Submitted URL: https://digitalmediapp.com/api-f-click.php?offer_id=134286352&pub_id=37
Effective URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Submission: On December 31 via manual from RO — Scanned from DE

Summary

This website contacted 5 IPs in 5 countries across 8 domains to perform 37 HTTP transactions. The main IP is 95.216.23.99, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is lpcaptkg.thebestremedyfito.com.
TLS certificate: Issued by R3 on December 4th 2021. Valid for: 3 months.
This is the only time lpcaptkg.thebestremedyfito.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.170.18.18 20454 (SSASN2)
1 104.19.133.78 13335 (CLOUDFLAR...)
1 1 104.21.49.123 13335 (CLOUDFLAR...)
3 95.216.23.99 24940 (HETZNER-AS)
28 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:ab00:0:1... 49505 (SELECTEL)
3 7 2a02:6b8::1:119 208722 (YNDX)
37 5
Domain Requested by
28 evrhst-a.akamaihd.net lpcaptkg.thebestremedyfito.com
5 mc.yandex.com 2 redirects lpcaptkg.thebestremedyfito.com
3 lpcaptkg.thebestremedyfito.com www.mgid.com
lpcaptkg.thebestremedyfito.com
2 mc.yandex.ru 1 redirects lpcaptkg.thebestremedyfito.com
1 179523.selcdn.ru lpcaptkg.thebestremedyfito.com
1 greatexdpt.space 1 redirects
1 www.mgid.com
1 digitalmediapp.com 1 redirects
37 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-11 -
2022-06-10
a year crt.sh
thebestremedyfito.com
R3
2021-12-04 -
2022-03-04
3 months crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA
2021-07-15 -
2022-07-20
a year crt.sh
*.selcdn.ru
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-13 -
2022-11-26
a year crt.sh
mc.yandex.ru
Yandex CA
2021-12-22 -
2022-06-03
5 months crt.sh

This page contains 1 frames:

Primary Page: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Frame ID: AC0B138371F8D7B52F437EBB43ECC460
Requests: 37 HTTP requests in this frame

Screenshot

Page Title

Cumpăraţi Arthrolon la un preț foarte mic. Prețuri, comentarii. Comandaţi Arthrolon acum!

Page URL History Show full URLs

  1. https://digitalmediapp.com/api-f-click.php?offer_id=134286352&pub_id=37 HTTP 302
    https://www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD... Page URL
  2. https://greatexdpt.space/click.php?key=19f7s91hx8u9pwsof7ex&externalid=4b905129e3fb80c12cdca705ac6426... HTTP 302
    https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

