urlscan.io logo urlscan.io
SecurityTrails logo

lpcaptkg.thebestremedyfito.com Open in urlscan Pro
95.216.23.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://digitalmediapp.com/api-f-click.php?offer_id=134286352&pub_id=37
Effective URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Submission: On December 31 via manual from RO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 5 countries across 8 domains to perform 37 HTTP transactions. The main IP is 95.216.23.99, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is lpcaptkg.thebestremedyfito.com.
TLS certificate: Issued by R3 on December 4th 2021. Valid for: 3 months.
This is the only time lpcaptkg.thebestremedyfito.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.170.18.18 20454 (SSASN2)
1 104.19.133.78 13335 (CLOUDFLAR...)
1 1 104.21.49.123 13335 (CLOUDFLAR...)
3 95.216.23.99 24940 (HETZNER-AS)
28 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:ab00:0:1... 49505 (SELECTEL)
3 7 2a02:6b8::1:119 208722 (YNDX)
37 5
1    108.170.18.18 (Phoenix, United States)

ASN20454 (SSASN2, US)
PTR: mx18.diplomaconnection.org
digitalmediapp.com
1    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
www.mgid.com
1    104.21.49.123 (None, )

ASN13335 (CLOUDFLARENET, US)
greatexdpt.space
3    95.216.23.99 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.99.23.216.95.clients.your-server.de
lpcaptkg.thebestremedyfito.com
28    2a02:26f0:6c00::210:ba13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
evrhst-a.akamaihd.net
1    2a00:ab00:0:12::236 (Russian Federation)

ASN49505 (SELECTEL, RU)
179523.selcdn.ru
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
Domain Requested by
28 evrhst-a.akamaihd.net lpcaptkg.thebestremedyfito.com
5 mc.yandex.com 2 redirects lpcaptkg.thebestremedyfito.com
3 lpcaptkg.thebestremedyfito.com www.mgid.com
lpcaptkg.thebestremedyfito.com
2 mc.yandex.ru 1 redirects lpcaptkg.thebestremedyfito.com
1 179523.selcdn.ru lpcaptkg.thebestremedyfito.com
1 greatexdpt.space 1 redirects
1 www.mgid.com
1 digitalmediapp.com 1 redirects
37 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
thebestremedyfito.com
R3		 2021-12-04 -
2022-03-04		 3 months crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.selcdn.ru
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2022-11-26		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh

This page contains 1 frames:

Primary Page: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Frame ID: AC0B138371F8D7B52F437EBB43ECC460
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cumpăraţi Arthrolon la un preț foarte mic. Prețuri, comentarii. Comandaţi Arthrolon acum!

Page URL History Show full URLs

  1. https://digitalmediapp.com/api-f-click.php?offer_id=134286352&pub_id=37 HTTP 302
    https://www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD... Page URL
  2. https://greatexdpt.space/click.php?key=19f7s91hx8u9pwsof7ex&externalid=4b905129e3fb80c12cdca705ac6426... HTTP 302
    https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

