secure05a-connect.itsaol.com Open in urlscan Pro
147.182.162.240 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secure05a-connect.itsaol.com/
Effective URL:
https://secure05a-connect.itsaol.com/
Submission: On October 23 via api (October 23rd 2024, 6:55:26 pm UTC) from US — Scanned from US

Summary HTTP 70 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 2 countries across 21 domains to perform 70 HTTP transactions. The main IP is 147.182.162.240, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is secure05a-connect.itsaol.com.
TLS certificate: Issued by E6 on October 3rd 2024. Valid for: 3 months.

This is the only time secure05a-connect.itsaol.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	147.182.162.240 147.182.162.240	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
2	34.232.201.130 34.232.201.130	14618 (AMAZON-AES) (AMAZON-AES)
6	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
2	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
4	142.251.40.131 142.251.40.131	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	142.250.80.36 142.250.80.36	15169 (GOOGLE) (GOOGLE)
1	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c40... 2a02:6ea0:c400::54	60068 (CDN77 _) (CDN77 _)
1	2620:100:a00b::a 2620:100:a00b::a	19750 (AS-CRITEO) (AS-CRITEO)
4	23.51.57.192 23.51.57.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.103.2 13.226.103.2	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:23c... 2600:9000:23cb:fe00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:29:1... 2620:1ec:29:1::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	23.44.111.29 23.44.111.29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	142.250.80.38 142.250.80.38	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.65.166 142.250.65.166	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
1	142.251.40.104 142.251.40.104	15169 (GOOGLE) (GOOGLE)
2	64.202.112.255 64.202.112.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 4	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
3	18.238.79.2 18.238.79.2	16509 (AMAZON-02) (AMAZON-02)
1	34.203.17.141 34.203.17.141	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
1 1	2600:1f18:730... 2600:1f18:730:b110:a86:b542:14a3:1dee	14618 (AMAZON-AES) (AMAZON-AES)
1	3.90.118.198 3.90.118.198	14618 (AMAZON-AES) (AMAZON-AES)
3	20.122.63.128 20.122.63.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	134.209.162.206 134.209.162.206	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
70	34

6 147.182.162.240 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: jointhealthactivator.com

secure05a-connect.itsaol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.201.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-201-130.compute-1.amazonaws.com

secure.revitalizejoints.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:824::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.36 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.226 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::54 (New York, United States)

ASN60068 (CDN77 _, GB)

tags.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::a (United States)

ASN19750 (AS-CRITEO, US)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.51.57.192 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-192.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.103.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-103-2.jfk52.r.cloudfront.net

d9i5ve8f04qxt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23cb:fe00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.44.111.29 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-111-29.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.80.38 (Plainview, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f6.1e100.net

12763245.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
14623190.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.166 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::200e (United States) 1 redirects

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.104 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.10.30 (Cyprus) 1 redirects

ASN203690 (RTB-HOUSE-ASH, CY)
PTR: ip-185-184-10-30.rtbhouse.net

us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.238.79.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-79-2.jfk52.r.cloudfront.net

d1pqvb2h9xgm7r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.17.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-17-141.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:a86:b542:14a3:1dee (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.90.118.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-118-198.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.162.206 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

service3.purehealthresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 12763245.fls.doubleclick.net — Cisco Umbrella Rank: 314054 td.doubleclick.net — Cisco Umbrella Rank: 192 ad.doubleclick.net — Cisco Umbrella Rank: 150 14623190.fls.doubleclick.net — Cisco Umbrella Rank: 527059 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	2 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 634 p.clarity.ms — Cisco Umbrella Rank: 6522 c.clarity.ms — Cisco Umbrella Rank: 1236	30 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	554 KB
6	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3182 wave.outbrain.com — Cisco Umbrella Rank: 3153 tr.outbrain.com — Cisco Umbrella Rank: 3133	13 KB
6	itsaol.com secure05a-connect.itsaol.com	465 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 817	139 KB
5	creativecdn.com 1 redirects tags.creativecdn.com — Cisco Umbrella Rank: 6648 us.creativecdn.com — Cisco Umbrella Rank: 2787	4 KB
4	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3517 i.liadm.com — Cisco Umbrella Rank: 554 rp.liadm.com — Cisco Umbrella Rank: 925 rp4.liadm.com — Cisco Umbrella Rank: 5447	45 KB
4	cloudfront.net d9i5ve8f04qxt.cloudfront.net d1pqvb2h9xgm7r.cloudfront.net	22 KB
4	gstatic.com fonts.gstatic.com	90 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 147	1 KB
2	criteo.com dynamic.criteo.com — Cisco Umbrella Rank: 3850 gum.criteo.com — Cisco Umbrella Rank: 461 sslwidget.criteo.com Failed	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 77	12 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	81 KB
2	revitalizejoints.com secure.revitalizejoints.com	2 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 190	771 B
1	purehealthresearch.com service3.purehealthresearch.com — Cisco Umbrella Rank: 242357
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	youtube-nocookie.com www.youtube-nocookie.com — Cisco Umbrella Rank: 3607
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
70	21

	Domain	Requested by
7	www.googletagmanager.com	secure05a-connect.itsaol.com www.googletagmanager.com
6	secure05a-connect.itsaol.com	secure05a-connect.itsaol.com
5	analytics.tiktok.com	secure05a-connect.itsaol.com analytics.tiktok.com
4	us.creativecdn.com	1 redirects secure05a-connect.itsaol.com
4	fonts.gstatic.com	fonts.googleapis.com
3	p.clarity.ms	www.clarity.ms
3	d1pqvb2h9xgm7r.cloudfront.net	d9i5ve8f04qxt.cloudfront.net
3	td.doubleclick.net	www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	tr.outbrain.com	amplify.outbrain.com
2	wave.outbrain.com	amplify.outbrain.com
2	analytics.google.com	1 redirects www.googletagmanager.com
2	14623190.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	ad.doubleclick.net	secure05a-connect.itsaol.com
2	12763245.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.clarity.ms	secure05a-connect.itsaol.com www.clarity.ms
2	amplify.outbrain.com	secure05a-connect.itsaol.com amplify.outbrain.com
2	www.facebook.com	secure05a-connect.itsaol.com
2	www.youtube.com	secure05a-connect.itsaol.com www.youtube.com
2	connect.facebook.net	secure05a-connect.itsaol.com connect.facebook.net
2	secure.revitalizejoints.com	secure05a-connect.itsaol.com secure.revitalizejoints.com
1	c.bing.com	1 redirects
1	service3.purehealthresearch.com	secure05a-connect.itsaol.com
1	rp4.liadm.com	secure05a-connect.itsaol.com
1	rp.liadm.com	1 redirects
1	gum.criteo.com	dynamic.criteo.com
1	i.liadm.com	b-code.liadm.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.google-analytics.com	secure05a-connect.itsaol.com
1	b-code.liadm.com	www.googletagmanager.com
1	d9i5ve8f04qxt.cloudfront.net	www.googletagmanager.com
1	dynamic.criteo.com	www.googletagmanager.com
1	tags.creativecdn.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	secure05a-connect.itsaol.com
1	www.google.com	1 redirects
1	www.youtube-nocookie.com	secure05a-connect.itsaol.com
1	fonts.googleapis.com	secure05a-connect.itsaol.com
0	sslwidget.criteo.com Failed	dynamic.criteo.com
70	38

This site contains no links.

Subject Issuer	Validity	Valid
jointhealthactivator.com E6	`2024-10-03` - `2025-01-01`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
secure.revitalizejoints.com Sectigo RSA Domain Validation Secure Server CA	`2024-06-03` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-01` - `2024-10-30`	3 months	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
1589314308.rsc.cdn77.org E5	`2024-10-16` - `2025-01-14`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2024-04-05` - `2025-04-30`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
service3.purehealthresearch.com E5	`2024-10-03` - `2025-01-01`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://secure05a-connect.itsaol.com/
Frame ID: 37B9B1F945572391BA66C1361F35CA3D
Requests: 59 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/DZVFWjPceZk?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Frame ID: 1535EC635B197C143E8D5892AAC34660
Requests: 1 HTTP requests in this frame

Frame: https://12763245.fls.doubleclick.net/activityi;dc_pre=CNHzl-uWpYkDFVoBTwgd97wVjQ;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=9118912015461;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=1003989044;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186757664z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F
Frame ID: 725793D535393C90F7B64C369A8F803A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=9118912015461;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=1003989044;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186757664z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F
Frame ID: B499D53EE06558E4A243E1C844CBBBEB
Requests: 1 HTTP requests in this frame