37
Requests

95 %
HTTPS

43 %
IPv6

8
Domains

8
Subdomains

5
IPs

5
Countries

376 kB
Transfer

574 kB
Size

37
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://digitalmediapp.com/api-f-click.php?offer_id=134286352&pub_id=37 HTTP 302
    https://www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD9vVpP23BxzpgK8tnTLc_ZgjXM1Iql72Vft8__jOA&rid=52305ddf-69e4-11ec-af28-e4434b374bc6&tt=Direct&att=3&pubsrcid=37-a-0-a-43224&cpm=1&ct=1 Page URL
  2. https://greatexdpt.space/click.php?key=19f7s91hx8u9pwsof7ex&externalid=4b905129e3fb80c12cdca705ac642624&cost=0.07&widget_id=57580243s3067784212&teaser_id=10385493&campaign_id=11147634&utm_medium=cpc&utm_source=mgid.com&utm_campaign=Imosteon+RO+(RP+Test)&utm_term=57580243s3067784212&utm_content=10385493&adclida=externalid HTTP 302
    https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://digitalmediapp.com/api-f-click.php?offer_id=134286352&pub_id=37 HTTP 302
  • https://www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD9vVpP23BxzpgK8tnTLc_ZgjXM1Iql72Vft8__jOA&rid=52305ddf-69e4-11ec-af28-e4434b374bc6&tt=Direct&att=3&pubsrcid=37-a-0-a-43224&cpm=1&ct=1
Request Chain 33
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9503.6XSFKV0FeiYY71qEpZnys6i2At6FMWec9yIw5iLS1c_4PhVetQIfYu9HSKmp0b9j.xLAWXTXU9eWYYJjGlVwXkMAO1Sg%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9503.Dit9AEPDgiwdLt8FkRCLpctEi5wgZ5Pscqb1N-1EjDUA8w-J-FAH67XvzdWpktAmULY9iwQnCifRMQkIvIm2dw%2C%2C.vsp7wh3x9ICTr1iKIAwOJ39jl-0%2C
Request Chain 35
  • https://mc.yandex.com/watch/74372080?wmode=7&page-url=https%3A%2F%2Flpcaptkg.thebestremedyfito.com%2F%3Fsid1%3Df02926jxodu3v61f%26sid5%3DUnknown%26sid4%3D2&page-ref=https%3A%2F%2Fwww.mgid.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A1097%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1157649874832%3Ahid%3A1054420795%3Az%3A0%3Ai%3A20211231030525%3Aet%3A1640919926%3Ac%3A1%3Arn%3A821967942%3Arqn%3A1%3Au%3A164091992671775765%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640919924555%3Ads%3A13%2C63%2C194%2C101%2C629%2C0%2C%2C205%2C2%2C%2C%2C%2C1244%3Adsn%3A13%2C64%2C194%2C101%2C629%2C0%2C%2C107%2C2%2C%2C%2C%2C1244%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640919926%3At%3ACump%C4%83ra%C5%A3i%20Arthrolon%20la%20un%20pre%C8%9B%20foarte%20mic.%20Pre%C8%9Buri%2C%20comentarii.%20Comanda%C5%A3i%20Arthrolon%20acum!&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/74372080/1?wmode=7&page-url=https%3A%2F%2Flpcaptkg.thebestremedyfito.com%2F%3Fsid1%3Df02926jxodu3v61f%26sid5%3DUnknown%26sid4%3D2&page-ref=https%3A%2F%2Fwww.mgid.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A1097%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1157649874832%3Ahid%3A1054420795%3Az%3A0%3Ai%3A20211231030525%3Aet%3A1640919926%3Ac%3A1%3Arn%3A821967942%3Arqn%3A1%3Au%3A164091992671775765%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640919924555%3Ads%3A13%2C63%2C194%2C101%2C629%2C0%2C%2C205%2C2%2C%2C%2C%2C1244%3Adsn%3A13%2C64%2C194%2C101%2C629%2C0%2C%2C107%2C2%2C%2C%2C%2C1244%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640919926%3At%3ACump%C4%83ra%C5%A3i%20Arthrolon%20la%20un%20pre%C8%9B%20foarte%20mic.%20Pre%C8%9Buri%2C%20comentarii.%20Comanda%C5%A3i%20Arthrolon%20acum%21&t=gdpr%2814%29aw%281%29ti%282%29

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
1
www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/
Redirect Chain
  • https://digitalmediapp.com/api-f-click.php?offer_id=134286352&pub_id=37
  • https://www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD9vVpP23BxzpgK8tnTLc_ZgjXM1Iql72Vft8__jOA&rid=52305ddf-69e4-11ec-af28-e4434b374bc6&tt=Direct&att=3&pu...
2 KB
2 KB
Document
General
Full URL
https://www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD9vVpP23BxzpgK8tnTLc_ZgjXM1Iql72Vft8__jOA&rid=52305ddf-69e4-11ec-af28-e4434b374bc6&tt=Direct&att=3&pubsrcid=37-a-0-a-43224&cpm=1&ct=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 31 Dec 2021 03:05:24 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:01 GMT
cache-control
no-cache
pragma
no-cache
x-mg-click-uuid
48e7b639-602a-d03a-bce2-077570fb9f57
access-control-allow-credentials
true
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-robots-tag
noindex
cf-cache-status
MISS
last-modified
Fri, 31 Dec 2021 03:05:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c6049378c24694f-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Server
nginx
Date
Fri, 31 Dec 2021 03:06:39 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
//www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD9vVpP23BxzpgK8tnTLc_ZgjXM1Iql72Vft8__jOA&rid=52305ddf-69e4-11ec-af28-e4434b374bc6&tt=Direct&att=3&pubsrcid=37-a-0-a-43224&cpm=1&ct=1
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Primary Request /
lpcaptkg.thebestremedyfito.com/
Redirect Chain
  • https://greatexdpt.space/click.php?key=19f7s91hx8u9pwsof7ex&externalid=4b905129e3fb80c12cdca705ac642624&cost=0.07&widget_id=57580243s3067784212&teaser_id=10385493&campaign_id=11147634&utm_medium=cp...
  • https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
170 KB
62 KB
Document
General
Full URL
https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Requested by
Host: www.mgid.com
URL: https://www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD9vVpP23BxzpgK8tnTLc_ZgjXM1Iql72Vft8__jOA&rid=52305ddf-69e4-11ec-af28-e4434b374bc6&tt=Direct&att=3&pubsrcid=37-a-0-a-43224&cpm=1&ct=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.23.99 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.23.216.95.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
4e8193e0fb7eef04063bb4b478c2bd2fcee3ff70cfdce44b98ed08b03ac1d4b5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD9vVpP23BxzpgK8tnTLc_ZgjXM1Iql72Vft8__jOA&rid=52305ddf-69e4-11ec-af28-e4434b374bc6&tt=Direct&att=3&pubsrcid=37-a-0-a-43224&cpm=1&ct=1