37
Requests

95 %
HTTPS

43 %
IPv6

8
Domains

8
Subdomains

5
IPs

5
Countries

376 kB
Transfer

574 kB
Size

37
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://digitalmediapp.com/api-f-click.php?offer_id=134286352&pub_id=37 HTTP 302
    https://www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD9vVpP23BxzpgK8tnTLc_ZgjXM1Iql72Vft8__jOA&rid=52305ddf-69e4-11ec-af28-e4434b374bc6&tt=Direct&att=3&pubsrcid=37-a-0-a-43224&cpm=1&ct=1 Page URL
  2. https://greatexdpt.space/click.php?key=19f7s91hx8u9pwsof7ex&externalid=4b905129e3fb80c12cdca705ac642624&cost=0.07&widget_id=57580243s3067784212&teaser_id=10385493&campaign_id=11147634&utm_medium=cpc&utm_source=mgid.com&utm_campaign=Imosteon+RO+(RP+Test)&utm_term=57580243s3067784212&utm_content=10385493&adclida=externalid HTTP 302
    https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://digitalmediapp.com/api-f-click.php?offer_id=134286352&pub_id=37 HTTP 302
  • https://www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD9vVpP23BxzpgK8tnTLc_ZgjXM1Iql72Vft8__jOA&rid=52305ddf-69e4-11ec-af28-e4434b374bc6&tt=Direct&att=3&pubsrcid=37-a-0-a-43224&cpm=1&ct=1
Request Chain 33
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9503.6XSFKV0FeiYY71qEpZnys6i2At6FMWec9yIw5iLS1c_4PhVetQIfYu9HSKmp0b9j.xLAWXTXU9eWYYJjGlVwXkMAO1Sg%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9503.Dit9AEPDgiwdLt8FkRCLpctEi5wgZ5Pscqb1N-1EjDUA8w-J-FAH67XvzdWpktAmULY9iwQnCifRMQkIvIm2dw%2C%2C.vsp7wh3x9ICTr1iKIAwOJ39jl-0%2C
Request Chain 35
  • https://mc.yandex.com/watch/74372080?wmode=7&page-url=https%3A%2F%2Flpcaptkg.thebestremedyfito.com%2F%3Fsid1%3Df02926jxodu3v61f%26sid5%3DUnknown%26sid4%3D2&page-ref=https%3A%2F%2Fwww.mgid.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A1097%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1157649874832%3Ahid%3A1054420795%3Az%3A0%3Ai%3A20211231030525%3Aet%3A1640919926%3Ac%3A1%3Arn%3A821967942%3Arqn%3A1%3Au%3A164091992671775765%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640919924555%3Ads%3A13%2C63%2C194%2C101%2C629%2C0%2C%2C205%2C2%2C%2C%2C%2C1244%3Adsn%3A13%2C64%2C194%2C101%2C629%2C0%2C%2C107%2C2%2C%2C%2C%2C1244%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640919926%3At%3ACump%C4%83ra%C5%A3i%20Arthrolon%20la%20un%20pre%C8%9B%20foarte%20mic.%20Pre%C8%9Buri%2C%20comentarii.%20Comanda%C5%A3i%20Arthrolon%20acum!&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/74372080/1?wmode=7&page-url=https%3A%2F%2Flpcaptkg.thebestremedyfito.com%2F%3Fsid1%3Df02926jxodu3v61f%26sid5%3DUnknown%26sid4%3D2&page-ref=https%3A%2F%2Fwww.mgid.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A1097%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1157649874832%3Ahid%3A1054420795%3Az%3A0%3Ai%3A20211231030525%3Aet%3A1640919926%3Ac%3A1%3Arn%3A821967942%3Arqn%3A1%3Au%3A164091992671775765%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640919924555%3Ads%3A13%2C63%2C194%2C101%2C629%2C0%2C%2C205%2C2%2C%2C%2C%2C1244%3Adsn%3A13%2C64%2C194%2C101%2C629%2C0%2C%2C107%2C2%2C%2C%2C%2C1244%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640919926%3At%3ACump%C4%83ra%C5%A3i%20Arthrolon%20la%20un%20pre%C8%9B%20foarte%20mic.%20Pre%C8%9Buri%2C%20comentarii.%20Comanda%C5%A3i%20Arthrolon%20acum%21&t=gdpr%2814%29aw%281%29ti%282%29