Frame: https://14623190.fls.doubleclick.net/activityi;dc_pre=CMbOm-uWpYkDFeMMTwgdKvo0lw;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=1029874078530;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=37044736;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101794736~101823847;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F
Frame ID: 60DB6E3FBB1A53A0F0D8E839014EBB6A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=1029874078530;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=37044736;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101794736~101823847;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F
Frame ID: F70056E95459DF4F1A5F36D91E1361D8
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-633CCXW5Y6&gacid=1932655865.1729709719&gtm=45je4ah0v9171594360z89132898246za200zb9132898246&dma=0&gcs=G111&gcd=13v3v3v3v5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101823847&z=1752181367
Frame ID: EDE8A6A22F32793C0CCFBDEF96A074A5
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/b-00mi?duid=bc6374f70603--01jaxbqfxbcpzca4h1m1adyykh&euns=1&pt=500&s=&version=v3.2.0&cd=.itsaol.com
Frame ID: 7CC26C34BABCDAB0F0CB01C3EBFAF112
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=secure05a-connect.itsaol.com&origin=onetag
Frame ID: 14C0EEE11D7881477F9C84BE532F2554
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Joint Complex

Page URL History Show full URLs

http://secure05a-connect.itsaol.com/ HTTP 307
https://secure05a-connect.itsaol.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

70
Requests

83 %
HTTPS

44 %
IPv6

21
Domains

38
Subdomains

34
IPs

2
Countries

1481 kB
Transfer

3514 kB
Size

46
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secure05a-connect.itsaol.com/ HTTP 307
https://secure05a-connect.itsaol.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v3v5l1&tag_exp=101686685~101823847&rnd=1383666501.1729709719&url=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F&dma=0&npa=0&gtm=45He4ah0n81P6VCWSGv9132898246za200&auid=1724272410.1729709719 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v3v5l1&tag_exp=101686685~101823847&rnd=1383666501.1729709719&url=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F&dma=0&npa=0&gtm=45He4ah0n81P6VCWSGv9132898246za200&auid=1724272410.1729709719

Request Chain 32

https://12763245.fls.doubleclick.net/activityi;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=9118912015461;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=1003989044;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186757664z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F HTTP 302
https://12763245.fls.doubleclick.net/activityi;dc_pre=CNHzl-uWpYkDFVoBTwgd97wVjQ;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=9118912015461;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=1003989044;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186757664z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F

Request Chain 35

https://14623190.fls.doubleclick.net/activityi;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=1029874078530;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=37044736;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101794736~101823847;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F HTTP 302
https://14623190.fls.doubleclick.net/activityi;dc_pre=CMbOm-uWpYkDFeMMTwgdKvo0lw;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=1029874078530;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=37044736;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101794736~101823847;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F

Request Chain 38

https://analytics.google.com/g/collect?v=2&tid=G-633CCXW5Y6&gtm=45je4ah0v9171594360z89132898246za200zb9132898246&_p=1729709717274&_gaz=1&gcs=G111&gcd=13v3v3v3v5l1&npa=0&dma=0&tag_exp=101686685~101823847&cid=1932655865.1729709719&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1729709719&sct=1&seg=0&dl=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F&dt=Joint%20Complex&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=2845 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1932655865.1729709719&dbk=3335580907395703522&dma=0&en=page_view&gcs=G111&gtm=45je4ah0v9171594360z89132898246za200zb9132898246&npa=0&tid=G-633CCXW5Y6&dl=https%3A%2F%2Fsecure05a-connect.itsaol.com%3F

Request Chain 47

https://us.creativecdn.com/tags/v2?type=json HTTP 307
https://us.creativecdn.com/tags/v2?type=json&tc=1

Request Chain 54

https://rp.liadm.com/j?dtstmp=1729709719639&aid=b-00mi&se=e30&duid=bc6374f70603--01jaxbqfxbcpzca4h1m1adyykh&tv=v3.2.0&pu=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F&wpn=lc-bundle&wpv=v3.2.0&cd=.itsaol.com&c=PHRpdGxlPkpvaW50IENvbXBsZXg8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPjxoMSBjbGFzcz0idmlkZW8taGVhZGxpbmUiPkJvbmUgT24gQm9uZSBKb2ludHM_IFRyeSBUaGlzIDE1IFNlY29uZCBTb2x1dGlvbjwvaDE- HTTP 302
https://rp4.liadm.com/j?dtstmp=1729709719639&aid=b-00mi&se=e30&duid=bc6374f70603--01jaxbqfxbcpzca4h1m1adyykh&tv=v3.2.0&pu=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F&wpn=lc-bundle&wpv=v3.2.0&cd=.itsaol.com&c=PHRpdGxlPkpvaW50IENvbXBsZXg8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPjxoMSBjbGFzcz0idmlkZW8taGVhZGxpbmUiPkJvbmUgT24gQm9uZSBKb2ludHM_IFRyeSBUaGlzIDE1IFNlY29uZCBTb2x1dGlvbjwvaDE-&i6=MmEwNDpjNjA0OjYxNToxOjo2&n3pc=true

Request Chain 64

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8E28658537CB42D0A4D7AA3A4BF49433&RedC=c.clarity.ms&MXFR=29DFD25468AA6656263DC7756CAA6863 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8E28658537CB42D0A4D7AA3A4BF49433&MUID=2CCB4270120368D814D557511369692E

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
secure05a-connect.itsaol.com/
Redirect Chain

http://secure05a-connect.itsaol.com/
https://secure05a-connect.itsaol.com/

50 KB
14 KB

575ms
281ms

Document
text/html

147.182.162.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure05a-connect.itsaol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 147.182.162.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jointhealthactivator.com
Software: nginx / Express
Resource Hash: edf1e42e2c2c5dae19cab4eeac73ac99c29cea56924ee6baf82d1df736356861

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 23 Oct 2024 18:55:17 GMT
ETag: W/"c7fe-FavP/5Co+dlACkHsLo9R+e2tRDc"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Express

Redirect headers

Location: https://secure05a-connect.itsaol.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 19 KB
2 KB 456ms
148ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap

Requested by

Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

332d979e6f0fa7b45d18cd42551204564cd6a0037f1a63f7e5257854121f6067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 18:55:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 18:55:17 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 23 Oct 2024 18:54:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK play-img-d.gif
secure05a-connect.itsaol.com/img/video/ 191 KB
191 KB 143ms
142ms Image
image/gif 147.182.162.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure05a-connect.itsaol.com/img/video/play-img-d.gif
Requested by: Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 147.182.162.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jointhealthactivator.com
Software: nginx / Express
Resource Hash: d4ad32064fd80630bf6268c334ea5fa0e7a01828051761982d3c7c6c00708706

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

Cache-Control: public, max-age=0
ETag: W/"2fcbd-18fec5f3dcd"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 195773
Date: Wed, 23 Oct 2024 18:55:17 GMT
Content-Type: image/gif
X-Powered-By: Express
Server: nginx
Last-Modified: Thu, 06 Jun 2024 07:06:55 GMT

GET
H2 200 UCAffiliateNetworkPixel Show response
secure.revitalizejoints.com/cgi-bin/ 2 KB
1 KB 448ms
144ms Script
text/javascript 34.232.201.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.revitalizejoints.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.232.201.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-201-130.compute-1.amazonaws.com

Software

Apache /

Resource Hash

0e9a75e38a031b9b09c05c8d122817256fac59698e92fce19dd1816c04a27ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
content-length: 855
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 23 Oct 2024 18:55:18 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Apache

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 408 KB
121 KB 491ms
187ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Requested by

Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f1a53180832b15e7e5a0d5dff652262db0a419ed79d3f403c7a8432075bacf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 23 Oct 2024 18:55:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 18:55:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 123244
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 228 KB
58 KB 295ms
138ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 18:55:17 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=138, rtx=0, c=24, mss=1232, tbw=8176, tp=13, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: 8Vq8ZMm7OkmFh6mLSSZj5ogR+L6boCXugk9/1A8b64f2Zgo1tsOeq/nUJg2pbTvArfyBLmAJFenDzT6bzrZCMQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59508
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 DZVFWjPceZk
www.youtube-nocookie.com/embed/ Frame 1535 0
0 514ms
225ms Document
text/html 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/DZVFWjPceZk?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Requested by

Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure05a-connect.itsaol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 18:55:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 492ms
189ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d426094c168051f30c71c81f5a51fe910cd31d2cdb2138d71ea0db1029c1186f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-encoding: br
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options: nosniff
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires: Wed, 23 Oct 2024 18:55:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Wed, 23 Oct 2024 18:55:18 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK play-img-d.gif
secure05a-connect.itsaol.com/img/video/ 191 KB
191 KB 145ms
144ms Image
image/gif 147.182.162.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure05a-connect.itsaol.com/img/video/play-img-d.gif
Requested by: Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 147.182.162.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jointhealthactivator.com
Software: nginx / Express
Resource Hash: d4ad32064fd80630bf6268c334ea5fa0e7a01828051761982d3c7c6c00708706

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

Cache-Control: public, max-age=0
ETag: W/"2fcbd-18fec5f3dcd"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 195773
Date: Wed, 23 Oct 2024 18:55:17 GMT
Content-Type: image/gif
X-Powered-By: Express
Server: nginx
Last-Modified: Thu, 06 Jun 2024 07:06:55 GMT

GET
H3 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 26 KB
27 KB 313ms
141ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure05a-connect.itsaol.com
Referer: https://fonts.googleapis.com/