Response headers

server
nginx/1.18.0
date
Fri, 31 Dec 2021 03:05:25 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
etag
W/"2a6ba-s5yu9RMaZwT4riiFV/vxlPQsI7s"
server-timing
total; dur=114.388894; desc="Total Response Time"
content-encoding
gzip

Redirect headers

date
Fri, 31 Dec 2021 03:05:25 GMT
content-type
text/html; charset=UTF-8
location
https://lpcaptkg.thebestremedyfito.com?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XUauvpQWbOnTLLoNvKhbOmqZuymMTp61fOcyKlxMe3udIqUrXNsGoFW7RQyqcl0x8mKFvBSMq9sKLayIFgG3rN1Ij3JOEU1kFbkorLptFgBUlgHtfTsddFfdw7kP53Re8dg"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c604938a8816937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
all.min.css
evrhst-a.akamaihd.net/16328/css/
17 KB
4 KB
Stylesheet
General
Full URL
https://evrhst-a.akamaihd.net/16328/css/all.min.css
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fdeb244be69cf5eed2ebf7ac0442e1a15a36d4100cc49f795603ff29fb0ed6dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
x-trans-id
16b8eddf832bfe33
etag
"ee64ba06a5d8988bee0e94e445c56415"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27938815
accept-ranges
bytes
content-length
4075
x-timestamp
1637320008.78337
soc.webp
evrhst-a.akamaihd.net/16328/images/
520 B
880 B
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/soc.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f61643c609e74bc4e0d1198aeed146cbfb6df2a47ccef6b5159c74332ca9b3fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"aa9792eb9c8a06d0327d712454bb310c"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936179
content-length
520
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
menu.webp
evrhst-a.akamaihd.net/16328/images/
2 KB
2 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/menu.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8b03bc9c0f22c2c96b4159e282d5ad6f6292722bbca436bf5083fbd414f389ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"10f7f5e04a46745082813c28c4bf9b53"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936205
content-length
1862
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
social-c.png
evrhst-a.akamaihd.net/16328/images/
1 KB
2 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/social-c.png
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6626c2808639d837c108695fe3a9483817549f3fc2e6240714cbae04829dfc07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"6550f25df81a7a02266082c312f61570"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27939008
content-length
1481
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
cont1.webp
evrhst-a.akamaihd.net/16328/images/
77 KB
77 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/cont1.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14a8c4081fbc78e9a5a0ade8de43dd3669f1d853a11e47ae2a08dfa89488ce4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"ba97f606d4e49c92523f4a24a84a03fb"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27939288
content-length
78644
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
prizewheel.png
evrhst-a.akamaihd.net/16328/images/
21 KB
22 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/prizewheel.png
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fbe88e357222228becc0259abcefe7f87bf340a7143fd7974a50a35528e6eca0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"e70f994c38deb1113846f358b13e83bb"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=31478450
content-length
21957
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
wheel-cursor.png
evrhst-a.akamaihd.net/16328/images/
2 KB
2 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/wheel-cursor.png
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
206f22a24afab361f679a3833c123aa0e8e50687a4d2c9a35502f1b63494890b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"58832e5d77fdb0f7f2a34e670b7bd1df"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27937183
content-length
1900
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
s1.webp
evrhst-a.akamaihd.net/16328/images/
9 KB
9 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/s1.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dbcd62d3688e6fac34a72e5e0562e06668ccb9285f2b785060e190384abeece3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"69e052dd623076c9d12faf98200c6d75"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27939040
content-length
8828
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
s2.webp
evrhst-a.akamaihd.net/16328/images/
4 KB
4 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/s2.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
99d93d91bccaaf340159e497e2d56dc95baac5ec71fea49fc8396303a42fde68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"b53085f54299de10f171fea88a8cb0da"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=31334386
content-length
4082
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
prod.webp
evrhst-a.akamaihd.net/16328/images/
13 KB
14 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/prod.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c2ef3a8a68a4f85b655772f4883d96148fb5dee2345b17317400a8e97745fe34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"e9ac0fed89bd76f8aeb7c33703490954"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27939424
content-length
13680
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
eu-footer2.js
179523.selcdn.ru/public/layout-images/
3 KB
3 KB
Script
General
Full URL
https://179523.selcdn.ru/public/layout-images/eu-footer2.js
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:ab00:0:12::236 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
0409868ed3a15e20223bb32188af1efe649bfa99817d460ef5245cd248ea662d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 23:30:43 GMT
last-modified
Fri, 13 Aug 2021 08:49:40 GMT
age
12882
etag
"d8a022f0442752962ae3c68c0b89ff7e"
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
content-length
2802
accept-ranges
bytes
x-trans-id
169ad183c4d5cdd8
x-timestamp
1628844579.12224
index.js
evrhst-a.akamaihd.net/16328/
4 KB
2 KB
Script
General
Full URL
https://evrhst-a.akamaihd.net/16328/index.js
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c710dade8fe42f0cec4e4851488c1d00b891b3a71ecab565f6a75eb603f68423

