urlscan.io logo urlscan.io
SecurityTrails logo

www.mid-day.com Open in urlscan Pro
41.63.96.2  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummie...
Submission: On November 16 via automatic, source links-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 17 domains to perform 61 HTTP transactions. The main IP is 41.63.96.2, located in Frankfurt am Main, Germany and belongs to LLNW, US. The main domain is www.mid-day.com. The Cisco Umbrella rank of the primary domain is 661865.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 19th 2023. Valid for: a year.
This is the only time www.mid-day.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 41.63.96.2 22822 (LLNW)
1 2606:4700:1::... 13335 (CLOUDFLAR...)
12 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:26e... 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 18.244.18.27 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:272... 16509 (AMAZON-02)
1 216.58.206.38 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
61 21
20    41.63.96.2 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-41-63-96-2.hhn.llnw.net
www.mid-day.com
1    2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
12    2606:4700:3033::6815:5329 (United States)

ASN13335 (CLOUDFLARENET, US)
cmp.uniconsent.com
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:225e:de00:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.unblockia.com
1    2600:9000:26e8:b800:1f:946:f000:21 (United States)

ASN16509 (AMAZON-02, US)
d3u598arehftfk.cloudfront.net
3    2606:4700::6810:ff40 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
3    18.244.18.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-27.fra56.r.cloudfront.net
sb.scorecardresearch.com
2    2606:4700:10::6816:1ed1 (United States)

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
static.smilewanted.com
3    2606:4700:10::6816:5d (United States)

ASN13335 (CLOUDFLARENET, US)
boot.pbstck.com
intake.pbstck.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700:3037::ac43:ca9a (United States)

ASN13335 (CLOUDFLARENET, US)
hbagency.it
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    2600:9000:225e:1c00:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)
loader.unblockia.com
2    2606:4700:10::ac43:1997 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pbstck.com
1    2600:9000:2724:7800:10:be65:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
t.unblockia.com
1    216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
20 mid-day.com
www.mid-day.com — Cisco Umbrella Rank: 661865
653 KB
12 uniconsent.com
cmp.uniconsent.com — Cisco Umbrella Rank: 36731
226 KB
5 pbstck.com
boot.pbstck.com — Cisco Umbrella Rank: 11560
cdn.pbstck.com — Cisco Umbrella Rank: 13594
intake.pbstck.com — Cisco Umbrella Rank: 11030
43 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 186
6 KB
3 izooto.com
cdn.izooto.com — Cisco Umbrella Rank: 18409
sbp.izooto.com Failed
94 KB
3 unblockia.com
cdn.unblockia.com — Cisco Umbrella Rank: 56050
loader.unblockia.com — Cisco Umbrella Rank: 59609
t.unblockia.com — Cisco Umbrella Rank: 50645
38 KB
2 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 145
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
684 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
2 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 2609
static.smilewanted.com — Cisco Umbrella Rank: 8380
14 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
218 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10745
63 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4108
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
52 KB
1 hbagency.it
hbagency.it — Cisco Umbrella Rank: 255234
163 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
6 KB
1 cloudfront.net
d3u598arehftfk.cloudfront.net
37 KB
1 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 9340
140 KB
61 17
Domain Requested by
20 www.mid-day.com www.mid-day.com
12 cmp.uniconsent.com www.mid-day.com
cmp.uniconsent.com
3 sb.scorecardresearch.com 1 redirects www.mid-day.com
3 cdn.izooto.com www.mid-day.com
cdn.izooto.com
2 intake.pbstck.com www.mid-day.com
2 cdn.pbstck.com boot.pbstck.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com www.mid-day.com
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 static.smilewanted.com csync.smilewanted.com
1 ad.doubleclick.net
1 t.unblockia.com cdn.unblockia.com
1 loader.unblockia.com cdn.unblockia.com
1 pagead2.googlesyndication.com cdn.unblockia.com
1 hbagency.it d3u598arehftfk.cloudfront.net
1 cdnjs.cloudflare.com d3u598arehftfk.cloudfront.net
1 boot.pbstck.com d3u598arehftfk.cloudfront.net
1 csync.smilewanted.com d3u598arehftfk.cloudfront.net
1 d3u598arehftfk.cloudfront.net www.mid-day.com
1 cdn.unblockia.com www.mid-day.com
1 jsc.mgid.com www.mid-day.com
0 sbp.izooto.com Failed cdn.izooto.com
61 24
Subject Issuer Validity Valid
*.mid-day.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-19 -
2024-12-18		 a year crt.sh
mgid.com
WE1		 2024-11-02 -
2025-01-31		 3 months crt.sh
uniconsent.com
WE1		 2024-10-29 -
2025-01-27		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.unblockia.com
Amazon RSA 2048 M03		 2024-01-23 -
2025-02-20		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
izooto.com
WE1		 2024-10-07 -
2025-01-05		 3 months crt.sh
smilewanted.com
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
pbstck.com
WE1		 2024-10-28 -
2025-01-26		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
hbagency.it
WE1		 2024-10-17 -
2025-01-16		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.de
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Frame ID: B3AE5CD90D2078D2043A87AB801A3129
Requests: 60 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: BC00FF13BF21A0EC7B44A2AB683B28DB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

97 %
HTTPS

85 %
IPv6

17
Domains

24
Subdomains

21
IPs

3
Countries

1691 kB
Transfer

4973 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://sb.scorecardresearch.com/cs/13184768/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
www.mid-day.com/brand-media/article/ 		140 KB
141 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / PHP/7.4.33
Resource Hash
9813474490104290ed5b86594855e11e74670cb5bbb498c45100c26ffdd8533b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
origin,range,hdntl,hdnts
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Sat, 16 Nov 2024 08:35:40 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
vary
Accept-Encoding
x-llid
96dd60020a351f7629842011cefd2240
x-powered-by
PHP/7.4.33
656816.js
jsc.mgid.com/site/ 		778 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/site/656816.js
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7249700f129f29f1436caa1b15b00aaa82f98a6bc92817bf4e18614f28264de8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

x-robots-tag
noindex
access-control-expose-headers
X-cntry
content-encoding
gzip
cf-cache-status
HIT
etag
"76afb82c13cdce6299c338dd331f1867"
x-amz-version-id
NZB9N9yAylnFfwgAfG7E9ReVHTsQBrAB
age
1920
expires
Sat, 16 Nov 2024 11:35:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
text/javascript
last-modified
Thu, 14 Nov 2024 13:14:34 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
5QhrKKrLfQIOSHaSs7gz2+XV4PADnlXn1BxPuuj24DfND6xbm/BjunYNl17WcpeOOQIx2kTYdhM=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=10800
x-cntry
DE
x-amz-request-id
J953S013GW0A0GYM
cf-ray
8e36262378dc368d-LHR
accept-ranges
bytes
access-control-allow-origin
*
content-length
143002
server
cloudflare
x-amz-server-side-encryption
AES256
stub.min.js
cmp.uniconsent.com/v2/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v2/stub.min.js
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8af2f6134183ae960bfa90cba9533fdef7dbb297f1ad028ea8e3674d64a0796