Response headers

age: 556835
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 08:14:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 08:14:42 GMT
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27120
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 418ms
246ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure05a-connect.itsaol.com
Referer: https://fonts.googleapis.com/

Response headers

age: 556850
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 08:14:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 08:14:27 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 27 KB
27 KB 316ms
144ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure05a-connect.itsaol.com
Referer: https://fonts.googleapis.com/

Response headers

age: 10272
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 16:04:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 16:04:05 GMT
last-modified: Tue, 26 Apr 2022 15:45:46 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27976
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 368ms
196ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure05a-connect.itsaol.com
Referer: https://fonts.googleapis.com/

Response headers

age: 88049
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 18:27:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 18:27:48 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK lisa-king-d.png
secure05a-connect.itsaol.com/img/featured-on/king/ 62 KB
62 KB 408ms
143ms Image
image/png 147.182.162.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure05a-connect.itsaol.com/img/featured-on/king/lisa-king-d.png
Requested by: Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 147.182.162.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jointhealthactivator.com
Software: nginx / Express
Resource Hash: d86dc3454bdf2110a74e7ba300b641a0700839347df9e6d08232dbbcde4fcde4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

Cache-Control: public, max-age=0
ETag: W/"f6d8-18fec5f3cdd"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63192
Date: Wed, 23 Oct 2024 18:55:18 GMT
Content-Type: image/png
X-Powered-By: Express
Server: nginx
Last-Modified: Thu, 06 Jun 2024 07:06:55 GMT

GET
H/1.1 200
OK featured-logo-d.svg
secure05a-connect.itsaol.com/img/featured-on/king/ 8 KB
4 KB 425ms
144ms Image
image/svg+xml 147.182.162.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure05a-connect.itsaol.com/img/featured-on/king/featured-logo-d.svg
Requested by: Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 147.182.162.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jointhealthactivator.com
Software: nginx / Express
Resource Hash: 3bb5fdf2030456fac4167dd69ab5137a70fd2bbf29931859454ead1057cb0a71

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: public, max-age=0
Content-Encoding: gzip
ETag: W/"1e33-18fec5f3cdd"
Connection: keep-alive
Date: Wed, 23 Oct 2024 18:55:18 GMT
Content-Type: image/svg+xml
Vary: Accept-Encoding
Server: nginx
Last-Modified: Thu, 06 Jun 2024 07:06:55 GMT
X-Powered-By: Express

GET
H3 200 1564727430697990 Show response
connect.facebook.net/signals/config/ 114 KB
22 KB 290ms
290ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1564727430697990?v=2.9.173&r=stable&domain=secure05a-connect.itsaol.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

b3410f7a7e5c6008e6b385ef1ac7ed9ae898d01aa73de9b3d3f87cfad6526fc3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 18:55:18 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=77, mss=1232, tbw=71492, tp=69, tpl=0, uplat=153, ullat=0
pragma: public
x-fb-debug: xYHiwoz/R4Im+gvGITbt2yvYMcY6Fu/bQh5eng/AJloboWACx1w1Z6Uwx83bEBgO5bWDyDyuUZeiery2EvzIHQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/a62d836d/www-widgetapi.vflset/ 31 KB
10 KB 140ms
139ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a62d836d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f2c4bcb919e31182646d5e52650914f15a9cc8ff0847d30c4dc4adcd4c2653c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-encoding: br
age: 4245
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 17:44:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 17:44:33 GMT
last-modified: Mon, 21 Oct 2024 04:28:38 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10288
x-xss-protection: 0
server: sffe

GET
H2 200 UCAffiliateNetworkPixel
secure.revitalizejoints.com/cgi-bin/ 0
375 B 160ms
151ms Stylesheet
text/plain 34.232.201.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.revitalizejoints.com/cgi-bin/UCAffiliateNetworkPixel?t=0.25074628279893396&r=&u=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F
Requested by: Host: secure.revitalizejoints.com
URL: https://secure.revitalizejoints.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.201.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-201-130.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

date: Wed, 23 Oct 2024 18:55:18 GMT
server: Apache
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 438ms
139ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1564727430697990&ev=PageView&dl=https%3A%2F%2Fsecure05a-connect.itsaol.com&rl=&if=false&ts=1729709718528&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=12316&fbp=fb.1.1729709718524.881235151274994637&pm=1&hrl=6f19ff&ler=empty&cdl=API_unavailable&it=1729709718171&coo=false&cs_cc=1&cas=8363086123759757%2C7838478432919508%2C8310145692356020%2C7808196579309921%2C8291816517541543%2C26747147724898772%2C8091466284283326%2C7682833491828953%2C26354635170818523%2C8555092211170384%2C7943370402412903%2C7380041312118141%2C26332012029719400%2C7537928146268527%2C7569768856423732%2C6956987794406958%2C7643965295683699%2C7016066221832938%2C7034340400026828%2C7499405630081412%2C7849319038452565%2C7531362440252487%2C25098821783099281%2C6719320041512443%2C7102936886501940%2C8276521995696166%2C8802519899781626%2C6962207387217245%2C25483935424583699%2C7553474568045692%2C7283762228396572%2C7421018521278531%2C7915744731874721%2C7458278260953465%2C7341818752581711%2C7638175802899297%2C6915087971930441%2C6641473062599882%2C7491519880884208%2C6070152103082584%2C6229531447108410%2C7346808755354401%2C8574786112581764%2C7383774944992711%2C8770218846327864&exp=h3&rqm=GET

Requested by

Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=10, mss=1297, tbw=2937, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 23 Oct 2024 18:55:18 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 522ms
224ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1564727430697990&ev=PageView&dl=https%3A%2F%2Fsecure05a-connect.itsaol.com&rl=&if=false&ts=1729709718528&sw=1600&sh=1200&v=2.9.173&r=stable&ec=0&o=12316&fbp=fb.1.1729709718524.881235151274994637&pm=1&hrl=6f19ff&ler=empty&cdl=API_unavailable&it=1729709718171&coo=false&cs_cc=1&cas=8363086123759757%2C7838478432919508%2C8310145692356020%2C7808196579309921%2C8291816517541543%2C26747147724898772%2C8091466284283326%2C7682833491828953%2C26354635170818523%2C8555092211170384%2C7943370402412903%2C7380041312118141%2C26332012029719400%2C7537928146268527%2C7569768856423732%2C6956987794406958%2C7643965295683699%2C7016066221832938%2C7034340400026828%2C7499405630081412%2C7849319038452565%2C7531362440252487%2C25098821783099281%2C6719320041512443%2C7102936886501940%2C8276521995696166%2C8802519899781626%2C6962207387217245%2C25483935424583699%2C7553474568045692%2C7283762228396572%2C7421018521278531%2C7915744731874721%2C7458278260953465%2C7341818752581711%2C7638175802899297%2C6915087971930441%2C6641473062599882%2C7491519880884208%2C6070152103082584%2C6229531447108410%2C7346808755354401%2C8574786112581764%2C7383774944992711%2C8770218846327864&exp=h3&rqm=FGET

Requested by

Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429046670562295055"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 18:55:18 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: dkrzT4fbqD95vbTkd38RsquC8MOnnzIiLUTMz5up1LTJYChS3ykCy/XIkFlUtHFj7jaRxgLXkNAM+WzhHZoHDw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429046670562295055", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=10, mss=1297, tbw=3251, tp=-1, tpl=-1, uplat=77, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v3v5l1&tag_exp=101686685~101823847&rnd=1383666501.1729709719&url=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F&dma=0&npa=0&gtm=45He4ah0n81P6...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v3v5l1&tag_exp=101686685~101823847&rnd=1383666501.1729709719&url=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F&dma=0&npa=0&gtm=...