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
1
www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/
Redirect Chain
  • https://digitalmediapp.com/api-f-click.php?offer_id=134286352&pub_id=37
  • https://www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD9vVpP23BxzpgK8tnTLc_ZgjXM1Iql72Vft8__jOA&rid=52305ddf-69e4-11ec-af28-e4434b374bc6&tt=Direct&att=3&pu...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD9vVpP23BxzpgK8tnTLc_ZgjXM1Iql72Vft8__jOA&rid=52305ddf-69e4-11ec-af28-e4434b374bc6&tt=Direct&att=3&pubsrcid=37-a-0-a-43224&cpm=1&ct=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 31 Dec 2021 03:05:24 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:01 GMT
cache-control
no-cache
pragma
no-cache
x-mg-click-uuid
48e7b639-602a-d03a-bce2-077570fb9f57
access-control-allow-credentials
true
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-robots-tag
noindex
cf-cache-status
MISS
last-modified
Fri, 31 Dec 2021 03:05:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c6049378c24694f-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Server
nginx
Date
Fri, 31 Dec 2021 03:06:39 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
//www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD9vVpP23BxzpgK8tnTLc_ZgjXM1Iql72Vft8__jOA&rid=52305ddf-69e4-11ec-af28-e4434b374bc6&tt=Direct&att=3&pubsrcid=37-a-0-a-43224&cpm=1&ct=1
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Primary Request /
lpcaptkg.thebestremedyfito.com/
Redirect Chain
  • https://greatexdpt.space/click.php?key=19f7s91hx8u9pwsof7ex&externalid=4b905129e3fb80c12cdca705ac642624&cost=0.07&widget_id=57580243s3067784212&teaser_id=10385493&campaign_id=11147634&utm_medium=cp...
  • https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
170 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Requested by
Host: www.mgid.com
URL: https://www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD9vVpP23BxzpgK8tnTLc_ZgjXM1Iql72Vft8__jOA&rid=52305ddf-69e4-11ec-af28-e4434b374bc6&tt=Direct&att=3&pubsrcid=37-a-0-a-43224&cpm=1&ct=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.23.99 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.23.216.95.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
4e8193e0fb7eef04063bb4b478c2bd2fcee3ff70cfdce44b98ed08b03ac1d4b5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mgid.com/ghits/10385493/i/57580243/0/src/3067784212/pp/1/1?h=k9tK7tDJ7y0a50Rc5xIfstVD9vVpP23BxzpgK8tnTLc_ZgjXM1Iql72Vft8__jOA&rid=52305ddf-69e4-11ec-af28-e4434b374bc6&tt=Direct&att=3&pubsrcid=37-a-0-a-43224&cpm=1&ct=1

Response headers

server
nginx/1.18.0
date
Fri, 31 Dec 2021 03:05:25 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
etag
W/"2a6ba-s5yu9RMaZwT4riiFV/vxlPQsI7s"
server-timing
total; dur=114.388894; desc="Total Response Time"
content-encoding
gzip