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"997a00863eec8b873d773c17d09cbe1b"
age
38436
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ekkvLZ3pnKvGiE4KOc5jbORjMwNRKZVZcHk0LcVspQRq07v9YC4y6gi6XGp8yxWbZxawbtGXuqncTPaQB0y%2BqYPtdDBtCtGDovrnraw1gm%2FFikTVv0TUnHaE3HN9O6XbnQQPXcJkNzkCUL63PxCrhgk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19149&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4238&recv_bytes=4251&delivery_rate=148754&cwnd=12000&unsent_bytes=0&cid=3544fc837a614e39&ts=55&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 11 May 2024 08:36:07 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-cache-status
MISS
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3626237fdabb39-CDG
access-control-allow-origin
*
server
cloudflare
bootstrap.min.css
www.mid-day.com/assets/css/ 		141 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mid-day.com/assets/css/bootstrap.min.css?v=1.0
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
c4b6ed2645519ec2c128badb2a2e7720052f8441ffa94c4f0bceca02311004da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=1800
content-encoding
gzip
age
42486
access-control-allow-methods
GET,POST,OPTIONS
x-llid
6a523f983e6af89ed2bb25ff6ac9886c
expires
Fri, 15 Nov 2024 21:17:34 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
20565
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
text/css
vary
Accept-Encoding
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
last-modified
Mon, 10 Jan 2022 14:59:02 GMT
access-control-allow-headers
origin,range,hdntl,hdnts
article-final.css
www.mid-day.com/ 		74 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mid-day.com/article-final.css?v=1.4.0
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
35241e4062ea7a64b954e61dd502f7c0e84e90d2a2896c54dea259dfdd56bc07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=1800
content-encoding
gzip
age
2323182
access-control-allow-methods
GET,POST,OPTIONS
x-llid
e80290c8e1847090ea021c9ab40265bd
expires
Sun, 20 Oct 2024 11:45:58 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
11054
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
text/css
vary
Accept-Encoding
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
last-modified
Tue, 04 Jun 2024 10:51:12 GMT
access-control-allow-headers
origin,range,hdntl,hdnts
js
www.googletagmanager.com/gtag/ 		341 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RDEK79CX92
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
73209eee7809461a37363b8829d979f67ac90de5d6173e3b9e1dc8a223a7bf46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 16 Nov 2024 08:35:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
113592
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		318 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0L1JN6H4MQ
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
424dff317267b9430bf9790d816b0af45270fe0a427d5439c0e52fb862d41130
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 16 Nov 2024 08:35:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108779
x-xss-protection
0
server
Google Tag Manager
jquery.min.js
www.mid-day.com/assets/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mid-day.com/assets/js/jquery.min.js
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=1800
content-encoding
gzip
age
42484
access-control-allow-methods
GET,POST,OPTIONS
x-llid
f559f80b542bf7bf6612cdb09cba2e26
expires
Fri, 15 Nov 2024 21:17:36 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
30916
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
last-modified
Fri, 19 Feb 2021 05:20:27 GMT
access-control-allow-headers
origin,range,hdntl,hdnts
cmp.js
cmp.uniconsent.com/v2/a635e66530/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v2/a635e66530/cmp.js
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
599ba372da0eaac6e1f80614010b1ffe637aea22f086ae69975502d37fc7021e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"ea3af9b8d0b36fcb198fe1f7c0b110eb"
age
22391
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frbif1yEN2vwXXznvsxUVqYC%2BiGKY03Dv%2BFlYBCroFuGalm5kBtde7pudE0Qsov3pqemRzt1U2RWZ0fjf7d2lIwTqezsAtu0CFnAWU9j7B62W8oD6ijRDKleBHiaBsb6kZemccqwYSCxXzkASvrjS2c%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19724&sent=17&recv=13&lost=0&retrans=0&sent_bytes=6765&recv_bytes=4699&delivery_rate=116168&cwnd=12000&unsent_bytes=0&cid=3544fc837a614e39&ts=104&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 01 Nov 2024 10:56:42 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
HIT
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e362623d825bb39-CDG
access-control-allow-origin
*
server
cloudflare
lozad.js
www.mid-day.com/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mid-day.com/assets/js/lozad.js
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
eb7cef76e81305b0414a94a336c3b32d103c6cea2c65cac39058e29a7d556141

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=1800
content-encoding
gzip
age
489414
access-control-allow-methods
GET,POST,OPTIONS
x-llid
b4e983eadb02fd87bb5562d4acfed5fd
expires
Sun, 10 Nov 2024 17:08:46 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1262
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
last-modified
Wed, 12 Jan 2022 12:46:26 GMT
access-control-allow-headers
origin,range,hdntl,hdnts
h.js
cdn.unblockia.com/ 		164 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unblockia.com/h.js
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:de00:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
br
x-amz-version-id
m8vKRZ4OANVjVfMIKL3cKYiXKt6EM9QQ
x-amz-meta-codebuild-content-md5
fb4d4b7b1d35720e2d2481016ef4369b
age
30103
etag
W/"bc5af0220c4116294c4e9c72ae4e244c"
x-cache
Hit from cloudfront
x-amz-cf-id
y1QUU3WELWVVV-7F3wwOK7mZg71oZsLxwYn1EEXewGwReMUNCgjzvA==
date
Sat, 16 Nov 2024 00:13:58 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:4e52eb3f-761b-4c10-a85a-162fb4fa3980
vary
accept-encoding, Origin
content-type
application/x-javascript
last-modified
Tue, 20 Jun 2023 10:06:46 GMT
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-meta-codebuild-content-sha256
02f1ef29ead1d705cce351046cded37a79615ae12624547bfa0e8307765c8765
x-amz-server-side-encryption
AES256
prebid_hb_463_692.js
d3u598arehftfk.cloudfront.net/ 		131 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3u598arehftfk.cloudfront.net/prebid_hb_463_692.js
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:b800:1f:946:f000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9dca0ebf628b5fb03124c0677877a855f2550b47b362499cf284b7263c159727