42 B
65 B

448ms
158ms

Ping
image/gif

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v3v5l1&tag_exp=101686685~101823847&rnd=1383666501.1729709719&url=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F&dma=0&npa=0&gtm=45He4ah0n81P6VCWSGv9132898246za200&auid=1724272410.1729709719

Requested by

Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/

Protocol

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Wed, 23 Oct 2024 18:55:19 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v3v5l1&tag_exp=101686685~101823847&rnd=1383666501.1729709719&url=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F&dma=0&npa=0&gtm=45He4ah0n81P6VCWSGv9132898246za200&auid=1724272410.1729709719
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 18:55:19 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 329 KB
109 KB 209ms
206ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-633CCXW5Y6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e59646b956058c8adae476d100a820a72c516dd53928ad5d824dc5d2a1afabaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 23 Oct 2024 18:55:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 18:55:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 111143
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 225 KB
81 KB 170ms
168ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12763245&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

589339e8289cd41df6a02f59899ce532b3cfd4d6a8bd4543455f01f71aab498f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 23 Oct 2024 18:55:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 18:55:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 82281
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 227 KB
81 KB 269ms
267ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14623190&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4520f4bff5cab0d6aeae23334f04b6761964030c12315dd6e3e8d4bfb1134437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 23 Oct 2024 18:55:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 18:55:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 18:40:10 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 82739
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 EuTwXXOV4Sc7dJbpixmK.js Show response
tags.creativecdn.com/ 5 KB
3 KB 528ms
135ms Script
application/javascript 2a02:6ea0:c400::54
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/EuTwXXOV4Sc7dJbpixmK.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ca9e609ef3f582aec6955e30de3ea1a0a33186bf6b10105d9e8391c4ba8ad21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=Dqq7NA==, md5=TM9Ddx5ISBq82bK8vb0n7Q==
content-encoding: gzip
etag: W/"4ccf43771e48481abcd9b2bcbdbd27ed"
x-77-cache: HIT
x-goog-stored-content-encoding: identity
expires: Mon, 07 Oct 2024 09:29:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 4724
date: Wed, 23 Oct 2024 18:55:19 GMT
content-type: application/javascript
last-modified: Mon, 07 Oct 2024 08:28:03 GMT
x-77-nzt-ray: f03d06135968fc09974619678180ed04
x-guploader-uploadid: AD-8ljvqeyiGUdNxgQFKzgv2hwNawkXRfEBGkFT279DZ5aRtcaJG5-AaAiyrvs_qfEW0Kp7cQIg
x-77-nzt: EgwBT3/O6QH3eQQAAAwBnJI73wG3VwYAAA
cache-control: public, max-age=3600
vary: Accept-Encoding
x-goog-storage-class: STANDARD
x-77-pop: newyorkUSNY
x-goog-generation: 1728289683362046
x-77-age: 1145
server: CDN77-Turbo

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 50 KB
21 KB 522ms
136ms Script
application/javascript 2620:100:a00b::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=108887

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

35ffa414a1027186a67da9418da101fd2c3ee3aed9c1ee01f7662a84ef61ff01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: public,max-age=10800
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 18:55:18 GMT
content-type: application/javascript; charset=utf-8
vary: Origin, Accept-Encoding
server: Kestrel

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 30 KB
9 KB 507ms
142ms Script
application/x-javascript 23.51.57.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7ba2efe3b4b4c0a0ea967ecbc0fa24ca9e773baff3c8449588a7a0bdb604863b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

Cache-Control: max-age=1200
Content-Encoding: gzip
ETag: "deed80c1260efaf92c17504503be8a88:1729621687.117761"
Connection: keep-alive
Expires: Wed, 23 Oct 2024 19:15:19 GMT
Accept-Ranges: bytes
X-CC: US
Content-Length: 9184
X-RG: NA
Date: Wed, 23 Oct 2024 18:55:19 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 22 Oct 2024 18:25:52 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 collect-g.js Show response
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 105 KB
20 KB 524ms
140ms Script
application/x-javascript 13.226.103.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.revitalizejoints.com
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.103.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-103-2.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbce52394fe6a49b42ec7c3eb2a5146948e786b7a6188502657ba28a062691dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-encoding: gzip
etag: "c8164200b1af114ca9af998ceedb1fc2"
age: 363738
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: yvQrgaG1FtiXvB5FnL-t4N7V-DXadY5E45vmJqcIIGyh6nS2f2OoOA==
date: Sat, 19 Oct 2024 13:53:02 GMT
content-type: application/x-javascript; charset=UTF-8
last-modified: Fri, 12 Jul 2024 12:32:30 GMT
cache-control: max-age=604800,s-maxage=604800
via: 1.1 911e28435e9a834f6bc712f4907c4312.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 20382
x-amz-cf-pop: JFK52-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
81 KB 233ms
230ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12763245

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ed4725f2263822bee18f6f7d0046b66dec20db5b5d28d63a5dc5e3d88a84c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 23 Oct 2024 18:55:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 18:55:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 83170
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 b-00mi.min.js Show response
b-code.liadm.com/ 130 KB
44 KB 524ms
141ms Script
application/javascript 2600:9000:23cb:fe00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/b-00mi.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:fe00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 230a4ab6a7ba73ae3e70accdc6d8002888d2edcdd12c982b6d798e27b9bdbc6b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

cache-control: public,max-age=86400
content-encoding: gzip
age: 3003
via: 1.1 23a7db9b99ad0ff99aeef1ab5f27e734.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: bG92H-Zho_iqQXw698h3mq3P-g49FiNstPUyiK42IOUeU1TSC9S9Tg==
date: Wed, 23 Oct 2024 18:05:16 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-cf-pop: JFK50-P1

GET
H2 200 lk2hxquxhr Show response
www.clarity.ms/tag/ 689 B
1 KB 621ms
231ms Script
application/x-javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/lk2hxquxhr?ref=gtm2
Requested by: Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6b48ee0aa2ab24409078f57a866ffb3871cc11bb2d7865bf3289ebaff908fc51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 689
date: Wed, 23 Oct 2024 18:55:19 GMT
content-type: application/x-javascript
x-azure-ref: 20241023T185519Z-r1f48bc6b86x8xv5tn5w4pbv1c000000069g000000008014

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
81 KB 384ms
382ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-14623190

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2fe9f157458c1487be5f4aaad0461ed4bdf219f96abe13d1f8514d04f830942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 23 Oct 2024 18:55:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 18:55:18 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 82753
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 623ms
241ms Script
application/javascript 23.44.111.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF31TNRC77U6J4TVF330&lib=ttq
Requested by: Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.29 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b1dcf4dbc576e07327f6dd8f5a8b64a18b5b3ec1b0e549f8b5a1315ded2a0bd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

content-encoding: gzip
expires: Wed, 23 Oct 2024 18:55:19 GMT
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=14
x-cache: TCP_MISS from a23-44-200-157.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Wed, 23 Oct 2024 18:55:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 58a5e76
x-tt-trace-host: 012180f69a7f42a71d0771def4c5a903729df80be743d8a65e67481c1de67b1d388e335bdfcaf0c1b05a4f9b53ec1987b22e34b3506a63a1af178b16e546347ed33047187f639c266919ee9f63c18ed06ba12128e22fbe437b986f2872c621b531
x-origin-response-time: 14,23.44.200.157
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24102318551969CC3C5975C10C336222-72C8A4809EF4CF90-00
content-length: 2170
x-tt-logid: 2024102318551969CC3C5975C10C336222
server: nginx

GET
H2

200

activityi;dc_pre=CNHzl-uWpYkDFVoBTwgd97wVjQ;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=9118912015461;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=1003989044;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u...
12763245.fls.doubleclick.net/ Frame 7257
Redirect Chain

https://12763245.fls.doubleclick.net/activityi;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=9118912015461;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=1003989044;uaa=;uab=;uafvl=;uamb=0;uam=;uap...
https://12763245.fls.doubleclick.net/activityi;dc_pre=CNHzl-uWpYkDFVoBTwgd97wVjQ;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=9118912015461;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=100398904...

0
0

177ms
168ms

Document
text/html

142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12763245.fls.doubleclick.net/activityi;dc_pre=CNHzl-uWpYkDFVoBTwgd97wVjQ;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=9118912015461;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=1003989044;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186757664z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12763245&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure05a-connect.itsaol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 619
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 18:55:19 GMT
expires: Wed, 23 Oct 2024 18:55:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 18:55:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12763245.fls.doubleclick.net/activityi;dc_pre=CNHzl-uWpYkDFVoBTwgd97wVjQ;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=9118912015461;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=1003989044;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186757664z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=9118912015461;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=1003989044;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;fr...
td.doubleclick.net/td/fls/rul/ Frame B499 0
0 494ms
163ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=9118912015461;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=1003989044;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186757664z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12763245&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure05a-connect.itsaol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 18:55:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=9118912015461;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=1003989044;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ps...
ad.doubleclick.net/ 0
23 B 392ms
218ms Image
image/png 142.250.65.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=9118912015461;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=1003989044;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186757664z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F?

Requested by

Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.166 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 23 Oct 2024 18:55:19 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"8036769971960838697"}],"aggregatable_trigger_data":[{"filters":[{"14":["19584294"]}],"key_piece":"0xd4aca29787b86c33","source_keys":["12","13","14","15","16","17","18","19","20","21","20472512","20472513","20472514","20472515","20516712","20516713","20516714","20516715"]},{"key_piece":"0x8fbd2e649b051791","not_filters":{"14":["19584294"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","20472512","20472513","20472514","20472515","20516712","20516713","20516714","20516715"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20472512":46,"20472513":46,"20472514":46,"20472515":4540,"20516712":43,"20516713":43,"20516714":43,"20516715":4237,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"12227461176185353950","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"8036769971960838697","filters":[{"14":["19584294"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"8036769971960838697","filters":[{"14":["19584294"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"8036769971960838697","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"8036769971960838697","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12763245"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H2

200

activityi;dc_pre=CMbOm-uWpYkDFeMMTwgdKvo0lw;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=1029874078530;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=37044736;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
14623190.fls.doubleclick.net/ Frame 60DB
Redirect Chain

https://14623190.fls.doubleclick.net/activityi;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=1029874078530;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=37044736;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
https://14623190.fls.doubleclick.net/activityi;dc_pre=CMbOm-uWpYkDFeMMTwgdKvo0lw;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=1029874078530;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=37044736;...