Redirect headers

date
Fri, 31 Dec 2021 03:05:25 GMT
content-type
text/html; charset=UTF-8
location
https://lpcaptkg.thebestremedyfito.com?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XUauvpQWbOnTLLoNvKhbOmqZuymMTp61fOcyKlxMe3udIqUrXNsGoFW7RQyqcl0x8mKFvBSMq9sKLayIFgG3rN1Ij3JOEU1kFbkorLptFgBUlgHtfTsddFfdw7kP53Re8dg"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c604938a8816937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
all.min.css
evrhst-a.akamaihd.net/16328/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://evrhst-a.akamaihd.net/16328/css/all.min.css
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fdeb244be69cf5eed2ebf7ac0442e1a15a36d4100cc49f795603ff29fb0ed6dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
x-trans-id
16b8eddf832bfe33
etag
"ee64ba06a5d8988bee0e94e445c56415"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27938815
accept-ranges
bytes
content-length
4075
x-timestamp
1637320008.78337
soc.webp
evrhst-a.akamaihd.net/16328/images/ 		520 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/soc.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f61643c609e74bc4e0d1198aeed146cbfb6df2a47ccef6b5159c74332ca9b3fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"aa9792eb9c8a06d0327d712454bb310c"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936179
content-length
520
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
menu.webp
evrhst-a.akamaihd.net/16328/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/menu.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8b03bc9c0f22c2c96b4159e282d5ad6f6292722bbca436bf5083fbd414f389ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"10f7f5e04a46745082813c28c4bf9b53"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936205
content-length
1862
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
social-c.png
evrhst-a.akamaihd.net/16328/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/social-c.png
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6626c2808639d837c108695fe3a9483817549f3fc2e6240714cbae04829dfc07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"6550f25df81a7a02266082c312f61570"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27939008
content-length
1481
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
cont1.webp
evrhst-a.akamaihd.net/16328/images/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/cont1.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14a8c4081fbc78e9a5a0ade8de43dd3669f1d853a11e47ae2a08dfa89488ce4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"ba97f606d4e49c92523f4a24a84a03fb"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27939288
content-length
78644
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
prizewheel.png
evrhst-a.akamaihd.net/16328/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/prizewheel.png
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fbe88e357222228becc0259abcefe7f87bf340a7143fd7974a50a35528e6eca0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"e70f994c38deb1113846f358b13e83bb"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=31478450
content-length
21957
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
wheel-cursor.png
evrhst-a.akamaihd.net/16328/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/wheel-cursor.png
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
206f22a24afab361f679a3833c123aa0e8e50687a4d2c9a35502f1b63494890b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"58832e5d77fdb0f7f2a34e670b7bd1df"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27937183
content-length
1900
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
s1.webp
evrhst-a.akamaihd.net/16328/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/s1.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dbcd62d3688e6fac34a72e5e0562e06668ccb9285f2b785060e190384abeece3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"69e052dd623076c9d12faf98200c6d75"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27939040
content-length
8828
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
s2.webp
evrhst-a.akamaihd.net/16328/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/s2.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
99d93d91bccaaf340159e497e2d56dc95baac5ec71fea49fc8396303a42fde68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"b53085f54299de10f171fea88a8cb0da"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=31334386
content-length
4082
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
prod.webp
evrhst-a.akamaihd.net/16328/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/prod.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c2ef3a8a68a4f85b655772f4883d96148fb5dee2345b17317400a8e97745fe34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"e9ac0fed89bd76f8aeb7c33703490954"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27939424
content-length
13680
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
eu-footer2.js
179523.selcdn.ru/public/layout-images/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://179523.selcdn.ru/public/layout-images/eu-footer2.js
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:ab00:0:12::236 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
0409868ed3a15e20223bb32188af1efe649bfa99817d460ef5245cd248ea662d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 23:30:43 GMT
last-modified
Fri, 13 Aug 2021 08:49:40 GMT
age
12882
etag
"d8a022f0442752962ae3c68c0b89ff7e"
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
content-length
2802
accept-ranges
bytes
x-trans-id
169ad183c4d5cdd8
x-timestamp
1628844579.12224
index.js
evrhst-a.akamaihd.net/16328/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://evrhst-a.akamaihd.net/16328/index.js
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c710dade8fe42f0cec4e4851488c1d00b891b3a71ecab565f6a75eb603f68423

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
x-trans-id
16b8eddf832bfe33
etag
"4c4b6949ed3a57bf97d60267e82e7276"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936222
accept-ranges
bytes
content-length
1660
x-timestamp
1637320008.78337
ph1.webp
evrhst-a.akamaihd.net/16328/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/ph1.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
af4ec3994e8ae4861f974d895018e5d9623cd94d7c39db49d0d4c708847a781d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"4598eddfd1ab332fccd43e252694d268"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27939391
content-length
1792
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
ph2.webp
evrhst-a.akamaihd.net/16328/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/ph2.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
49d5b4df9c36a4f7d72b326295ced3b8b3321608f632852c4f2a3289579347e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"4b209509d1579d594970773e3c5d8666"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936201
content-length
2036
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
cont2.webp
evrhst-a.akamaihd.net/16328/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/cont2.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cf70438cff4bb6e3c83289b36ea0ea31f5f1ab289da7520d729eb2c4951eba3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"94e5a71af0d14b22ca358b11daee0d71"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936185
content-length
14926
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
cont3.webp
evrhst-a.akamaihd.net/16328/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/cont3.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ea66d1061bff02c00e2692d8e81e00dbb25f600f255d43e22c5fd1dca99a60a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"ed7fcf5bf60210090bdf056fcabd84f5"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27938736
content-length
29344
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
cont4.webp
evrhst-a.akamaihd.net/16328/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/cont4.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f9b2b6b3051f1a15c9f0d3f6cdfb82a9999d30b54b132a4b66d1490a8cfee6a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"3312efe00384e64dec9411eec529c014"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27939508
content-length
20052
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
social.webp
evrhst-a.akamaihd.net/16328/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/social.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9893aa8834256d0e3bb3b65ab11673297a01199010da41c5a51b4028019e9823