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

vary
accept-encoding
cache-control
public, max-age=864000
content-encoding
gzip
etag
W/"0f722858ce05a3046c7dadba5ed02533"
age
23456
via
1.1 098a60d50e7e132c276fd27b94c6212c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
5IwDl2EM8HXu9vEqXEm8vlOdGDio9Iq3RjaxUHM-QyZMzmKwd4kYzw==
date
Sat, 16 Nov 2024 02:04:45 GMT
content-type
application/javascript
last-modified
Tue, 12 Nov 2024 15:38:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
x-amz-server-side-encryption
AES256
app.js
www.mid-day.com/ 		630 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mid-day.com/app.js?v=5.6
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
2b8b11cd0e621871a6f756d0ada1f490a53ff1302a60d82c74ac9913f1053e58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=1800
content-encoding
gzip
age
1697769
access-control-allow-methods
GET,POST,OPTIONS
x-llid
a4529badef11c56ecaf5898e15711c98
expires
Sun, 27 Oct 2024 17:29:31 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
233
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
last-modified
Wed, 24 May 2023 07:15:13 GMT
access-control-allow-headers
origin,range,hdntl,hdnts
b5eb5c6f9b4db25c26358ae5851ba6f6dd37cc80.js
cdn.izooto.com/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/b5eb5c6f9b4db25c26358ae5851ba6f6dd37cc80.js
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e93a0995cc3f8b244a4fdb3fce133eb568a0ab858a17b53700586552da7787fa
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

cache-control
public, max-age=86400
content-encoding
br
cf-bgj
minify
etag
W/"6710fe6a-2146"
age
159462
cf-cache-status
HIT
cf-ray
8e3626237ddcd38c-FRA
expires
Sun, 17 Nov 2024 08:35:40 GMT
access-control-allow-origin
*
date
Sat, 16 Nov 2024 08:35:40 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 12:09:14 GMT
vary
Accept-Encoding
server
cloudflare
notification.gif
www.mid-day.com/assets/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mid-day.com/assets/images/notification.gif
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
c292858869fd67491a6ee992462a50a6c8347f96ea2e813ab751b12a2371da5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=432000
age
2009327
access-control-allow-methods
GET,POST,OPTIONS
x-llid
5fc9cb4e704f5d3c67ccddfb77c109e0
expires
Tue, 29 Oct 2024 02:26:53 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
14665
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
image/gif
last-modified
Wed, 11 Oct 2023 13:12:23 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
access-control-allow-headers
origin,range,hdntl,hdnts
webstories-icon-desktop.png
www.mid-day.com/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mid-day.com/assets/images/webstories-icon-desktop.png
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
0d36cfe9325d5f37b995fa2c9cde915cfa18f3703ea5d0afbdc58f943fb31178

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=432000
age
270861
access-control-allow-methods
GET,POST,OPTIONS
x-llid
3a3146c1c7865142ba3d05f50b0f0436
expires
Mon, 18 Nov 2024 05:21:19 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2772
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
image/png
last-modified
Wed, 13 Nov 2024 05:19:07 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
access-control-allow-headers
origin,range,hdntl,hdnts
youtube-shorts-icon.png
www.mid-day.com/assets/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mid-day.com/assets/images/youtube-shorts-icon.png
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
71c145abbe37de9ad025fad3eb5aaee246d09e7053adf8f67e49e8731156ece7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=432000
age
1166121
access-control-allow-methods
GET,POST,OPTIONS
x-llid
4ca3d8c0640828a909cd94722c6b3a6d
expires
Thu, 07 Nov 2024 20:40:19 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
7834
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
image/png
last-modified
Tue, 18 Jul 2023 08:29:12 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
access-control-allow-headers
origin,range,hdntl,hdnts
logo.png
www.mid-day.com/assets/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mid-day.com/assets/images/logo.png
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
1daca9602cdf517bef87cb793f5e3dc8006aef8ab1d8d1e23324a9756354b9c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=432000
age
42481
access-control-allow-methods
GET,POST,OPTIONS
x-llid
9fce84679b24df2eb895e5cfa6499365
expires
Wed, 20 Nov 2024 20:47:39 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
9609
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
image/png
last-modified
Fri, 19 Feb 2021 05:20:09 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
access-control-allow-headers
origin,range,hdntl,hdnts
webstories-icon.png
www.mid-day.com/assets/images/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mid-day.com/assets/images/webstories-icon.png
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
9233d56d5e161e66b84f66d3b163ec0df1e877244ba9a2b63086496ef9c805c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=432000
age
268028
access-control-allow-methods
GET,POST,OPTIONS
x-llid
89f1131f1a3d6f2e35c49ec7c7ffa73c
expires
Mon, 18 Nov 2024 06:08:32 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
62808
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
image/png
last-modified
Wed, 13 Nov 2024 05:19:06 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
access-control-allow-headers
origin,range,hdntl,hdnts
newspaper-icon.png
www.mid-day.com/assets/images/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mid-day.com/assets/images/newspaper-icon.png
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
8d7a37255ef12e0ce06939ccb723dd6d0a32938f49b0e3f29ed19c43be9b4224

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=432000
age
270861
access-control-allow-methods
GET,POST,OPTIONS
x-llid
4040a0d2392cfef95e18700334483ece
expires
Mon, 18 Nov 2024 05:21:19 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
93530
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
image/png
last-modified
Wed, 13 Nov 2024 05:19:56 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
access-control-allow-headers
origin,range,hdntl,hdnts
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/13184768/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Server
18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6a58f7d1814138ce7fb2194b071c7100cdfc3d30a95eef8223329dc65774bbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

vary
accept-encoding
cache-control
max-age=86400
content-encoding
gzip
etag
W/"e577c18a64fa27d73bcdf0c0433579b5"
age
15079
via
1.1 111f802abddccd55d219ff1635e1aa4a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
uxgCbi9SEP1NWMp_pfE0aar2tK-E3tIF87HtEzOkG1rDRiHtjhph-g==
date
Sat, 16 Nov 2024 04:24:22 GMT
content-type
application/javascript
last-modified
Mon, 28 Oct 2024 08:38:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256

Redirect headers

location
/internal-cs/default/beacon.js
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 111f802abddccd55d219ff1635e1aa4a.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
_WssviEy_5pYzslwSk-bzyxQlsMKdJS-at3Szi3jbVMNz_PkPeWlFw==
date
Sat, 16 Nov 2024 08:35:40 GMT
x-amz-cf-pop
FRA56-P11
izooto.js
cdn.izooto.com/scripts/sdk/ 		367 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sdk/izooto.js
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/b5eb5c6f9b4db25c26358ae5851ba6f6dd37cc80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b51348dd72cd443ce9226af2878a89ded9ccef65b28e0221a8e26af937ef2724
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

cache-control
public, max-age=1382400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6736f3cb-5bb34"
age
91517
cf-ray
8e362623ce78d38c-FRA
expires
Mon, 02 Dec 2024 08:35:40 GMT
access-control-allow-origin
*
date
Sat, 16 Nov 2024 08:35:40 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 07:10:03 GMT
vary
Accept-Encoding
server
cloudflare
latest-icons.png
www.mid-day.com/assets/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mid-day.com/assets/images/latest-icons.png
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
ed0374d852cf879c4e2d9c8f7f44f3c91409fcf880f715c823c6031df6677cbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=432000
age
42450
access-control-allow-methods
GET,POST,OPTIONS
x-llid
6209c7fd1c944ba25ef82ecac7858eac
expires
Wed, 20 Nov 2024 20:48:10 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
5501
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
image/png
last-modified
Tue, 03 Sep 2024 11:49:47 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
access-control-allow-headers
origin,range,hdntl,hdnts
main-v4.min.js
cmp.uniconsent.com/v2/ 		231 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v2/main-v4.min.js?v=gpv
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/a635e66530/cmp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ec63ff6a2d58f2c7b9a7fd30e855043ad7e1dc1466c001ab308645a13652572