0
0

171ms
169ms

Document
text/html

142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14623190.fls.doubleclick.net/activityi;dc_pre=CMbOm-uWpYkDFeMMTwgdKvo0lw;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=1029874078530;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=37044736;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101794736~101823847;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14623190&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure05a-connect.itsaol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 623
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 18:55:19 GMT
expires: Wed, 23 Oct 2024 18:55:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 18:55:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://14623190.fls.doubleclick.net/activityi;dc_pre=CMbOm-uWpYkDFeMMTwgdKvo0lw;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=1029874078530;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=37044736;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101794736~101823847;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=1029874078530;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=37044736;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=...
td.doubleclick.net/td/fls/rul/ Frame F700 0
0 397ms
156ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=1029874078530;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=37044736;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101794736~101823847;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14623190&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure05a-connect.itsaol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 18:55:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=1029874078530;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=37044736;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscd...
ad.doubleclick.net/ 0
23 B 300ms
219ms Image
image/png 142.250.65.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=1029874078530;npa=0;auiddc=1724272410.1729709719;ps=1;pcor=37044736;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101686685~101794736~101823847;epver=2;~oref=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F?

Requested by

Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.166 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 23 Oct 2024 18:55:19 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"742427675603706384"}],"aggregatable_trigger_data":[{"filters":[{"14":["102347144"]}],"key_piece":"0xc39d9707b6fc89e9","source_keys":["12","13","14","15","16","17","18","19","20","21","19189924","19189925","19189926","19189927","19198980","19198981","19198982","19198983","24100060","24100061","24100062","24100063","24109836","24109837","24109838","24109839"]},{"key_piece":"0x866b929d4bd41aa","not_filters":{"14":["102347144"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","19189924","19189925","19189926","19189927","19198980","19198981","19198982","19198983","24100060","24100061","24100062","24100063","24109836","24109837","24109838","24109839"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"19189924":36,"19189925":36,"19189926":36,"19189927":3530,"19198980":34,"19198981":34,"19198982":34,"19198983":3345,"20":65,"21":6356,"24100060":40,"24100061":40,"24100062":40,"24100063":3973,"24109836":36,"24109837":36,"24109838":36,"24109839":3530},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"18092054031445951299","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"742427675603706384","filters":[{"14":["102347144"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"742427675603706384","filters":[{"14":["102347144"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"742427675603706384","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"742427675603706384","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14623190"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-633CCXW5Y6&gtm=45je4ah0v9171594360z89132898246za200zb9132898246&_p=1729709717274&_gaz=1&gcs=G111&gcd=13v3v3v3v5l1&npa=0&dma=0&tag_exp=101686685~1018...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1932655865.1729709719&dbk=3335580907395703522&dma=0&en=page_view&gcs=G111&gtm=45je4ah0v9171594360z89132898246za200zb913...

0
0

312ms
151ms

Fetch
text/plain

2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1932655865.1729709719&dbk=3335580907395703522&dma=0&en=page_view&gcs=G111&gtm=45je4ah0v9171594360z89132898246za200zb9132898246&npa=0&tid=G-633CCXW5Y6&dl=https%3A%2F%2Fsecure05a-connect.itsaol.com%3F
Requested by: Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/
Protocol: H2
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 23 Oct 2024 18:55:20 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1932655865.1729709719&dbk=3335580907395703522&dma=0&en=page_view&gcs=G111&gtm=45je4ah0v9171594360z89132898246za200zb9132898246&npa=0&tid=G-633CCXW5Y6&dl=https%3A%2F%2Fsecure05a-connect.itsaol.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 18:55:19 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
562 B 421ms
140ms Ping
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-633CCXW5Y6&cid=1932655865.1729709719&gtm=45je4ah0v9171594360z89132898246za200zb9132898246&aip=1&dma=0&gcs=G111&gcd=13v3v3v3v5l1&npa=0&frm=0&tag_exp=101686685~101823847
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-633CCXW5Y6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secure05a-connect.itsaol.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 18:55:19 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame EDE8 0
0 278ms
158ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-633CCXW5Y6&gacid=1932655865.1729709719&gtm=45je4ah0v9171594360z89132898246za200zb9132898246&dma=0&gcs=G111&gcd=13v3v3v3v5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101823847&z=1752181367

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-633CCXW5Y6&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure05a-connect.itsaol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 18:55:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 td
www.googletagmanager.com/ 0
18 B 159ms
157ms Image
text/plain 142.251.40.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-633CCXW5Y6&v=3&t=t&pid=548884152&dl=secure05a-connect.itsaol.com%2F&tdp=G-633CCXW5Y6;171594360;1;6;0&frm=0&rtg=132898246&rlo=3&slo=1&hlo=5&lst=1&pcid=132898246&z=0
Requested by: Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.104 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s79-in-f8.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Wed, 23 Oct 2024 18:55:19 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 200
OK 003a426391e24cb97c764e3405bdf58fc2 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 598ms
137ms Script
text/html 23.51.57.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/003a426391e24cb97c764e3405bdf58fc2

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.51.57.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-51-57-192.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=60
ob-sent-time: 1729642011954
Content-Encoding: gzip
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Connection: keep-alive
Expires: Wed, 23 Oct 2024 18:56:19 GMT
Access-Control-Allow-Origin: *
X-CC: US
Content-Length: 22
X-RG: NA
Date: Wed, 23 Oct 2024 18:55:19 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
x-traceid: 92a5c6b884f4a9b84fe4ba05108723f4

GET
H/1.1 200
OK 001ac323a28065f3d332528e5524186644 Show response
wave.outbrain.com/mtWavesBundler/handler/ 3 KB
2 KB 596ms
136ms Script
text/html 23.51.57.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/001ac323a28065f3d332528e5524186644

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.51.57.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-51-57-192.deploy.static.akamaitechnologies.com

Software

Resource Hash

7bb4ac9fb750ff57ea5d557e495d01bbd85c3629b7d4b19affae6b2bbb0c2914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=60
ob-sent-time: 1729709234611
Content-Encoding: gzip
ETag: W/"cf7-DcGdWYOKHkyTjZzHMUqkf8B2aq4"
Connection: keep-alive
Expires: Wed, 23 Oct 2024 18:56:19 GMT
Access-Control-Allow-Origin: *
X-CC: US
Content-Length: 1507
X-RG: NA
Date: Wed, 23 Oct 2024 18:55:19 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
x-traceid: d7823191d02acf491e425c4ee4914ff9

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ 26 B
301 B 411ms
137ms Fetch
text/html 23.51.57.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

Cache-Control: max-age=1200
Connection: keep-alive
Observe-Browsing-Topics: ?1
Expires: Wed, 23 Oct 2024 19:15:19 GMT
Access-Control-Allow-Origin: *
X-CC: US
Content-Length: 26
X-RG: NA
Date: Wed, 23 Oct 2024 18:55:19 GMT
Content-Type: text/html

GET
H/1.1 200
OK unifiedPixel Show response
tr.outbrain.com/ 53 B
321 B 640ms
180ms Fetch
image/gif 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?au=false&bust=019870825264159686&referrer=&cht=gtm&marketerId=003a426391e24cb97c764e3405bdf58fc2%2C001ac323a28065f3d332528e5524186644&name=PAGE_VIEW&dl=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F&g=1&zone=all&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 54
content-encoding: br
date: Wed, 23 Oct 2024 18:55:19 GMT
content-type: image/gif;
x-traceid: 586b6caa23569253bde541a3bb416a42

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 703ms
244ms Script
application/javascript 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=003a426391e24cb97c764e3405bdf58fc2,001ac323a28065f3d332528e5524186644

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 39
content-encoding: br
date: Wed, 23 Oct 2024 18:55:19 GMT
content-type: application/javascript
x-traceid: 91a955c1620f1e05a58287ca0115b341

POST
H2

204

v2 Show response
us.creativecdn.com/tags/
Redirect Chain

https://us.creativecdn.com/tags/v2?type=json
https://us.creativecdn.com/tags/v2?type=json&tc=1

0
182 B

131ms
129ms

Fetch

185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json&tc=1
Requested by: Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/
Protocol: H2
Server: 185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH, CY),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

access-control-max-age: 3600
access-control-allow-origin: https://secure05a-connect.itsaol.com
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
location: https://us.creativecdn.com/tags/v2?type=json&tc=1
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://secure05a-connect.itsaol.com
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
date: Wed, 23 Oct 2024 18:55:20 GMT, Wed, 23 Oct 2024 18:55:20 GMT
vary: Origin

OPTIONS
H2 200 v2
us.creativecdn.com/tags/ Frame 0
0 561ms
127ms Preflight 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH, CY),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure05a-connect.itsaol.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://secure05a-connect.itsaol.com
access-control-max-age: 3600
content-length: 0
date: Wed, 23 Oct 2024 18:55:19 GMT
vary: Origin