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
x-trans-id
16b8eddf832bfe33
etag
"4c4b6949ed3a57bf97d60267e82e7276"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936222
accept-ranges
bytes
content-length
1660
x-timestamp
1637320008.78337
ph1.webp
evrhst-a.akamaihd.net/16328/images/
2 KB
2 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/ph1.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
af4ec3994e8ae4861f974d895018e5d9623cd94d7c39db49d0d4c708847a781d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"4598eddfd1ab332fccd43e252694d268"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27939391
content-length
1792
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
ph2.webp
evrhst-a.akamaihd.net/16328/images/
2 KB
2 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/ph2.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
49d5b4df9c36a4f7d72b326295ced3b8b3321608f632852c4f2a3289579347e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"4b209509d1579d594970773e3c5d8666"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936201
content-length
2036
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
cont2.webp
evrhst-a.akamaihd.net/16328/images/
15 KB
15 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/cont2.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cf70438cff4bb6e3c83289b36ea0ea31f5f1ab289da7520d729eb2c4951eba3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"94e5a71af0d14b22ca358b11daee0d71"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936185
content-length
14926
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
cont3.webp
evrhst-a.akamaihd.net/16328/images/
29 KB
29 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/cont3.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ea66d1061bff02c00e2692d8e81e00dbb25f600f255d43e22c5fd1dca99a60a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"ed7fcf5bf60210090bdf056fcabd84f5"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27938736
content-length
29344
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
cont4.webp
evrhst-a.akamaihd.net/16328/images/
20 KB
20 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/cont4.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f9b2b6b3051f1a15c9f0d3f6cdfb82a9999d30b54b132a4b66d1490a8cfee6a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"3312efe00384e64dec9411eec529c014"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27939508
content-length
20052
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
social.webp
evrhst-a.akamaihd.net/16328/images/
2 KB
2 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/social.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9893aa8834256d0e3bb3b65ab11673297a01199010da41c5a51b4028019e9823

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 30 Apr 2021 10:50:12 GMT
etag
"4cb0bffda0dd0408c65f2cf6470a916f"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=18511563
content-length
2112
accept-ranges
bytes
x-trans-id
167a9d27ffdaadbb
x-timestamp
1619779811.11492
1.webp
evrhst-a.akamaihd.net/16328/images/
568 B
930 B
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/1.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d399af7dcbfa54dd89e4b7a24fb393ee80c48e1b64ebeb440cf9652a11e18934

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"6461a7e61a9cba326e9b4ba74b652539"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936137
content-length
568
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
2.webp
evrhst-a.akamaihd.net/16328/images/
502 B
862 B
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/2.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fcd3781eb5776cefa7fa1a3590f5707f4e2e0cba9b250c77ff7095f7807453ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"68cdb49ba24aa9001fac2db6421f37ac"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27938866
content-length
502
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
3.webp
evrhst-a.akamaihd.net/16328/images/
702 B
1 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/3.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6ca0800f2da232a4755dce81f8a9cdab7d8fb98c512a75ee286d16620f94d56c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"7dc5c949d347140e5b0326723b00e920"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936182
content-length
702
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
4.webp
evrhst-a.akamaihd.net/16328/images/
502 B
862 B
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/4.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8475a0af753a8f351552feb13837c8c06302f764ba9baa2c2cc315fb3e4fe448