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"53bb05fe6af84ddc4f6a606feb22d73d"
age
38439
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bNg%2FYaKAT9P6iZULzi62rKDJxs9S%2F0YyovFzLJ2y%2B0LWDfwxpQ5nR5UCe4IIyO7LM5QZSOGV2WuolW9qwFoye3ncPPQmKiEqqH21Wd1TxSdfXGi3vsbk8YsMcua53cSIAaFQ%2Bh14pjddMehbYuxgDDQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20278&sent=20&recv=15&lost=0&retrans=0&sent_bytes=8456&recv_bytes=5017&delivery_rate=69012&cwnd=12000&unsent_bytes=0&cid=3544fc837a614e39&ts=200&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 07 Nov 2024 21:45:56 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-cache-status
MISS
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3626246881bb39-CDG
access-control-allow-origin
*
server
cloudflare
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame BC00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mid-day.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
715272
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
8e3626250ac8bb5b-FRA
content-encoding
br
content-type
text/html
date
Sat, 16 Nov 2024 08:35:40 GMT
expires
Tue, 17 Dec 2024 08:35:40 GMT
last-modified
Tue, 14 May 2024 14:09:56 GMT
server
cloudflare
vary
Accept-Encoding
x-xss-protection
1; mode=block
shotbutton.png
www.mid-day.com/assets/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mid-day.com/assets/images/shotbutton.png
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.21 /
Resource Hash
980d2ef81bc1c12d58b12157f44d5e9bd08922f9fe6ba65d98093685ce03845f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=432000
age
456524
access-control-allow-methods
GET,POST,OPTIONS
x-llid
05d2ae89473c8cd7c203fcfbdd77781f
expires
Sat, 16 Nov 2024 01:46:56 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
35502
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
image/png
last-modified
Mon, 20 Feb 2023 09:10:48 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.21
access-control-allow-headers
origin,range,hdntl,hdnts
brand-media-1200x47.jpg
www.mid-day.com/assets/images/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mid-day.com/assets/images/brand-media-1200x47.jpg
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
73ab126d71cb95d15e2ec4f7d66cf410b5b88307492a9a7e941e6275004a3ce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=432000
age
507133
access-control-allow-methods
GET,POST,OPTIONS
x-llid
13f7278ce8ad05ea0672956aa6f6ba0a
expires
Fri, 15 Nov 2024 11:43:27 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
63114
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
image/jpeg
last-modified
Fri, 15 Mar 2024 11:36:40 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
access-control-allow-headers
origin,range,hdntl,hdnts
brand-media-340x300.jpg
www.mid-day.com/assets/images/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mid-day.com/assets/images/brand-media-340x300.jpg
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
e824755a2e1ba4f57ab1a6305a0c24337567d008cdddc26e1cff5422af2af4a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=432000
age
507185
access-control-allow-methods
GET,POST,OPTIONS
x-llid
7333f6a8a30888d860b9bb2da76ddbeb
expires
Fri, 15 Nov 2024 11:42:35 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
95346
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
image/jpeg
last-modified
Fri, 15 Mar 2024 11:36:39 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
access-control-allow-headers
origin,range,hdntl,hdnts
/
www.mid-day.com/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mid-day.com/
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

access-control-allow-headers
origin,range,hdntl,hdnts
content-encoding
gzip
age
237
access-control-allow-methods
GET,POST,OPTIONS
x-llid
6d2fac4b8a48c519a9982f479d028620
access-control-allow-origin
*
content-length
70144
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.33
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
vary
Accept-Encoding
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_463_692.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9764ff1757d808f168dc36d0237e56301b3b95c7cfd8dc3c523d8b86b39318de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-ray
8e36262699602c18-FRA
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
application/javascript; charset=utf-8
server
cloudflare
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
b20b848b-c8c8-4613-8c7c-64b38e235fc8
boot.pbstck.com/v1/tag/ 		1 KB
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://boot.pbstck.com/v1/tag/b20b848b-c8c8-4613-8c7c-64b38e235fc8
Requested by
Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_463_692.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90c31cfd67637b49fdfbb22ddcd345575ce97f9144c181184b86ba9bf1dbc86b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

cache-control
public,max-age=1200
timing-allow-origin
*
content-encoding
gzip
cf-cache-status
EXPIRED
cf-ray
8e3626253f304d5e-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
680
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
application/javascript
last-modified
Sat, 16 Nov 2024 08:35:41 GMT
vary
Accept-Encoding
server
cloudflare
postscribe.min.js
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Requested by
Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_463_692.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03faa-45f4"
age
141816
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=htAIUeTH%2F0o4b0XDyVPHFiPu93EAikxHRTx9M%2B0KPXQzbaZ2R11Vd6ahUP1l7GFUZh5jyVGMxZv5Bz98cJFZKpCoLQHpThytqLNJ6N1plOMWN34s%2FYNqXN90OnUkswna8NHgZxRYJFMsUITtW0pLccxY"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 08:35:40 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:15:38 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e362624f860901c-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5117
server
cloudflare
prebid_9_15_ng.js
hbagency.it/cdn/ 		475 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbagency.it/cdn/prebid_9_15_ng.js
Requested by
Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_463_692.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:ca9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
071944d2b86ed6a7fd9321c59934f4c6c57e0b31667f296e7730c9e6e95f1608

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"76db0-6240c02950497"
age
4872
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VlwOv82irQkTR9GTprNbYRETMMZWOgetuhxKEoOSRAg%2BNS%2FURtt8gTzYKPE9QWoP3dybLBRcktwjY%2B15mDlhTphFJS2URU%2BfDo5o4ZPOU41OgVW0xuLkQ5khYA1fH4N34sEsrrVDYp7ebQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10163&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4206&recv_bytes=4269&delivery_rate=79217&cwnd=12000&unsent_bytes=0&cid=0bad5d0e1e17ac74&ts=44&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
application/javascript
last-modified
Wed, 09 Oct 2024 14:24:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3626253b8d1941-FRA
access-control-allow-origin
*
server
cloudflare
icomoon.ttf
www.mid-day.com/assets/fonts/ 		6 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mid-day.com/assets/fonts/icomoon.ttf?f4wjas
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/article-final.css?v=1.4.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.21 /
Resource Hash
54c19a2a830cf2fdb99413a3a827b8aeedba0be9400732af4d033f253bcfa0bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mid-day.com
Referer
https://www.mid-day.com/article-final.css?v=1.4.0