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.49/ 64 KB
27 KB 165ms
164ms Script
application/javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.49/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/lk2hxquxhr?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

x-azure-ref: 20241023T185519Z-r1f48bc6b86x8xv5tn5w4pbv1c000000069g00000000801d
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCF0FBF8E94E61"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: a4cd55d0-c01e-0066-2ce8-2261fb000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 18:55:19 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Sun, 20 Oct 2024 11:40:18 GMT

GET
H2 200 main.MWMyZjYwMzkyMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 342 KB
96 KB 148ms
147ms Script
application/javascript 23.44.111.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF31TNRC77U6J4TVF330&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.29 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8257d5a78bc54902d7af44125a9adb813b495d3a5dea731a8a565f55dc2d6bd1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

x-cache: TCP_HIT from a23-44-200-157.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-2410171144331BB0BC33E9601A392262-4C64C14E31C173CA-00
content-length: 97161
date: Wed, 23 Oct 2024 18:55:19 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202410171144331BB0BC33E9601A392262
server: nginx
x-akamai-request-id: 58a5f27
x-tt-trace-host: 0112bd8e87479db1a01f1b19cf7ae6ef727872ca7990b764a369cc10b9006b9d7b764bd705ac1e9111cba48628c935037e7adb64538f4f5978579d6e1518a1d879d8c1f8d0c1ba528a5337f2140af2d5da6dc8324e871633b10ce3614928d545b7

GET
H2 200 id Show response
d1pqvb2h9xgm7r.cloudfront.net/v1/ 29 B
370 B 605ms
189ms XHR
text/plain 18.238.79.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/id?channel=secure.revitalizejoints.com
Requested by: Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.revitalizejoints.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.79.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-79-2.jfk52.r.cloudfront.net
Software: /
Resource Hash: cb9fbc59aaad8e6895c32e3041b79fcb14bacfdd086c17f1fe660c6d78df5b39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

access-control-expose-headers: date, x-api-id
via: 1.1 a8894be3cc09919d8cad0be355a10772.cloudfront.net (CloudFront)
apigw-requestid: AHf3yjpwoAMEYcg=
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 29
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 18:55:19 GMT
content-type: text/plain; charset=utf-8
x-amz-cf-pop: JFK52-P5
x-amz-cf-id: iPq2Ue9k1GLzrgtDDfQKeAhWXf1gPpUdqyGiEyiYrNmXqE2XuieBhQ==

GET
H/1.1 200
OK b-00mi
i.liadm.com/s/c/ Frame 7CC2 0
0 600ms
142ms Document
text/html 34.203.17.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/b-00mi?duid=bc6374f70603--01jaxbqfxbcpzca4h1m1adyykh&euns=1&pt=500&s=&version=v3.2.0&cd=.itsaol.com

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/b-00mi.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.17.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-17-141.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure05a-connect.itsaol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 646
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Oct 2024 18:55:20 GMT
Request-Time: 12
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
trace-id: bb48ebc441e090cf

GET
H2 200 syncframe
gum.criteo.com/ Frame 14C0 0
0 441ms
136ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=secure05a-connect.itsaol.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=108887

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://secure05a-connect.itsaol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 18:55:19 GMT
server: Kestrel
server-processing-duration-in-ticks: 325971
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1729709719639&aid=b-00mi&se=e30&duid=bc6374f70603--01jaxbqfxbcpzca4h1m1adyykh&tv=v3.2.0&pu=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F&wpn=lc-bundle&wpv=v3.2.0&cd=.i...
https://rp4.liadm.com/j?dtstmp=1729709719639&aid=b-00mi&se=e30&duid=bc6374f70603--01jaxbqfxbcpzca4h1m1adyykh&tv=v3.2.0&pu=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F&wpn=lc-bundle&wpv=v3.2.0&cd=....

13 B
347 B

421ms
134ms

XHR
application/json

3.90.118.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?dtstmp=1729709719639&aid=b-00mi&se=e30&duid=bc6374f70603--01jaxbqfxbcpzca4h1m1adyykh&tv=v3.2.0&pu=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F&wpn=lc-bundle&wpv=v3.2.0&cd=.itsaol.com&c=PHRpdGxlPkpvaW50IENvbXBsZXg8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPjxoMSBjbGFzcz0idmlkZW8taGVhZGxpbmUiPkJvbmUgT24gQm9uZSBKb2ludHM_IFRyeSBUaGlzIDE1IFNlY29uZCBTb2x1dGlvbjwvaDE-&i6=MmEwNDpjNjA0OjYxNToxOjo2&n3pc=true
Requested by: Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/
Protocol: H2
Server: 3.90.118.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-90-118-198.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

x-pixel-event-id: 200aa2dc-1d6d-46d6-a37e-f45b7230551d
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: null
content-length: 13
date: Wed, 23 Oct 2024 18:55:20 GMT
content-type: application/json

Redirect headers

access-control-allow-origin: https://secure05a-connect.itsaol.com
location: https://rp4.liadm.com/j?dtstmp=1729709719639&aid=b-00mi&se=e30&duid=bc6374f70603--01jaxbqfxbcpzca4h1m1adyykh&tv=v3.2.0&pu=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F&wpn=lc-bundle&wpv=v3.2.0&cd=.itsaol.com&c=PHRpdGxlPkpvaW50IENvbXBsZXg8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPjxoMSBjbGFzcz0idmlkZW8taGVhZGxpbmUiPkJvbmUgT24gQm9uZSBKb2ludHM_IFRyeSBUaGlzIDE1IFNlY29uZCBTb2x1dGlvbjwvaDE-&i6=MmEwNDpjNjA0OjYxNToxOjo2&n3pc=true
content-length: 0
access-control-expose-headers: *
date: Wed, 23 Oct 2024 18:55:19 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
292 B 434ms
142ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://secure05a-connect.itsaol.com/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://secure05a-connect.itsaol.com
Date: Wed, 23 Oct 2024 18:55:20 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 147ms
141ms Script
application/javascript 23.44.111.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.29 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

x-cache: TCP_MEM_HIT from a23-44-200-157.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=11
x-tt-trace-id: 00-2408300225247191E1B46E3CA2659920-6980FBE3FDD4116B-00
content-length: 39551
date: Wed, 23 Oct 2024 18:55:19 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202408300225247191E1B46E3CA2659920
server: nginx
x-akamai-request-id: 58a6043
x-tt-trace-host: 01b8984c511c26376dc0fc45f78ebe9a41c2fd65eebebca84879db3023830106eaa375a54172cbc919d360ae7a5928dc940faf0928b144bde7fb20ac260166e6e7347199ade633aaf56bbe5c0192137bf4b162f883b3c93d66f9bfca032841da1f

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
718 B 183ms
181ms Ping
text/plain 23.44.111.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.29 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://secure05a-connect.itsaol.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 23 Oct 2024 18:55:19 GMT
server-timing: inner; dur=28, cdn-cache; desc=MISS, edge; dur=7, origin; dur=37
x-cache: TCP_MISS from a23-44-200-157.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Wed, 23 Oct 2024 18:55:19 GMT
x-akamai-request-id: 58a604c
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012180f69a7f42a71d0771def4c5a903729df80be743d8a65e67481c1de67b1d3801160d9433fabfc9077080eb8460f8e07b55b28cb92334a509373dcec926bafd9993d5525a7ce535bbd0cbe0c7255e5f5e45ebaf263d7b3d2f7874f0f4fd3ff4
x-origin-response-time: 37,23.44.200.157
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241023185519AEB50AE713860BE67CEB-1F616B5A73FED05A-00
content-length: 0
x-tt-logid: 20241023185519AEB50AE713860BE67CEB
server: nginx

OPTIONS
H2 204 rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 0
0 140ms
138ms Preflight 18.238.79.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.79.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-79-2.jfk52.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure05a-connect.itsaol.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 300
age: 40711
alt-svc: h3=":443"; ma=86400
apigw-requestid: AF8evgkRIAMESSg=
date: Wed, 23 Oct 2024 07:36:49 GMT
via: 1.1 a8894be3cc09919d8cad0be355a10772.cloudfront.net (CloudFront)
x-amz-cf-id: 7lh6NFg7ON94IH2WtLW7Cz7jE7ngDBqchV3LTZXHWaXXaFcg3KEm1g==
x-amz-cf-pop: JFK52-P5
x-cache: Hit from cloudfront

POST
H2 200 rt Show response
d1pqvb2h9xgm7r.cloudfront.net/v1/ 514 B
884 B 153ms
152ms XHR
text/xml 18.238.79.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by: Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.revitalizejoints.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.79.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-79-2.jfk52.r.cloudfront.net
Software: /
Resource Hash: a799ff09f52fca6e9dfe97ca6997183ce5a040ee461f6702aa897e3bd4136ab2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://secure05a-connect.itsaol.com/