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 30 Apr 2021 10:50:12 GMT
etag
"4cb0bffda0dd0408c65f2cf6470a916f"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=18511563
content-length
2112
accept-ranges
bytes
x-trans-id
167a9d27ffdaadbb
x-timestamp
1619779811.11492
1.webp
evrhst-a.akamaihd.net/16328/images/ 		568 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/1.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d399af7dcbfa54dd89e4b7a24fb393ee80c48e1b64ebeb440cf9652a11e18934

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"6461a7e61a9cba326e9b4ba74b652539"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936137
content-length
568
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
2.webp
evrhst-a.akamaihd.net/16328/images/ 		502 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/2.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fcd3781eb5776cefa7fa1a3590f5707f4e2e0cba9b250c77ff7095f7807453ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"68cdb49ba24aa9001fac2db6421f37ac"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27938866
content-length
502
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
3.webp
evrhst-a.akamaihd.net/16328/images/ 		702 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/3.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6ca0800f2da232a4755dce81f8a9cdab7d8fb98c512a75ee286d16620f94d56c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"7dc5c949d347140e5b0326723b00e920"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936182
content-length
702
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
4.webp
evrhst-a.akamaihd.net/16328/images/ 		502 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/4.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8475a0af753a8f351552feb13837c8c06302f764ba9baa2c2cc315fb3e4fe448

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"85cafa7efe65f4aad3712c9ae8260ea3"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27939628
content-length
502
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
otz1.webp
evrhst-a.akamaihd.net/16328/images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/otz1.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a6880eba5f4b351151b3bbb36631b888d3c0c975a825b808211cee752790e529

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"85ebe767192df906a6fc5c7c2dcd2c59"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=30033647
content-length
25498
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
5.webp
evrhst-a.akamaihd.net/16328/images/ 		726 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/5.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a707815fcff6851a9cf83f4091e61fb5142e9f2d49572c607de315aed18bc564