Response headers

cache-control
max-age=432000
age
42476
access-control-allow-methods
GET,POST,OPTIONS
x-llid
65f09bda1cc1390956b336c0f0db068e
expires
Wed, 20 Nov 2024 20:47:44 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
6492
date
Sat, 16 Nov 2024 08:35:40 GMT
content-type
application/font-sfnt
last-modified
Fri, 19 Feb 2021 05:19:46 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.21
access-control-allow-headers
origin,range,hdntl,hdnts
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
800a93d7f8261d79d447e1549e3c0c2a0c44a78a27022f8ca980f5f91160fe5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
br
etag
7173996326069966042
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 08:35:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53407
x-xss-protection
0
server
cafe
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=13184768&cs_fpcu=1ae278aa27fc4d08888500356530f7d2&cs_it=b9&cv=4.9.0%2B2410250554&ns__t=1731746140969&ns_c=UTF-8&cs_cfg=110&cs_ucc=1&cs_cmp_id=0&cs_cmp_rt=0&cs_cmp_av=1.1&gpp_sid=-1&c7=https%3A%2F%2Fwww.mid-day.com%2Fbrand-media%2Farticle%2Ftim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922&c8=&c9=
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-27.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

via
1.1 111f802abddccd55d219ff1635e1aa4a.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
xmlj88iRpOK6VMJFWf7qYQ-lLhZrifbIN-7kZFLaNSJxJFMec3w_HA==
date
Sat, 16 Nov 2024 08:35:40 GMT
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
config.json
cmp.uniconsent.com/v2/a635e66530/ 		17 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v2/a635e66530/config.json
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main-v4.min.js?v=gpv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afbc3f93e29a8c25e8dcd86585595c5981004568730901c984adb5dac0edf70e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"de69d4e8c565a2ddafc6c7440d33f663"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N7WRjT5N%2FAN3JWWa2DvZWYYBkdFFPeO%2B%2BbI8uG7swydxXEpvyoWylLMtk2t9bVwMA%2FgRgPnmUO1kKsJXOOvz0%2Bux0sKL3ezo9FkXHQFC7Z3SfBUOM3nroUlcZ4ON1m8MF2iOUawUENoKrGZ1XpAeAzE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10508&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4206&recv_bytes=4283&delivery_rate=2029&cwnd=12000&unsent_bytes=0&cid=6f9ab6c0baadc6f0&ts=60&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
application/json
last-modified
Fri, 01 Nov 2024 10:56:42 GMT
vary
accept-encoding
priority
u=1,i
x-cache-status
HIT
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3626259cc41e1c-FRA
access-control-allow-origin
*
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0L1JN6H4MQ&gtm=45je4bc0v9106045940za200&_p=1731746140745&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101925629~102067554~102067808~102077855&cid=632086976.1731746141&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731746141&sct=1&seg=0&dl=https%3A%2F%2Fwww.mid-day.com%2Fbrand-media%2Farticle%2Ftim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1013
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0L1JN6H4MQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.mid-day.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RDEK79CX92&gtm=45je4bc0v878575584za200&_p=1731746140745&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101925629~102067554~102067808~102077855&cid=632086976.1731746141&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731746141&sct=1&seg=0&dl=https%3A%2F%2Fwww.mid-day.com%2Fbrand-media%2Farticle%2Ftim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922&dt=&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1042
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RDEK79CX92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.mid-day.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
text/plain
server
Golfe2
id.json
loader.unblockia.com/c/mid-day.com/ 		10 B
459 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://loader.unblockia.com/c/mid-day.com/id.json
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1c00:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8e485a6f4957d4d0095acae569db3810906733fffd9d93eaf3f9e49b4fbcf9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

access-control-expose-headers
*
x-amz-version-id
j6CGmUNGHMnnoQF79gltBHIIRe2j.Ezw
etag
"0f3854c3e914fc9d8a1ffbeae17a554d"
age
24235
x-cache
Hit from cloudfront
x-amz-cf-id
HweLEsNGY1jUmlZvEJ1KseuodO72wGuY85dT96F8GGKX-XqCCtHeHQ==
date
Sat, 16 Nov 2024 01:51:47 GMT
content-type
application/octet-stream
last-modified
Wed, 21 Aug 2024 11:01:50 GMT
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
10
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
user-sessions-b6ed2f5.js
cdn.pbstck.com/ 		38 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/user-sessions-b6ed2f5.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/b20b848b-c8c8-4613-8c7c-64b38e235fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07615b49d861c736c7e81e551e2043bda308d20edf7517f24280283c9ab3bbf6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

access-control-max-age
3000
content-encoding
br
cf-cache-status
HIT
etag
W/"9027c42100e8c3cae398170112fbce0d"
age
2665334
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 16 Oct 2024 10:32:07 GMT
x-amz-id-2
jIjeudnYqdF3CKRR/yoaAmc1yk/XuMUp8N/fKQB6DgCAb31fmi8sBGcwdxyO1rcpQ1w3+HHfVBg=
cache-control
public,max-age=31536000,immutable
x-amz-request-id
X6QQ65AQTJ1ZMH9R
cf-ray
8e362626bd5e8ec5-FRA
access-control-allow-origin
*
server
cloudflare
collector-eae2d9d.js
cdn.pbstck.com/ 		83 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/collector-eae2d9d.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/b20b848b-c8c8-4613-8c7c-64b38e235fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55c40122142b9f808329f491cdb14348a4d5fd223e22f6f9505fed26d796b541

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

access-control-max-age
3000
content-encoding
br
cf-cache-status
HIT
etag
W/"e2ab5ce637a59bedd632b513f4a1a404"
age
1461638
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 30 Oct 2024 09:32:15 GMT
x-amz-id-2
p6VYm3D6JDIPKAi6gvnmDE4wIyI+L7QMU+LjFSG202WNNRVqKC20h+ORFtA6/iF+s+GiJAOdnlc=
cache-control
public,max-age=31536000,immutable
x-amz-request-id
4D251NYXGBDWQB66
cf-ray
8e362626bd5d8ec5-FRA
access-control-allow-origin
*
server
cloudflare
/
cmp.uniconsent.com/json/ 		84 B
764 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/json/
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main-v4.min.js?v=gpv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee165ec526ffa39d8572d7d4bd5ddf5f44ba4c01cf04758523dc01469dd343a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K85k7w0Zpjz4zmA89YjuZbTAgyRt6Fl8%2Be1f5n7OngDFSMZGA3J5PId8Ssval%2FtfnHBFMVMYCcSwEvyTAEPf4mSHIGjpFK%2BbvPi2G0FQaMmT%2Fnt4xX6xyKdU9CFQrByZiALenmiOdiFYfz%2FmaXfJPn4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3626269d941e1c-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11729&sent=18&recv=12&lost=0&retrans=0&sent_bytes=9175&recv_bytes=4721&delivery_rate=119637&cwnd=12000&unsent_bytes=0&cid=6f9ab6c0baadc6f0&ts=221&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
application/json
vary
Origin
server
cloudflare
priority
u=1,i
/
t.unblockia.com/ 		0
271 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.unblockia.com/?sid=353&o=3&b=1&p=1&t=4
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:7800:10:be65:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

access-control-expose-headers
*
via
1.1 a9a00cd74e5659e3b49c7fab5dc2863a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
ytvwe24OtL6MNREkoBLD3vQFAW9eaP0jbVDGVnycVIVbU-UXPsozuw==
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P12
server
nginx/1.20.0
ui-de.json
cmp.uniconsent.com/v3/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v3/ui-de.json
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main-v4.min.js?v=gpv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
133ed7167d1279be015dd810ceb718008a75c1e517643829cd1eb9892ac45994