Response headers

access-control-expose-headers: date, x-api-id
x-amzn-requestid: 49fd53e8-a1cc-5f2c-8954-0c7be914dbb0
via: 1.1 a8894be3cc09919d8cad0be355a10772.cloudfront.net (CloudFront)
apigw-requestid: AHf32ghXoAMEYJQ=
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 514
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Oct 2024 18:55:20 GMT
content-type: text/xml
x-amz-cf-pop: JFK52-P5
x-amz-cf-id: Hu6mDZMUIoKnqRVjB-Ni8f5UKIKJGeenh7klM24Xja6me4Swpjs_-w==

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
877 B 215ms
210ms Ping
text/plain 23.44.111.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.29 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://secure05a-connect.itsaol.com/

Response headers

x-cache-remote: TCP_MISS from a23-48-100-201.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 23 Oct 2024 18:55:20 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=17, origin; dur=58, inner; dur=55
x-cache: TCP_MISS from a23-44-200-157.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Wed, 23 Oct 2024 18:55:20 GMT
x-akamai-request-id: 1cd9b2c9.58a60bb
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012180f69a7f42a71d0771def4c5a903729df80be743d8a65e67481c1de67b1d388aa5d51d8bb4f9cc30c648299259cd2be3ddc0b98abce5de56e65bdead2a4195af1c2036b36258b923af83d28974405b0c00f9b66495dab4f59973f4d24a784996457a86c64d589fb67aa5dcc01f7d66
x-origin-response-time: 58,23.48.100.201
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241023185520C0E531B14E16B2EFBDE3-065DD1259611E534-00
content-length: 0
x-parent-response-time: 66,23.44.200.157
x-tt-logid: 20241023185520C0E531B14E16B2EFBDE3
server: nginx

OPTIONS
H2 200 v2
us.creativecdn.com/tags/ Frame 0
0 128ms
127ms Preflight 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH, CY),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure05a-connect.itsaol.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://secure05a-connect.itsaol.com
access-control-max-age: 3600
content-length: 0
date: Wed, 23 Oct 2024 18:55:20 GMT
vary: Origin

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
292 B 138ms
135ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://secure05a-connect.itsaol.com/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://secure05a-connect.itsaol.com
Date: Wed, 23 Oct 2024 18:55:20 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK adnypeu
service3.purehealthresearch.com/ 0
0 438ms
141ms Fetch 134.209.162.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://service3.purehealthresearch.com/adnypeu
Requested by: Host: secure05a-connect.itsaol.com
URL: https://secure05a-connect.itsaol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 134.209.162.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 0
Date: Wed, 23 Oct 2024 18:55:21 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Methods: GET

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8E28658537CB42D0A4D7AA3A4BF49433&RedC=c.clarity.ms&MXFR=29DFD25468AA6656263DC7756CAA6863
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8E28658537CB42D0A4D7AA3A4BF49433&MUID=2CCB4270120368D814D557511369692E

42 B
442 B

133ms
131ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8E28658537CB42D0A4D7AA3A4BF49433&MUID=2CCB4270120368D814D557511369692E
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "8d3dafd6e71fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Wed, 23 Oct 2024 18:55:21 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 16:24:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8E28658537CB42D0A4D7AA3A4BF49433&MUID=2CCB4270120368D814D557511369692E
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9949AF89046044239BFA470185CA17E5 Ref B: LAX311000115031 Ref C: 2024-10-23T18:55:21Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Wed, 23 Oct 2024 18:55:21 GMT
x-powered-by: ASP.NET

GET
H/1.1 200
OK favicon.png
secure05a-connect.itsaol.com/img/ 2 KB
2 KB 148ms
142ms Other
image/png 147.182.162.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure05a-connect.itsaol.com/img/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 147.182.162.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jointhealthactivator.com
Software: nginx / Express
Resource Hash: 20d1160d4baa8eb4c0ad192f9497de3a531a2a2d4357006ea7d5bb29f8b0d838

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

Cache-Control: public, max-age=0
ETag: W/"788-18fec5f3cdd"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1928
Date: Wed, 23 Oct 2024 18:55:21 GMT
Content-Type: image/png
X-Powered-By: Express
Server: nginx
Last-Modified: Thu, 06 Jun 2024 07:06:55 GMT

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
292 B 146ms
142ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://secure05a-connect.itsaol.com/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://secure05a-connect.itsaol.com
Date: Wed, 23 Oct 2024 18:55:23 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 204 collect
analytics.google.com/g/ 0
0 168ms
167ms Fetch
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-633CCXW5Y6&gtm=45je4ah0v9171594360za200zb9132898246&_p=1729709717274&gcs=G111&gcd=13v3v3v3v5l1&npa=0&dma=0&tag_exp=101686685~101823847&cid=1932655865.1729709719&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1729709719&sct=1&seg=0&dl=https%3A%2F%2Fsecure05a-connect.itsaol.com%2F&dt=Joint%20Complex&en=scroll&epn.percent_scrolled=90&_et=73&tfd=7924
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-633CCXW5Y6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure05a-connect.itsaol.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secure05a-connect.itsaol.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 18:55:24 GMT
content-type: text/plain
server: Golfe2

GET event
sslwidget.criteo.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sslwidget.criteo.com
URL: https://sslwidget.criteo.com/event?a=108887&v=5.29.0&otl=1&p0=e%3Dvpg&adce=1&bundle=RcnWrF9XSkpSdnZQT3p0T2R6cHZpTTZxZVZ3b1MlMkJvU2RVZndKbUJlbThuVElTMXNLQnhDS2VIV0h5emEyamRDRGVxWUc0VDF3anNjRyUyRko0UExEem5RUiUyRlNvRzMyT0NNOEdDbjdoREQzMEd6UTlLejMzanNaTmR4eDRyT0pZQnFHJTJCMUQ5RyUyQmxXekl2bXI0bTFqZTJDcldOcllnJTNEJTNE&sc=%7B%22fbp%22%3A%22fb.1.1729709718524.881235151274994637%22%2C%22ttp%22%3A%22__kireSxNnRcoHAsbDm6AWmrDpp%22%7D&tld=itsaol.com&dy=1&fu=https%253A%252F%252Fsecure05a-connect.itsaol.com%252F&ceid=9dcbb744-94bf-460d-8d63-8185f3e9cf92