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"772803d94cf196c147fe1b0f9e3a5a88"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936181
content-length
726
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
6.webp
evrhst-a.akamaihd.net/16328/images/ 		690 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/6.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c6e8c5c26433ced712649f1d91fb1b9e6b5dbade1229b1a73d0e27961929c3df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"94032f30162dc92458438193806d5f0e"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936134
content-length
690
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
7.webp
evrhst-a.akamaihd.net/16328/images/ 		530 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/7.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4d1394d460fd3298891b6e0833a7c6bee356b981d2ae88f15fdaa9aa0dedcda8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"b73b2b14c54213a72506ae4dffe1634c"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27938795
content-length
530
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
s3.webp
evrhst-a.akamaihd.net/16328/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/s3.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
79dd3d43be4175169701534835b66c037a40802f0a138da58ac80813c02a0c91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"cd56573c3494210eb3b2818777608f99"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27936465
content-length
4786
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
s4.webp
evrhst-a.akamaihd.net/16328/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/s4.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8c3e3cb898fc4b105fb6bde15eaf9aea86080964dfd60de5e197e9ae3028de4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"e941f3e9ae3ba12ab25799124e8298c4"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27941963
content-length
7924
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
s5.webp
evrhst-a.akamaihd.net/16328/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evrhst-a.akamaihd.net/16328/images/s5.webp
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d5b5a3d18e3be9f005bf80b4d18d7fe588b3f20d89b30fbebd1d3d50c95418c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 19 Nov 2021 11:06:49 GMT
etag
"475de2bed328e6f3518ad9188c2df580"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control
cache-control
public, max-age=27938799
content-length
3804
accept-ranges
bytes
x-trans-id
16b8eddf832bfe33
x-timestamp
1637320008.78337
test-xhr
lpcaptkg.thebestremedyfito.com/ 		6 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lpcaptkg.thebestremedyfito.com/test-xhr
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.23.99 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.23.216.95.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
d9e64ed8068d5fd6d4025163df32cedeba275f8a9d54eefbb214d3a3f88a8794
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
x-content-type-options
nosniff
server
nginx/1.18.0
etag
W/"6-hH2Nxvb5Ee2fNUSKy82lbKoHEHY"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/html; charset=utf-8
server-timing
total; dur=1.193497; desc="Total Response Time"
x-dns-prefetch-control
off
content-length
6
x-xss-protection
1; mode=block
watch.js
mc.yandex.ru/metrika/ 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
13478bdce3b05abe223de8fe7aeab8fa7e1c0599adde7b20944739374757ecfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
content-encoding
br
last-modified
Tue, 28 Dec 2021 12:05:22 GMT
etag
"61cad352-bd04"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
48388
expires
Fri, 31 Dec 2021 04:05:25 GMT
click
lpcaptkg.thebestremedyfito.com/ 		22 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lpcaptkg.thebestremedyfito.com/click?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2&landing_page_id=14936&campaign_id=995870&referer=https%3A%2F%2Fwww.mgid.com%2F
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.23.99 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.23.216.95.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
6be4b54981b363c752a7b7f7c22c2398784318ed77093f2f0a55d4c2f7fbc11b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:26 GMT
x-content-type-options
nosniff, nosniff
server
nginx/1.18.0
x-frame-options
SAMEORIGIN, DENY
etag
W/"16-mYnwEf7xZzol1TgNSnCPeYd8Z2c"
x-download-options
noopen
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
content-length
22
x-xss-protection
1; mode=block
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9503.6XSFKV0FeiYY71qEpZnys6i2At6FMWec9yIw5iLS1c_4PhVetQIfYu9HSKmp0b9j.xLAWXTXU9eWYYJjGlVwXkMAO1Sg%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9503.Dit9AEPDgiwdLt8FkRCLpctEi5wgZ5Pscqb1N-1EjDUA8w-J-FAH67XvzdWpktAmULY9iwQnCifRMQkIvIm2dw%2C%2C.vsp7wh3x9ICTr1iKIAwOJ39jl-0%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9503.Dit9AEPDgiwdLt8FkRCLpctEi5wgZ5Pscqb1N-1EjDUA8w-J-FAH67XvzdWpktAmULY9iwQnCifRMQkIvIm2dw%2C%2C.vsp7wh3x9ICTr1iKIAwOJ39jl-0%2C
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9503.Dit9AEPDgiwdLt8FkRCLpctEi5wgZ5Pscqb1N-1EjDUA8w-J-FAH67XvzdWpktAmULY9iwQnCifRMQkIvIm2dw%2C%2C.vsp7wh3x9ICTr1iKIAwOJ39jl-0%2C
date
Fri, 31 Dec 2021 03:05:25 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: lpcaptkg.thebestremedyfito.com
URL: https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Thu, 23 Dec 2021 16:10:01 GMT
etag
"61c47529-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 31 Dec 2021 04:05:25 GMT
1
mc.yandex.com/watch/74372080/
Redirect Chain
  • https://mc.yandex.com/watch/74372080?wmode=7&page-url=https%3A%2F%2Flpcaptkg.thebestremedyfito.com%2F%3Fsid1%3Df02926jxodu3v61f%26sid5%3DUnknown%26sid4%3D2&page-ref=https%3A%2F%2Fwww.mgid.com%2F&ch...
  • https://mc.yandex.com/watch/74372080/1?wmode=7&page-url=https%3A%2F%2Flpcaptkg.thebestremedyfito.com%2F%3Fsid1%3Df02926jxodu3v61f%26sid5%3DUnknown%26sid4%3D2&page-ref=https%3A%2F%2Fwww.mgid.com%2F&...
331 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/74372080/1?wmode=7&page-url=https%3A%2F%2Flpcaptkg.thebestremedyfito.com%2F%3Fsid1%3Df02926jxodu3v61f%26sid5%3DUnknown%26sid4%3D2&page-ref=https%3A%2F%2Fwww.mgid.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A1097%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1157649874832%3Ahid%3A1054420795%3Az%3A0%3Ai%3A20211231030525%3Aet%3A1640919926%3Ac%3A1%3Arn%3A821967942%3Arqn%3A1%3Au%3A164091992671775765%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640919924555%3Ads%3A13%2C63%2C194%2C101%2C629%2C0%2C%2C205%2C2%2C%2C%2C%2C1244%3Adsn%3A13%2C64%2C194%2C101%2C629%2C0%2C%2C107%2C2%2C%2C%2C%2C1244%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640919926%3At%3ACump%C4%83ra%C5%A3i%20Arthrolon%20la%20un%20pre%C8%9B%20foarte%20mic.%20Pre%C8%9Buri%2C%20comentarii.%20Comanda%C5%A3i%20Arthrolon%20acum%21&t=gdpr%2814%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
c130448ffb6075915d966f19b8daa0577f1f0b2434bb5f74e6b4435d5f4e059f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lpcaptkg.thebestremedyfito.com/?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Dec 2021 03:05:25 GMT
x-content-type-options
nosniff
last-modified
Fri, 31-Dec-2021 03:05:25 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lpcaptkg.thebestremedyfito.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Fri, 31-Dec-2021 03:05:25 GMT