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"85cafa7efe65f4aad3712c9ae8260ea3"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27939628
content-length
502
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
otz1.webp
evrhst-a.akamaihd.net/16328/images/
25 KB
25 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/otz1.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a6880eba5f4b351151b3bbb36631b888d3c0c975a825b808211cee752790e529

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"85ebe767192df906a6fc5c7c2dcd2c59"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=30033647
content-length
25498
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
5.webp
evrhst-a.akamaihd.net/16328/images/
726 B
1 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/5.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a707815fcff6851a9cf83f4091e61fb5142e9f2d49572c607de315aed18bc564

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"772803d94cf196c147fe1b0f9e3a5a88"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936181
content-length
726
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
6.webp
evrhst-a.akamaihd.net/16328/images/
690 B
1 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/6.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c6e8c5c26433ced712649f1d91fb1b9e6b5dbade1229b1a73d0e27961929c3df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"94032f30162dc92458438193806d5f0e"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936134
content-length
690
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
7.webp
evrhst-a.akamaihd.net/16328/images/
530 B
891 B
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/7.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4d1394d460fd3298891b6e0833a7c6bee356b981d2ae88f15fdaa9aa0dedcda8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"b73b2b14c54213a72506ae4dffe1634c"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27938795
content-length
530
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
s3.webp
evrhst-a.akamaihd.net/16328/images/
5 KB
5 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/s3.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
79dd3d43be4175169701534835b66c037a40802f0a138da58ac80813c02a0c91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"cd56573c3494210eb3b2818777608f99"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936465
content-length
4786
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
s4.webp
evrhst-a.akamaihd.net/16328/images/
8 KB
8 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/s4.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8c3e3cb898fc4b105fb6bde15eaf9aea86080964dfd60de5e197e9ae3028de4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"e941f3e9ae3ba12ab25799124e8298c4"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27941963
content-length
7924
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
s5.webp
evrhst-a.akamaihd.net/16328/images/
4 KB
4 KB
Image
General
Full URL
https://evrhst-a.akamaihd.net/16328/images/s5.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d5b5a3d18e3be9f005bf80b4d18d7fe588b3f20d89b30fbebd1d3d50c95418c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"475de2bed328e6f3518ad9188c2df580"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27938799
content-length
3804
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
test-xhr
lpcaptkg.thebestremedyfito.com/
6 B
311 B
XHR
General
Full URL
https://lpcaptkg.thebestremedyfito.com/test-xhr
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.23.99 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.23.216.95.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
d9e64ed8068d5fd6d4025163df32cedeba275f8a9d54eefbb214d3a3f88a8794
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
x-content-type-options
nosniff
server
nginx/1.18.0
etag
W/"6-hH2Nxvb5Ee2fNUSKy82lbKoHEHY"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/html; charset=utf-8
server-timing
total; dur=1.193497; desc="Total Response Time"
x-dns-prefetch-control
off
content-length
6
x-xss-protection
1; mode=block
watch.js
mc.yandex.ru/metrika/
134 KB
48 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
13478bdce3b05abe223de8fe7aeab8fa7e1c0599adde7b20944739374757ecfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
content-encoding
br
last-modified
Tue, 28 Dec 2021 12:05:22 GMT
etag
"61cad352-bd04"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
48388
expires
Fri, 31 Dec 2021 04:05:25 GMT
click
lpcaptkg.thebestremedyfito.com/
22 B
577 B
XHR
General
Full URL
https://lpcaptkg.thebestremedyfito.com/click?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2&landing_page_id=14936&campaign_id=995870&referer=https%3A%2F%2Fwww.mgid.com%2F
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.23.99 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.23.216.95.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
6be4b54981b363c752a7b7f7c22c2398784318ed77093f2f0a55d4c2f7fbc11b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:26 GMT
x-content-type-options
nosniff, nosniff
server
nginx/1.18.0
x-frame-options
SAMEORIGIN, DENY
etag
W/"16-mYnwEf7xZzol1TgNSnCPeYd8Z2c"
x-download-options
noopen
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
content-length
22
x-xss-protection
1; mode=block
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9503.6XSFKV0FeiYY71qEpZnys6i2At6FMWec9yIw5iLS1c_4PhVetQIfYu9HSKmp0b9j.xLAWXTXU9eWYYJjGlVwXkMAO1Sg%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9503.Dit9AEPDgiwdLt8FkRCLpctEi5wgZ5Pscqb1N-1EjDUA8w-J-FAH67XvzdWpktAmULY9iwQnCifRMQkIvIm2dw%2C%2C.vsp7wh3x9ICTr1iKIAwOJ39jl-0%2C
75 B
75 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9503.Dit9AEPDgiwdLt8FkRCLpctEi5wgZ5Pscqb1N-1EjDUA8w-J-FAH67XvzdWpktAmULY9iwQnCifRMQkIvIm2dw%2C%2C.vsp7wh3x9ICTr1iKIAwOJ39jl-0%2C
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9503.Dit9AEPDgiwdLt8FkRCLpctEi5wgZ5Pscqb1N-1EjDUA8w-J-FAH67XvzdWpktAmULY9iwQnCifRMQkIvIm2dw%2C%2C.vsp7wh3x9ICTr1iKIAwOJ39jl-0%2C
date
Fri, 31 Dec 2021 03:05:25 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
136 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Thu, 23 Dec 2021 16:10:01 GMT
etag
"61c47529-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 31 Dec 2021 04:05:25 GMT
1
mc.yandex.com/watch/74372080/
Redirect Chain
  • https://mc.yandex.com/watch/74372080?wmode=7&page-url=https%3A%2F%2Flpcaptkg.thebestremedyfito.com%2F%3Fsid1%3Df02926jxodu3v61f%26sid5%3DUnknown%26sid4%3D2&page-ref=https%3A%2F%2Fwww.mgid.com%2F&ch...
  • https://mc.yandex.com/watch/74372080/1?wmode=7&page-url=https%3A%2F%2Flpcaptkg.thebestremedyfito.com%2F%3Fsid1%3Df02926jxodu3v61f%26sid5%3DUnknown%26sid4%3D2&page-ref=https%3A%2F%2Fwww.mgid.com%2F&...
331 B
440 B
XHR
General
Full URL
https://mc.yandex.com/watch/74372080/1?wmode=7&page-url=https%3A%2F%2Flpcaptkg.thebestremedyfito.com%2F%3Fsid1%3Df02926jxodu3v61f%26sid5%3DUnknown%26sid4%3D2&page-ref=https%3A%2F%2Fwww.mgid.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A1097%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1157649874832%3Ahid%3A1054420795%3Az%3A0%3Ai%3A20211231030525%3Aet%3A1640919926%3Ac%3A1%3Arn%3A821967942%3Arqn%3A1%3Au%3A164091992671775765%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640919924555%3Ads%3A13%2C63%2C194%2C101%2C629%2C0%2C%2C205%2C2%2C%2C%2C%2C1244%3Adsn%3A13%2C64%2C194%2C101%2C629%2C0%2C%2C107%2C2%2C%2C%2C%2C1244%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640919926%3At%3ACump%C4%83ra%C5%A3i%20Arthrolon%20la%20un%20pre%C8%9B%20foarte%20mic.%20Pre%C8%9Buri%2C%20comentarii.%20Comanda%C5%A3i%20Arthrolon%20acum%21&t=gdpr%2814%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
c130448ffb6075915d966f19b8daa0577f1f0b2434bb5f74e6b4435d5f4e059f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Dec 2021 03:05:25 GMT
x-content-type-options
nosniff
last-modified
Fri, 31-Dec-2021 03:05:25 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lpcaptkg.thebestremedyfito.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Fri, 31-Dec-2021 03:05:25 GMT

