZkdDOEZMYk1XWWpKNzFGWjVCOElUajBJakd3ZEx2Y29uTGJnQk1UaVd1aDdqTVZwV0UlMkJsbzBpN1ZOZmxnYTJlcVptUWFkamFIUml3aThVdkFBJTNEJTNE
.rlcdn.com/	1970-01-21 10:44:06	Name: rlas3 Value: SEKhrRg52wJB19AlP61iTcCYRzswgEQqDlUaTnyCaRg=
.rlcdn.com/	1970-01-21 03:24:54	Name: pxrc Value: CAA=
.bing.com/	1970-01-21 11:20:06	Name: MUID Value: 32446708ABA66CA92DDD7268AA5C6DDD
.c.bing.com/	1970-01-21 02:08:35	Name: MR Value: 0
.c.bing.com/	1970-01-21 11:20:06	Name: SRM_B Value: 32446708ABA66CA92DDD7268AA5C6DDD
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 11:20:06	Name: MUID Value: 32446708ABA66CA92DDD7268AA5C6DDD
.c.clarity.ms/	1970-01-21 02:08:35	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 01:58:31	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14623190.fls.doubleclick.net
ad.doubleclick.net
amplify.outbrain.com
analytics.google.com
analytics.tiktok.com
b-code.liadm.com
c.bing.com
c.clarity.ms
connect.facebook.net
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dynamic.criteo.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
i.liadm.com
p.clarity.ms
rp.liadm.com
rp4.liadm.com
secure.revitalizejoints.com
secure07b-connect.itsaol.com
service3.purehealthresearch.com
sslwidget.criteo.com
stats.g.doubleclick.net
tags.creativecdn.com
td.doubleclick.net
tr.outbrain.com
us.creativecdn.com
wave.outbrain.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.co.nz
www.google.com
www.googletagmanager.com
www.youtube-nocookie.com
www.youtube.com
sslwidget.criteo.com
108.158.16.107
134.209.162.206
142.250.204.3
142.250.66.230
142.250.71.67
147.182.162.240
157.240.8.23
157.240.8.35
172.217.167.102
172.217.167.68
18.67.95.221
185.184.10.30
20.122.63.128
20.125.62.241
2001:4860:4802:38::181
23.22.127.44
23.221.133.140
23.48.247.236
2404:6800:4003:c04::9a
2404:6800:4006:809::200e
2404:6800:4006:80f::2008
2404:6800:4006:80f::200e
2404:6800:4006:813::200e
2404:6800:4006:814::2002
2404:6800:4006:814::200a
2406:2600:7:100::9
2406:2600:7:100::d
2600:1f18:730:b130:6a2e:9644:9d1:f0f2
2600:9000:2215:1c00:8:8845:1500:93a1
2620:1ec:bdf::69
2620:1ec:c11::237
2a02:6ea0:db00::11
3.208.153.251
44.194.222.109
52.250.45.119
0c0b3ed36a6b438823b2d09f0eb0987566cd6b30aee22a2419fa27a619257d2c
0e9a75e38a031b9b09c05c8d122817256fac59698e92fce19dd1816c04a27ef9
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
1cc63f5ff13fc5565862390d80b69e527009bab86999bad3235852a4955f277e
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1daeb8f2b20e643498e588a0f3bc753699fe28c787205ece9b0fc5cd5a7b06be
20d1160d4baa8eb4c0ad192f9497de3a531a2a2d4357006ea7d5bb29f8b0d838
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2ebb90a14e5c4c41f82212b6fc33697a0ae7cb5d13e52ce9e46f8c9181ecd7b6
396a44df54c64f3bf2e9d078b103eb02948726b022734e3bd36f1aac28099ad1
3bb5fdf2030456fac4167dd69ab5137a70fd2bbf29931859454ead1057cb0a71
3ca9e609ef3f582aec6955e30de3ea1a0a33186bf6b10105d9e8391c4ba8ad21
546db554b9a7c8dab36a67ca582d98882c575957bd515a4bc1e00563bc0b46d2
566f3830ae7350099ef0e1fa17231d8b9e91fe16e466d27ec2214f36224a34a2
635fceda7b9b7f66e3768e26a5fb232efb7247c295a3d7681e8cb0ecb73a0e33
6a7bdacf5371774ce78a2ac158ec5b8c33a80f7c48d2ca7b0ed38c3710c77351
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
6e430845684a878fed3d17e887e60a21632b5c2998ad96efe58184132325cb7d
81970796dfb042e73ddc44c7642c5744158aac48437e65e00fca46c429e3add2
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
90eaf5dbf35b26c11fe6c57f5da9d9d9f57872aaea3abe1e10c4ddc604bd7ed7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a2698d1ea72f8cb956d690252e097acce37a5b722ff9bf1da499223e07b0e42e
a34faf97baf70a1f9a7e0f6c41c366ea1ccec4617b4587edb64f484d6912448a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
ba3710ffb62361879a717271253bcda8d3a4d1c61f22abc95e00181ca2fea228
c0a9269e659241c0fb2694fef9c64d8e216f58c8ee455f39b4d5ac43f764f55a
d2090304a4771cf802e4e65e8698429a2943a9b9d57ac210f1d220397c8b568d
d4ad32064fd80630bf6268c334ea5fa0e7a01828051761982d3c7c6c00708706
d86dc3454bdf2110a74e7ba300b641a0700839347df9e6d08232dbbcde4fcde4
dba7efd907cdd9f8c04e9b2f7b3368f4ea5b48c8ff3aa3b6263cbb7bc092a869
dbcc0e48671e24477635ad90429f23e1dc948d3726b0a9487e79ce8e1a9112d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
fbce52394fe6a49b42ec7c3eb2a5146948e786b7a6188502657ba28a062691dd

secure07b-connect.itsaol.com Open in urlscan Pro 147.182.162.240 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

84 %HTTPS

43 %IPv6

22 Domains

37 Subdomains

34 IPs

6 Countries

1114 kBTransfer

2979 kBSize

57 Cookies

0 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure07b-connect.itsaol.com Open in urlscan Pro
147.182.162.240 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

84 %
HTTPS

43 %
IPv6

22
Domains

37
Subdomains

34
IPs

6
Countries

1114 kB
Transfer

2979 kB
Size

57
Cookies

62 HTTP transactions
0 data transactions