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"781f9efed53da8c1556902518922fed7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qGL8pz94xtbnAao2vNpkDuFM1m438X%2FIM%2BlUmA01VkAvDHryqJdb1eJaLMY%2Fff9wL7%2FGUgtRuQSaARaOTmehcKD464S4yAohjph%2BRpsFTw48gdzaRPs5ZlDsKxUN3nG%2F0AZ%2BmvOWuoqR5PLtkYFJBdk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11988&sent=21&recv=14&lost=0&retrans=0&sent_bytes=10011&recv_bytes=5357&delivery_rate=18827&cwnd=12000&unsent_bytes=0&cid=6f9ab6c0baadc6f0&ts=293&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
application/json
last-modified
Tue, 06 Aug 2024 20:37:52 GMT
vary
accept-encoding
priority
u=1,i
x-cache-status
HIT
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e362626ddbe1e1c-FRA
access-control-allow-origin
*
server
cloudflare
ui-de.json
cmp.uniconsent.com/v3/eazy/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v3/eazy/ui-de.json
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main-v4.min.js?v=gpv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b9ad817e5d81279a6c6dbc6d613a9fdb5f933dbec3e8e8cd00e36d5dfe8adfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"ccb1f4bba214d8f1ea9b6456b6862b31"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=30vM09suj4fIwpfRB1aJSutz1gl7Jo36MekKRSPG0J0F9NjbJm2nJfKcxjFOmhvJWBvHL9ZhYdrR6yi58Td7wRlUhEZeKndrKHb%2B%2BBuBMJau8H85HWa5FljE%2Bf38mtbqpgUtQU9BAnvty%2B45FEIf02k%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11911&sent=26&recv=18&lost=1&retrans=0&sent_bytes=12061&recv_bytes=5810&delivery_rate=170496&cwnd=12000&unsent_bytes=0&cid=6f9ab6c0baadc6f0&ts=332&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
application/json
last-modified
Tue, 06 Aug 2024 20:37:52 GMT
vary
accept-encoding
priority
u=1,i
x-cache-status
HIT
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3626274e181e1c-FRA
access-control-allow-origin
*
server
cloudflare
md-48.ico
www.mid-day.com/ 		1014 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.mid-day.com/md-48.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.21 /
Resource Hash
cdb7472e417951973afebc5d09195d515baa7f27aeb19fbb87083b3cd9730c83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=432000
age
2041908
access-control-allow-methods
GET,POST,OPTIONS
x-llid
63fcb4084370e7e6d2f3352df784d13d
expires
Mon, 28 Oct 2024 17:23:53 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1014
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
image/vnd.microsoft.icon
last-modified
Sun, 21 Feb 2021 10:00:17 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.21
access-control-allow-headers
origin,range,hdntl,hdnts
vendor-list.json
cmp.uniconsent.com/v3/ 		656 KB
109 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v3/vendor-list.json
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main-v4.min.js?v=gpv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2be6f27ff8c6808c277de0e51ab232e81400b25a84833e130eabf4f0c2fdc7f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"c4f2938321836e0c6d4dcab09f4a8e5d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fZ0nN3Frhg20F6zeErdrfD%2F9wJMOh7VTLvgcLikwbr68dT%2FcIRR3IV%2Bwl1W7m48ROtOXvsol5%2FuIzAYMWXzN%2FLIGuzNNe3J2SXvm5F8qBPSGdgs%2FeeSmhArSTIpaczQmPLAUugHG020yklRHeFv8SYc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11272&sent=29&recv=20&lost=1&retrans=0&sent_bytes=14021&recv_bytes=6172&delivery_rate=48305&cwnd=12000&unsent_bytes=0&cid=6f9ab6c0baadc6f0&ts=387&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
application/json
last-modified
Fri, 15 Nov 2024 19:57:01 GMT
vary
accept-encoding
priority
u=1,i
x-cache-status
HIT
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3626278e501e1c-FRA
access-control-allow-origin
*
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
gzip
age
26366
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 01:16:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 01:16:15 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"607873db-c1ce"
age
959539
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
application/javascript
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=315360000
referrer-policy
strict-origin
cf-ray
8e362627ba0c2c18-FRA
x-xss-protection
1; mode=block
server
cloudflare
purposes-de.json
cmp.uniconsent.com/v3/ 		48 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v3/purposes-de.json
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main-v4.min.js?v=gpv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d1d69fcf145d0f6c722789ea3de90a586b582342fd9e3abdd67dd872934cda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"0ac84735779f5b80e929204016f54438"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pa347xbnAVhlicZwh7jov1ecuAW15V85t3HO%2FAplbWNtPO7E%2Fc1vtfCmTz2tfAFMzp4yClFBKBWsga3hwmwCIS3alVa7DzUEjUG32aOJp8o4q8LgDP7YZV5C7an5aMfjkBv8VfSdnALKJLMvMrg1mCw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12189&sent=134&recv=62&lost=1&retrans=0&sent_bytes=128749&recv_bytes=8286&delivery_rate=3281464&cwnd=48000&unsent_bytes=0&cid=6f9ab6c0baadc6f0&ts=481&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
application/json
last-modified
Tue, 06 Aug 2024 20:37:51 GMT
vary
accept-encoding
priority
u=1,i
x-cache-status
HIT
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3626282efe1e1c-FRA
access-control-allow-origin
*
server
cloudflare
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-FSWTRSPSCW&gtm=45je4bc0v878575584za200&_p=1731746140745&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=1000h&tag_exp=101925629~102067554~102067808~102077855&cid=632086976.1731746141&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731746141&sct=1&seg=0&dl=https%3A%2F%2Fwww.mid-day.com%2Fbrand-media%2Farticle%2Ftim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922&dt=&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1470
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RDEK79CX92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.mid-day.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
554 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FSWTRSPSCW&cid=632086976.1731746141&gtm=45je4bc0v878575584za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067554~102067808~102077855
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RDEK79CX92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.mid-day.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FSWTRSPSCW&cid=632086976.1731746141&gtm=45je4bc0v878575584za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067554~102067808~102077855&tag_exp=101925629~102067554~102067808~102077855&z=1922280003
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 16 Nov 2024 08:35:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
additional-consent-providers.json
cmp.uniconsent.com/v2/a635e66530/ 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v2/a635e66530/additional-consent-providers.json
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main-v4.min.js?v=gpv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf7ce6a1e86b2de130df72399acc8a95295eaed02890b40c95c92e8f4f93010