Redirect headers

pragma
no-cache
date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 31-Dec-2021 03:05:25 GMT
location
/watch/74372080/1?wmode=7&page-url=https%3A%2F%2Flpcaptkg.thebestremedyfito.com%2F%3Fsid1%3Df02926jxodu3v61f%26sid5%3DUnknown%26sid4%3D2&page-ref=https%3A%2F%2Fwww.mgid.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A1097%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1157649874832%3Ahid%3A1054420795%3Az%3A0%3Ai%3A20211231030525%3Aet%3A1640919926%3Ac%3A1%3Arn%3A821967942%3Arqn%3A1%3Au%3A164091992671775765%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640919924555%3Ads%3A13%2C63%2C194%2C101%2C629%2C0%2C%2C205%2C2%2C%2C%2C%2C1244%3Adsn%3A13%2C64%2C194%2C101%2C629%2C0%2C%2C107%2C2%2C%2C%2C%2C1244%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640919926%3At%3ACump%C4%83ra%C5%A3i%20Arthrolon%20la%20un%20pre%C8%9B%20foarte%20mic.%20Pre%C8%9Buri%2C%20comentarii.%20Comanda%C5%A3i%20Arthrolon%20acum%21&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://lpcaptkg.thebestremedyfito.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 31-Dec-2021 03:05:25 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| countryCodeMasString string| language string| dir string| cdn_path string| country_code string| campaign_country_code string| smart_form_call_timings string| codeCorrect string| codeEmpty string| codeInvalid object| country_code_mas string| additional_phone_placeholder function| $ function| jQuery function| postDate object| resultWrapper object| wheel function| spin object| closePopup number| time undefined| intr function| start_timer function| tick object| transit_fb_id object| landing_fb_id object| thankyou_fb_id object| Ya object| yaCounter74372080