Redirect headers

pragma
no-cache
date
Fri, 31 Dec 2021 03:05:25 GMT
last-modified
Fri, 31-Dec-2021 03:05:25 GMT
location
/watch/74372080/1?wmode=7&page-url=https%3A%2F%2Flpcaptkg.thebestremedyfito.com%2F%3Fsid1%3Df02926jxodu3v61f%26sid5%3DUnknown%26sid4%3D2&page-ref=https%3A%2F%2Fwww.mgid.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A1097%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1157649874832%3Ahid%3A1054420795%3Az%3A0%3Ai%3A20211231030525%3Aet%3A1640919926%3Ac%3A1%3Arn%3A821967942%3Arqn%3A1%3Au%3A164091992671775765%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640919924555%3Ads%3A13%2C63%2C194%2C101%2C629%2C0%2C%2C205%2C2%2C%2C%2C%2C1244%3Adsn%3A13%2C64%2C194%2C101%2C629%2C0%2C%2C107%2C2%2C%2C%2C%2C1244%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640919926%3At%3ACump%C4%83ra%C5%A3i%20Arthrolon%20la%20un%20pre%C8%9B%20foarte%20mic.%20Pre%C8%9Buri%2C%20comentarii.%20Comanda%C5%A3i%20Arthrolon%20acum%21&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://lpcaptkg.thebestremedyfito.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 31-Dec-2021 03:05:25 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| countryCodeMasString string| language string| dir string| cdn_path string| country_code string| campaign_country_code string| smart_form_call_timings string| codeCorrect string| codeEmpty string| codeInvalid object| country_code_mas string| additional_phone_placeholder function| $ function| jQuery function| postDate object| resultWrapper object| wheel function| spin object| closePopup number| time undefined| intr function| start_timer function| tick object| transit_fb_id object| landing_fb_id object| thankyou_fb_id object| Ya object| yaCounter74372080