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"def502627a456cf6d994f256649b2260"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ta25k%2Fr2BC2SR3a4svE05ulmOQZ%2BXnd19uQTUp%2Bm2ZckE5hC2kBalg%2F37sJN8whBpl20L4FfsYHkVgyg6UcafSXluSZBN2sCgIbX%2BdLTGQaAyKHb14IDaH4Yn4EqzJXx5%2BnM0rlxgdnKJWZsI738IME%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11085&sent=148&recv=65&lost=1&retrans=0&sent_bytes=141842&recv_bytes=8713&delivery_rate=283023&cwnd=48000&unsent_bytes=0&cid=6f9ab6c0baadc6f0&ts=564&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
application/json
last-modified
Fri, 01 Nov 2024 10:56:42 GMT
vary
accept-encoding
priority
u=1,i
x-cache-status
HIT
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e362628bf7d1e1c-FRA
access-control-allow-origin
*
server
cloudflare
web-vitals
intake.pbstck.com/v1/intake/ 		0
41 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://intake.pbstck.com/v1/intake/web-vitals?fcp=820.400&tId=b20b848b-c8c8-4613-8c7c-64b38e235fc8&v=none&s=none&c=1
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.mid-day.com/

Response headers

cf-ray
8e36262909f34d5e-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
date
Sat, 16 Nov 2024 08:35:41 GMT
server
cloudflare
web-vitals
intake.pbstck.com/v1/intake/ 		0
33 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://intake.pbstck.com/v1/intake/web-vitals?ttfb=605.400&tId=b20b848b-c8c8-4613-8c7c-64b38e235fc8&v=none&s=none&c=1
Requested by
Host: www.mid-day.com
URL: https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.mid-day.com/

Response headers

cf-ray
8e36262909f54d5e-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
date
Sat, 16 Nov 2024 08:35:41 GMT
server
cloudflare
vendors-v4.js
cmp.uniconsent.com/v2/ 		126 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v2/vendors-v4.js?v=gp3
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main-v4.min.js?v=gpv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38b83c54870d2a2bd1cc392c8134e1e96de460ec00e18016edf881412fc08a6a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mid-day.com
Referer
https://www.mid-day.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"d5db5f60323aab1116c40da87302c0bc"
age
32263
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oJQAk7OAT5CIoVCJYWXfSkt8oK1XMUtQuxK6WwSGWMSmmI%2F%2FFfFiRsrhydzZGkwXW3b6SWrqh4%2F1Cr5ejYOXpkX7BNuHy9%2BT4KDl%2FOYwE09KFIC95evGsKn0mCCOFXSyM3Vduqtx95XO6eSUyskgR%2BU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10775&sent=152&recv=67&lost=1&retrans=0&sent_bytes=144568&recv_bytes=9050&delivery_rate=62145&cwnd=48000&unsent_bytes=0&cid=6f9ab6c0baadc6f0&ts=707&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Thu, 07 Nov 2024 21:45:56 GMT
priority
u=3,i=?0
x-cache-status
MISS
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e362629c85d1e1c-FRA
access-control-allow-origin
*
server
cloudflare
logo.svg
www.mid-day.com/assets/images/ 		75 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mid-day.com/assets/images/logo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
1768d9dc97d33b8e658db25ac3c067ea13b8037addc2975490220a493acc1315

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mid-day.com/brand-media/article/tim-noakes-keto-gummies-south-africa-reviews-scam-exposed-active-keto-gummies-23279922

Response headers

cache-control
max-age=432000
content-encoding
gzip
age
246496
access-control-allow-methods
GET,POST,OPTIONS
x-llid
8bd6d66961f23c55ecfe09a5158c6eac
expires
Mon, 18 Nov 2024 12:07:25 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
39039
date
Sat, 16 Nov 2024 08:35:41 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
last-modified
Fri, 19 Feb 2021 05:20:09 GMT
access-control-allow-headers
origin,range,hdntl,hdnts
edge
cmp.uniconsent.com/v2/ 		0
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v2/edge
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main-v4.min.js?v=gpv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5329 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.mid-day.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a0eSm3CFLYO%2BOWnJy33trRHLWcxz%2BtReJxZ8GqpF%2FetwgqTOxL7QDgRUoGlwl1%2FIGxd3IQzw%2Fmoa4uj6D0C3ksUQj4Mq0pv5jnQBajFpvNyBdaKmDjdSqrl8n0I1GxBsBFpPK%2FZYV0sYdiCQEDOdY2w%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e362630ae521e1c-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9872&sent=174&recv=71&lost=1&retrans=0&sent_bytes=167719&recv_bytes=10086&delivery_rate=1425380&cwnd=48000&unsent_bytes=0&cid=6f9ab6c0baadc6f0&ts=1829&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 08:35:42 GMT
content-type
application/json
server
cloudflare
priority
u=1,i
access-control-allow-headers
Content-Type
nblk
sbp.izooto.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sbp.izooto.com
URL
https://sbp.izooto.com/nblk

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| __tcfapi function| __uspapi function| __gpp_addFrame function| __gpp_stub function| __gpp_msghandler function| __gpp function| gtag object| dataLayer function| $ function| jQuery object| _comscore function| comscorepvs string| domain2 string| domain object| _izq object| izConfig function| lozad string| __unic_cmp_id boolean| __unic_cmp_prod string| __unic_cmp_host function| __unic_loadapp string| used function| get_notification_data function| notification_ga object| navbar number| sticky string| dynamicmaintain object| _mgc string| _mgSingleJS656816 object| _mgq function| _mgqp number| _mgqt number| _mgqi function| _izooto function| shopping_track string| setorigin number| areweathome function| searchEnter boolean| hascmp_hbagency boolean| registerConsent_hbagency object| gob_hb object| gob_hb_g object| fdpCategories object| fdpSubCategories string| analytics_hbagency number| PREBID_TIMEOUT_hbagency number| PREBID_TIMEOUT_R_hbagency string| USER_ID_hbagency string| WEBSITE_ID_hbagency string| nomesite_hbagency string| domain_hbagency object| ZONE_ID object| headerbidding_mp object| hb_floors_hbagency object| adUnits_hbagency string| category_hbagency_adagio string| pagetype_hbagency_adagio string| domain_hbagency_adagio string| urlhb_3 string| urlHbstatsAnalytics object| pbjs_hbagencyicd number| cpmfixvideo_hbagency boolean| adagioanalytics_hbagency object| refreshedHB object| refreshedHBT object| refreshedHBPassback boolean| ispubstackHB object| safe_b_hbagency object| containsgg object| bidder number| j object| realTimeDataHB object| dp object| dpAdagio object| hbManager object| ADAGIO function| HBManager function| a0_0x5142 function| a0_0x5b32 object| COMSCORE object| ns_p object| google_tag_manager object| google_tag_data object| unicj function| __unic_start object| UnicI function| onYouTubeIframeAPIReady object| gaGlobal object| googletag function| postscribe object| pbjs_hbagencyicdChunk object| _pbjsGlobals object| invibes object| sas object| apntag object| pbstck object| pbstckQ object| Pubstack function| __unicapi object| a object| sw_consent number| __pbstck_consent string| __pbstck_page_id function| izootoEmailSubcriptionCallBack function| izootoEmailEventsCallback