37 Cookies

Domain/Path Name / Value
.mgid.com/ Name: muidn
Value: lbuoA_dh1v5j
www.mgid.com/ Name: PHPSESSID
Value: n530nbhfd11vd2tka5evq10s0i
.mgid.com/ Name: mgid
Value: 10385493
.mgid.com/ Name: mtid
Value: 57580243
.mgid.com/ Name: mtuid
Value: 57580243s3067784212
.mgid.com/ Name: mstatus
Value: 0
.mgid.com/ Name: mghd
Value: greatexdpt.space
.mgid.com/ Name: __cf_bm
Value: g8L5iDMQbE1nqIeqIy3G0YRgodnFoeBkpgf1laootuI-1640919924-0-ASKb3XWRaM6HcbPcJuyW4QlkxJV7t+cihSJ4nSqUskAKrNLyKzEp0xVyyuVZqtxbHr9Jl7R2DqorTH6j2djqlQU=
greatexdpt.space/ Name: uclick
Value: 6jxodu3v
greatexdpt.space/ Name: uclickhash
Value: 6jxodu3v-6jxodu3v-2tc8-0-gxa6-529l-ojdu-633ef2
lpcaptkg.thebestremedyfito.com/ Name: news_domain
Value: everinform.com
lpcaptkg.thebestremedyfito.com/ Name: visited
Value: e%3A441c1ac6d176ec0cb77429bf3e8a5e139e700a5bbeedca2e5567cdfbd34c7da6
lpcaptkg.thebestremedyfito.com/ Name: anonymous_id
Value: 91d64de7-ea82-40fa-aaa3-9f0f9d6c3955
lpcaptkg.thebestremedyfito.com/ Name: campaign_id
Value: 995870
lpcaptkg.thebestremedyfito.com/ Name: affiliate_id
Value: 179359
lpcaptkg.thebestremedyfito.com/ Name: zevs
Value: 179359
lpcaptkg.thebestremedyfito.com/ Name: currency
Value: usd
lpcaptkg.thebestremedyfito.com/ Name: back_button_enabled
Value: true
lpcaptkg.thebestremedyfito.com/ Name: landing_page_id
Value: 14936
lpcaptkg.thebestremedyfito.com/ Name: lang
Value: ro
lpcaptkg.thebestremedyfito.com/ Name: user_country_code
Value: DE
lpcaptkg.thebestremedyfito.com/ Name: is_duplicate_restricted
Value: false
lpcaptkg.thebestremedyfito.com/ Name: is_namephone_validated
Value: true
.thebestremedyfito.com/ Name: _ym_uid
Value: 164091992671775765
.thebestremedyfito.com/ Name: _ym_d
Value: 1640919926
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 170009119fake
.thebestremedyfito.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3217207195fake
.yandex.com/ Name: yandexuid
Value: 4198773641640919925
.yandex.com/ Name: yuidss
Value: 4198773641640919925
mc.yandex.com/ Name: yabs-sid
Value: 1772861021640919925
.yandex.com/ Name: i
Value: P721UPEjOSpTLj6zoMKd3ryN1MwyY3Y+ZddW7+TU3Fx7PS90rUt+FJsfIqgWjqSeMbqZ04k0WEgOpbbRqDvt1Po6vr0=
.yandex.com/ Name: ymex
Value: 1672455925.yrts.1640919925#1672455925.yrtsi.1640919925
.thebestremedyfito.com/ Name: _ym_visorc
Value: w
lpcaptkg.thebestremedyfito.com/ Name: tracked_campaign_id
Value: 995870
lpcaptkg.thebestremedyfito.com/ Name: url
Value: /click?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2&landing_page_id=14936&campaign_id=995870&referer=https%3A%2F%2Fwww.mgid.com%2F
lpcaptkg.thebestremedyfito.com/ Name: click_id
Value: 582714327