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-21 01:11:41	Name: _li_ss Value: CjYKBgj5ARCXGQoFCAoQlxkKBgjdARCXGQoGCOEBEJcZCgYIogEQlxkKBgjSARCXGQoFCH4Qlxk
.liadm.com/j	1970-01-21 10:04:29	Name: lidid Value: c9c3a689-6be0-45a8-9337-5bae4d8ecf8a
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: fZM2eps7VVg
.youtube.com/	1970-01-21 04:47:41	Name: VISITOR_INFO1_LIVE Value: I_4gSvK8MzM
.youtube.com/	1970-01-21 04:47:41	Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgPg%3D%3D
secure.revitalizejoints.com/	1970-01-21 00:38:34	Name: AWSALBCORS Value: /ox7ttlihzZHPoEf2tjKQpNMA1WxCCeE3yc4/7mY77a6zHZz+wC3X2uMHMlkirdidOtknUVsIIyySbqhHu4FjmXCjfWf0ACb34hQYMHc7AypNlwNpAvyV7sWtRLV
.itsaol.com/	1970-01-21 02:38:05	Name: _fbp Value: fb.1.1729709718524.881235151274994637
.itsaol.com/	1970-01-21 02:38:05	Name: _gcl_au Value: 1.1.1724272410.1729709719
www.clarity.ms/	1970-01-21 09:14:05	Name: CLID Value: d983276fe95d4703845df55d805f2e60.20241023.20251023
.tiktok.com/	1970-01-21 09:50:05	Name: _ttp Value: 2nqnxVgOuBWQ2orm6iH1cIU0bqs
.itsaol.com/	1970-01-21 10:04:29	Name: _ga Value: GA1.1.1932655865.1729709719
secure05a-connect.itsaol.com/	1970-01-21 09:14:05	Name: __rtbh.lid Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22q5ccvVLiZQTWCK2a8nK5%22%2C%22expiryDate%22%3A%222025-10-23T18%3A55%3A19.363Z%22%7D
.itsaol.com/	1970-01-21 10:04:29	Name: _ga_633CCXW5Y6 Value: GS1.1.1729709719.1.0.1729709719.60.0.0
.itsaol.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .itsaol.com
.itsaol.com/	1970-01-21 10:04:29	Name: _lc2_fpi Value: bc6374f70603--01jaxbqfxbcpzca4h1m1adyykh
.doubleclick.net/	1970-01-21 01:11:41	Name: ar_debug Value: 1
.itsaol.com/	1970-01-21 09:14:05	Name: _clck Value: 1i0cruh%7C2%7Cfq9%7C0%7C1757
.itsaol.com/	1970-01-21 09:50:05	Name: _tt_enable_cookie Value: 1
.itsaol.com/	1970-01-21 09:50:05	Name: _ttp Value: __kireSxNnRcoHAsbDm6AWmrDpp
.doubleclick.net/	1970-01-21 04:47:41	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 10:04:29	Name: IDE Value: AHWqTUnzCa6yl4czifiXVylHLEcQL4dzEnyHxyECqWMjcK8-btF_2b7xnWVpESb4mBw
.criteo.com/	1970-01-21 09:50:05	Name: uid Value: ee411ab6-a6e4-4d73-b15c-109e5130f590
.criteo.com/	1970-01-21 09:50:05	Name: receive-cookie-deprecation Value: 1
.itsaol.com/	1970-01-21 09:14:05	Name: ucacid Value: 880221395.800775
.liadm.com/	1970-01-21 10:04:29	Name: lidid Value: c9c3a689-6be0-45a8-9337-5bae4d8ecf8a
secure05a-connect.itsaol.com/	1970-01-21 00:28:30	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1729709720068%7D
.itsaol.com/	1970-01-21 00:29:56	Name: _clsk Value: 1a3ozs8%7C1729709720143%7C1%7C1%7Cp.clarity.ms%2Fcollect
.creativecdn.com/	1970-01-21 09:14:05	Name: g Value: 5xL0XO94mS2sPKr4gN7t_1729709720256
.creativecdn.com/	1970-01-21 09:14:05	Name: c Value: 5xL0XO94mS2sPKr4gN7t_EuTwXXOV4Sc7dJbpixmK_1729709720256
.creativecdn.com/	1970-01-21 09:14:05	Name: ts Value: 1729709720
secure05a-connect.itsaol.com/	1969-12-31 23:59:59	Name: /:watchVideoTime:DZVFWjPceZk Value: 0
.adsrvr.org/	1970-01-21 09:14:05	Name: TDID Value: 7cd533ab-e7a5-4773-8328-35e97048350c
.adsrvr.org/	1970-01-21 09:14:05	Name: TDCPM Value: CAESGQoKbGl2ZWludGVudBILCMbmpejI57k9EAUYBSABKAIyCwj2mayU3-e5PRAFOAE.
.turn.com/	1970-01-21 04:47:41	Name: uid Value: 4290413447431234359
.demdex.net/	1970-01-21 04:47:41	Name: demdex Value: 13837034669964205122338026378977441161
.itsaol.com/	1970-01-21 09:57:53	Name: cto_bundle Value: RcnWrF9XSkpSdnZQT3p0T2R6cHZpTTZxZVZ3b1MlMkJvU2RVZndKbUJlbThuVElTMXNLQnhDS2VIV0h5emEyamRDRGVxWUc0VDF3anNjRyUyRko0UExEem5RUiUyRlNvRzMyT0NNOEdDbjdoREQzMEd6UTlLejMzanNaTmR4eDRyT0pZQnFHJTJCMUQ5RyUyQmxXekl2bXI0bTFqZTJDcldOcllnJTNEJTNE
.adnxs.com/	1970-01-21 10:04:29	Name: receive-cookie-deprecation Value: 1
.rezync.com/	1970-01-21 09:50:05	Name: zync-uuid Value: e98a057f-12d3-4ea9-b04b-ed4ed3c76a2a:1729709720.4937747
live.rezync.com/	1970-01-21 09:50:05	Name: sd-session-id Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiZTk4YTA1N2YtMTJkMy00ZWE5LWIwNGItZWQ0ZWQzYzc2YTJhOjE3Mjk3MDk3MjAuNDkzNzc0NyJ9.ZxlGmA.h-kv7E6YMmpJEoS22nN-zPpeG2s
.bing.com/	1970-01-21 09:50:05	Name: MUID Value: 2CCB4270120368D814D557511369692E
.c.bing.com/	1970-01-21 00:38:34	Name: MR Value: 0
.c.bing.com/	1970-01-21 09:50:05	Name: SRM_B Value: 2CCB4270120368D814D557511369692E
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 09:50:05	Name: MUID Value: 2CCB4270120368D814D557511369692E
.c.clarity.ms/	1970-01-21 00:38:34	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 00:28:30	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12763245.fls.doubleclick.net
14623190.fls.doubleclick.net
ad.doubleclick.net
amplify.outbrain.com
analytics.google.com
analytics.tiktok.com
b-code.liadm.com
c.bing.com
c.clarity.ms
connect.facebook.net
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dynamic.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
p.clarity.ms
rp.liadm.com
rp4.liadm.com
secure.revitalizejoints.com
secure05a-connect.itsaol.com
service3.purehealthresearch.com
sslwidget.criteo.com
stats.g.doubleclick.net
tags.creativecdn.com
td.doubleclick.net
tr.outbrain.com
us.creativecdn.com
wave.outbrain.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.youtube-nocookie.com
www.youtube.com
sslwidget.criteo.com
13.226.103.2
134.209.162.206
142.250.65.166
142.250.80.36
142.250.80.38
142.251.40.104
142.251.40.131
142.251.40.226
147.182.162.240
18.238.79.2
185.184.10.30
20.110.205.119
20.122.63.128
2001:4860:4802:36::178
23.44.111.29
23.51.57.192
2600:1f18:730:b110:a86:b542:14a3:1dee
2600:9000:23cb:fe00:8:8845:1500:93a1
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c19::5f
2607:f8b0:4006:80b::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::200e
2607:f8b0:4006:824::2008
2620:100:a00b::12
2620:100:a00b::a
2620:1ec:29:1::40
2620:1ec:c11::237
2a02:6ea0:c400::54
2a03:2880:f112:83:face:b00c:0:25de
3.90.118.198
31.13.71.7
34.203.17.141
34.232.201.130
64.202.112.255
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
0e9a75e38a031b9b09c05c8d122817256fac59698e92fce19dd1816c04a27ef9
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
20d1160d4baa8eb4c0ad192f9497de3a531a2a2d4357006ea7d5bb29f8b0d838
230a4ab6a7ba73ae3e70accdc6d8002888d2edcdd12c982b6d798e27b9bdbc6b
2ed4725f2263822bee18f6f7d0046b66dec20db5b5d28d63a5dc5e3d88a84c09
2f1a53180832b15e7e5a0d5dff652262db0a419ed79d3f403c7a8432075bacf0
332d979e6f0fa7b45d18cd42551204564cd6a0037f1a63f7e5257854121f6067
35ffa414a1027186a67da9418da101fd2c3ee3aed9c1ee01f7662a84ef61ff01
3bb5fdf2030456fac4167dd69ab5137a70fd2bbf29931859454ead1057cb0a71
3ca9e609ef3f582aec6955e30de3ea1a0a33186bf6b10105d9e8391c4ba8ad21
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4520f4bff5cab0d6aeae23334f04b6761964030c12315dd6e3e8d4bfb1134437
589339e8289cd41df6a02f59899ce532b3cfd4d6a8bd4543455f01f71aab498f
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
6b48ee0aa2ab24409078f57a866ffb3871cc11bb2d7865bf3289ebaff908fc51
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7ba2efe3b4b4c0a0ea967ecbc0fa24ca9e773baff3c8449588a7a0bdb604863b
7bb4ac9fb750ff57ea5d557e495d01bbd85c3629b7d4b19affae6b2bbb0c2914
8257d5a78bc54902d7af44125a9adb813b495d3a5dea731a8a565f55dc2d6bd1
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8f2c4bcb919e31182646d5e52650914f15a9cc8ff0847d30c4dc4adcd4c2653c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a799ff09f52fca6e9dfe97ca6997183ce5a040ee461f6702aa897e3bd4136ab2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b1dcf4dbc576e07327f6dd8f5a8b64a18b5b3ec1b0e549f8b5a1315ded2a0bd8
b3410f7a7e5c6008e6b385ef1ac7ed9ae898d01aa73de9b3d3f87cfad6526fc3
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
cb9fbc59aaad8e6895c32e3041b79fcb14bacfdd086c17f1fe660c6d78df5b39
d426094c168051f30c71c81f5a51fe910cd31d2cdb2138d71ea0db1029c1186f
d4ad32064fd80630bf6268c334ea5fa0e7a01828051761982d3c7c6c00708706
d86dc3454bdf2110a74e7ba300b641a0700839347df9e6d08232dbbcde4fcde4
e2fe9f157458c1487be5f4aaad0461ed4bdf219f96abe13d1f8514d04f830942
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59646b956058c8adae476d100a820a72c516dd53928ad5d824dc5d2a1afabaa
edf1e42e2c2c5dae19cab4eeac73ac99c29cea56924ee6baf82d1df736356861
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
fbce52394fe6a49b42ec7c3eb2a5146948e786b7a6188502657ba28a062691dd

secure05a-connect.itsaol.com Open in urlscan Pro 147.182.162.240 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

83 %HTTPS

44 %IPv6

21 Domains

38 Subdomains

34 IPs

2 Countries

1481 kBTransfer

3514 kBSize

46 Cookies

0 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure05a-connect.itsaol.com Open in urlscan Pro
147.182.162.240 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

83 %
HTTPS

44 %
IPv6

21
Domains

38
Subdomains

34
IPs

2
Countries

1481 kB
Transfer

3514 kB
Size

46
Cookies

70 HTTP transactions
0 data transactions