8 Cookies

Domain/Path Name / Value
www.mid-day.com/ Name: AlteonP
Value: AG+7AwoEqMCjLV1JuaSsbg$$
.mgid.com/ Name: __cf_bm
Value: sY25hSP5HFZcLUBD3jhmu66rldWqmGtX1Olp9YLHf1c-1731746140-1.0.1.1-qS6Oeds_zRNPECPm_TN2Hzqm6jWuMwwiJkaRnwqdjZ78tnAhr71sGqpfMytAb8UDoXkr54LErmvScNt3xchLtQ
www.mid-day.com/ Name: _scor_uid
Value: 1ae278aa27fc4d08888500356530f7d2
.izooto.com/ Name: IZCID
Value: 923f64f8-fc8c-43f9-b4eb-1ca8e6372613
.mid-day.com/ Name: _ga_0L1JN6H4MQ
Value: GS1.1.1731746141.1.0.1731746141.0.0.0
.mid-day.com/ Name: _ga
Value: GA1.1.632086976.1731746141
.mid-day.com/ Name: _ga_RDEK79CX92
Value: GS1.1.1731746141.1.0.1731746141.0.0.0
.mid-day.com/ Name: _ga_FSWTRSPSCW
Value: GS1.1.1731746141.1.0.1731746141.60.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
boot.pbstck.com
cdn.izooto.com
cdn.pbstck.com
cdn.unblockia.com
cdnjs.cloudflare.com
cmp.uniconsent.com
csync.smilewanted.com
d3u598arehftfk.cloudfront.net
hbagency.it
intake.pbstck.com
jsc.mgid.com
loader.unblockia.com
pagead2.googlesyndication.com
region1.analytics.google.com
region1.google-analytics.com
sb.scorecardresearch.com
sbp.izooto.com
static.smilewanted.com
stats.g.doubleclick.net
t.unblockia.com
www.google.de
www.googletagmanager.com
www.mid-day.com
sbp.izooto.com
18.244.18.27
2001:4860:4802:34::36
216.58.206.38
2600:9000:225e:1c00:12:abfb:9280:93a1
2600:9000:225e:de00:12:abfb:9280:93a1
2600:9000:26e8:b800:1f:946:f000:21
2600:9000:2724:7800:10:be65:1fc0:93a1
2606:4700:10::6816:1ed1
2606:4700:10::6816:5d
2606:4700:10::ac43:1997
2606:4700:1::6813:854c
2606:4700:3033::6815:5329
2606:4700:3037::ac43:ca9a
2606:4700::6810:ff40
2606:4700::6811:190e
2a00:1450:4001:812::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9c
41.63.96.2
071944d2b86ed6a7fd9321c59934f4c6c57e0b31667f296e7730c9e6e95f1608
07615b49d861c736c7e81e551e2043bda308d20edf7517f24280283c9ab3bbf6
0d36cfe9325d5f37b995fa2c9cde915cfa18f3703ea5d0afbdc58f943fb31178
133ed7167d1279be015dd810ceb718008a75c1e517643829cd1eb9892ac45994
1768d9dc97d33b8e658db25ac3c067ea13b8037addc2975490220a493acc1315
1daca9602cdf517bef87cb793f5e3dc8006aef8ab1d8d1e23324a9756354b9c9
2b8b11cd0e621871a6f756d0ada1f490a53ff1302a60d82c74ac9913f1053e58
2be6f27ff8c6808c277de0e51ab232e81400b25a84833e130eabf4f0c2fdc7f7
35241e4062ea7a64b954e61dd502f7c0e84e90d2a2896c54dea259dfdd56bc07
38b83c54870d2a2bd1cc392c8134e1e96de460ec00e18016edf881412fc08a6a
424dff317267b9430bf9790d816b0af45270fe0a427d5439c0e52fb862d41130
4bf7ce6a1e86b2de130df72399acc8a95295eaed02890b40c95c92e8f4f93010
54c19a2a830cf2fdb99413a3a827b8aeedba0be9400732af4d033f253bcfa0bd
55c40122142b9f808329f491cdb14348a4d5fd223e22f6f9505fed26d796b541
599ba372da0eaac6e1f80614010b1ffe637aea22f086ae69975502d37fc7021e
6ec63ff6a2d58f2c7b9a7fd30e855043ad7e1dc1466c001ab308645a13652572
71c145abbe37de9ad025fad3eb5aaee246d09e7053adf8f67e49e8731156ece7
7249700f129f29f1436caa1b15b00aaa82f98a6bc92817bf4e18614f28264de8
73209eee7809461a37363b8829d979f67ac90de5d6173e3b9e1dc8a223a7bf46
73ab126d71cb95d15e2ec4f7d66cf410b5b88307492a9a7e941e6275004a3ce0
800a93d7f8261d79d447e1549e3c0c2a0c44a78a27022f8ca980f5f91160fe5c
8b9ad817e5d81279a6c6dbc6d613a9fdb5f933dbec3e8e8cd00e36d5dfe8adfa
8d7a37255ef12e0ce06939ccb723dd6d0a32938f49b0e3f29ed19c43be9b4224
90c31cfd67637b49fdfbb22ddcd345575ce97f9144c181184b86ba9bf1dbc86b
9233d56d5e161e66b84f66d3b163ec0df1e877244ba9a2b63086496ef9c805c8
9764ff1757d808f168dc36d0237e56301b3b95c7cfd8dc3c523d8b86b39318de
980d2ef81bc1c12d58b12157f44d5e9bd08922f9fe6ba65d98093685ce03845f
9813474490104290ed5b86594855e11e74670cb5bbb498c45100c26ffdd8533b
9dca0ebf628b5fb03124c0677877a855f2550b47b362499cf284b7263c159727
afbc3f93e29a8c25e8dcd86585595c5981004568730901c984adb5dac0edf70e
b51348dd72cd443ce9226af2878a89ded9ccef65b28e0221a8e26af937ef2724
b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21
c292858869fd67491a6ee992462a50a6c8347f96ea2e813ab751b12a2371da5a
c4b6ed2645519ec2c128badb2a2e7720052f8441ffa94c4f0bceca02311004da
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c8e485a6f4957d4d0095acae569db3810906733fffd9d93eaf3f9e49b4fbcf9e
cdb7472e417951973afebc5d09195d515baa7f27aeb19fbb87083b3cd9730c83
d6a58f7d1814138ce7fb2194b071c7100cdfc3d30a95eef8223329dc65774bbf
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e824755a2e1ba4f57ab1a6305a0c24337567d008cdddc26e1cff5422af2af4a6
e8af2f6134183ae960bfa90cba9533fdef7dbb297f1ad028ea8e3674d64a0796
e93a0995cc3f8b244a4fdb3fce133eb568a0ab858a17b53700586552da7787fa
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7cef76e81305b0414a94a336c3b32d103c6cea2c65cac39058e29a7d556141
ed0374d852cf879c4e2d9c8f7f44f3c91409fcf880f715c823c6031df6677cbd
eee165ec526ffa39d8572d7d4bd5ddf5f44ba4c01cf04758523dc01469dd343a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f7d1d69fcf145d0f6c722789ea3de90a586b582342fd9e3abdd67dd872934cda