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9503.Dit9AEPDgiwdLt8FkRCLpctEi5wgZ5Pscqb1N-1EjDUA8w-J-FAH67XvzdWpktAmULY9iwQnCifRMQkIvIm2dw%2C%2C.vsp7wh3x9ICTr1iKIAwOJ39jl-0%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

179523.selcdn.ru
digitalmediapp.com
evrhst-a.akamaihd.net
greatexdpt.space
lpcaptkg.thebestremedyfito.com
mc.yandex.com
mc.yandex.ru
www.mgid.com
104.19.133.78
104.21.49.123
108.170.18.18
2a00:ab00:0:12::236
2a02:26f0:6c00::210:ba13
2a02:6b8::1:119
95.216.23.99
0409868ed3a15e20223bb32188af1efe649bfa99817d460ef5245cd248ea662d
13478bdce3b05abe223de8fe7aeab8fa7e1c0599adde7b20944739374757ecfb
14a8c4081fbc78e9a5a0ade8de43dd3669f1d853a11e47ae2a08dfa89488ce4b
206f22a24afab361f679a3833c123aa0e8e50687a4d2c9a35502f1b63494890b
49d5b4df9c36a4f7d72b326295ced3b8b3321608f632852c4f2a3289579347e7
4d1394d460fd3298891b6e0833a7c6bee356b981d2ae88f15fdaa9aa0dedcda8
4e8193e0fb7eef04063bb4b478c2bd2fcee3ff70cfdce44b98ed08b03ac1d4b5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6626c2808639d837c108695fe3a9483817549f3fc2e6240714cbae04829dfc07
6be4b54981b363c752a7b7f7c22c2398784318ed77093f2f0a55d4c2f7fbc11b
6ca0800f2da232a4755dce81f8a9cdab7d8fb98c512a75ee286d16620f94d56c
79dd3d43be4175169701534835b66c037a40802f0a138da58ac80813c02a0c91
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8475a0af753a8f351552feb13837c8c06302f764ba9baa2c2cc315fb3e4fe448
8b03bc9c0f22c2c96b4159e282d5ad6f6292722bbca436bf5083fbd414f389ed
8c3e3cb898fc4b105fb6bde15eaf9aea86080964dfd60de5e197e9ae3028de4b
9893aa8834256d0e3bb3b65ab11673297a01199010da41c5a51b4028019e9823
99d93d91bccaaf340159e497e2d56dc95baac5ec71fea49fc8396303a42fde68
a6880eba5f4b351151b3bbb36631b888d3c0c975a825b808211cee752790e529
a707815fcff6851a9cf83f4091e61fb5142e9f2d49572c607de315aed18bc564
af4ec3994e8ae4861f974d895018e5d9623cd94d7c39db49d0d4c708847a781d
c130448ffb6075915d966f19b8daa0577f1f0b2434bb5f74e6b4435d5f4e059f
c2ef3a8a68a4f85b655772f4883d96148fb5dee2345b17317400a8e97745fe34
c6e8c5c26433ced712649f1d91fb1b9e6b5dbade1229b1a73d0e27961929c3df
c710dade8fe42f0cec4e4851488c1d00b891b3a71ecab565f6a75eb603f68423
cf70438cff4bb6e3c83289b36ea0ea31f5f1ab289da7520d729eb2c4951eba3d
d399af7dcbfa54dd89e4b7a24fb393ee80c48e1b64ebeb440cf9652a11e18934
d5b5a3d18e3be9f005bf80b4d18d7fe588b3f20d89b30fbebd1d3d50c95418c9
d9e64ed8068d5fd6d4025163df32cedeba275f8a9d54eefbb214d3a3f88a8794
dbcd62d3688e6fac34a72e5e0562e06668ccb9285f2b785060e190384abeece3
ea66d1061bff02c00e2692d8e81e00dbb25f600f255d43e22c5fd1dca99a60a5
f61643c609e74bc4e0d1198aeed146cbfb6df2a47ccef6b5159c74332ca9b3fb
f9b2b6b3051f1a15c9f0d3f6cdfb82a9999d30b54b132a4b66d1490a8cfee6a4
fbe88e357222228becc0259abcefe7f87bf340a7143fd7974a50a35528e6eca0
fcd3781eb5776cefa7fa1a3590f5707f4e2e0cba9b250c77ff7095f7807453ec
fdeb244be69cf5eed2ebf7ac0442e1a15a36d4100cc49f795603ff29fb0ed6dc