37 Cookies

Domain/Path Name / Value
.mgid.com/ Name: muidn
Value: lbuoA_dh1v5j
www.mgid.com/ Name: PHPSESSID
Value: n530nbhfd11vd2tka5evq10s0i
.mgid.com/ Name: mgid
Value: 10385493
.mgid.com/ Name: mtid
Value: 57580243
.mgid.com/ Name: mtuid
Value: 57580243s3067784212
.mgid.com/ Name: mstatus
Value: 0
.mgid.com/ Name: mghd
Value: greatexdpt.space
.mgid.com/ Name: __cf_bm
Value: g8L5iDMQbE1nqIeqIy3G0YRgodnFoeBkpgf1laootuI-1640919924-0-ASKb3XWRaM6HcbPcJuyW4QlkxJV7t+cihSJ4nSqUskAKrNLyKzEp0xVyyuVZqtxbHr9Jl7R2DqorTH6j2djqlQU=
greatexdpt.space/ Name: uclick
Value: 6jxodu3v
greatexdpt.space/ Name: uclickhash
Value: 6jxodu3v-6jxodu3v-2tc8-0-gxa6-529l-ojdu-633ef2
lpcaptkg.thebestremedyfito.com/ Name: news_domain
Value: everinform.com
lpcaptkg.thebestremedyfito.com/ Name: visited
Value: e%3A441c1ac6d176ec0cb77429bf3e8a5e139e700a5bbeedca2e5567cdfbd34c7da6
lpcaptkg.thebestremedyfito.com/ Name: anonymous_id
Value: 91d64de7-ea82-40fa-aaa3-9f0f9d6c3955
lpcaptkg.thebestremedyfito.com/ Name: campaign_id
Value: 995870
lpcaptkg.thebestremedyfito.com/ Name: affiliate_id
Value: 179359
lpcaptkg.thebestremedyfito.com/ Name: zevs
Value: 179359
lpcaptkg.thebestremedyfito.com/ Name: currency
Value: usd
lpcaptkg.thebestremedyfito.com/ Name: back_button_enabled
Value: true
lpcaptkg.thebestremedyfito.com/ Name: landing_page_id
Value: 14936
lpcaptkg.thebestremedyfito.com/ Name: lang
Value: ro
lpcaptkg.thebestremedyfito.com/ Name: user_country_code
Value: DE
lpcaptkg.thebestremedyfito.com/ Name: is_duplicate_restricted
Value: false
lpcaptkg.thebestremedyfito.com/ Name: is_namephone_validated
Value: true
.thebestremedyfito.com/ Name: _ym_uid
Value: 164091992671775765
.thebestremedyfito.com/ Name: _ym_d
Value: 1640919926
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 170009119fake
.thebestremedyfito.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3217207195fake
.yandex.com/ Name: yandexuid
Value: 4198773641640919925
.yandex.com/ Name: yuidss
Value: 4198773641640919925
mc.yandex.com/ Name: yabs-sid
Value: 1772861021640919925
.yandex.com/ Name: i
Value: P721UPEjOSpTLj6zoMKd3ryN1MwyY3Y+ZddW7+TU3Fx7PS90rUt+FJsfIqgWjqSeMbqZ04k0WEgOpbbRqDvt1Po6vr0=
.yandex.com/ Name: ymex
Value: 1672455925.yrts.1640919925#1672455925.yrtsi.1640919925
.thebestremedyfito.com/ Name: _ym_visorc
Value: w
lpcaptkg.thebestremedyfito.com/ Name: tracked_campaign_id
Value: 995870
lpcaptkg.thebestremedyfito.com/ Name: url
Value: /click?sid1=f02926jxodu3v61f&sid5=Unknown&sid4=2&landing_page_id=14936&campaign_id=995870&referer=https%3A%2F%2Fwww.mgid.com%2F
lpcaptkg.thebestremedyfito.com/ Name: click_id
Value: 582714327

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9503.Dit9AEPDgiwdLt8FkRCLpctEi5wgZ5Pscqb1N-1EjDUA8w-J-FAH67XvzdWpktAmULY9iwQnCifRMQkIvIm2dw%2C%2C.vsp7wh3x9ICTr1iKIAwOJ39jl-0%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

179523.selcdn.ru
digitalmediapp.com
evrhst-a.akamaihd.net
greatexdpt.space
lpcaptkg.thebestremedyfito.com
mc.yandex.com
mc.yandex.ru
www.mgid.com
104.19.133.78
104.21.49.123
108.170.18.18
2a00:ab00:0:12::236
2a02:26f0:6c00::210:ba13
2a02:6b8::1:119
95.216.23.99
0409868ed3a15e20223bb32188af1efe649bfa99817d460ef5245cd248ea662d
13478bdce3b05abe223de8fe7aeab8fa7e1c0599adde7b20944739374757ecfb
14a8c4081fbc78e9a5a0ade8de43dd3669f1d853a11e47ae2a08dfa89488ce4b
206f22a24afab361f679a3833c123aa0e8e50687a4d2c9a35502f1b63494890b
49d5b4df9c36a4f7d72b326295ced3b8b3321608f632852c4f2a3289579347e7
4d1394d460fd3298891b6e0833a7c6bee356b981d2ae88f15fdaa9aa0dedcda8
4e8193e0fb7eef04063bb4b478c2bd2fcee3ff70cfdce44b98ed08b03ac1d4b5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6626c2808639d837c108695fe3a9483817549f3fc2e6240714cbae04829dfc07
6be4b54981b363c752a7b7f7c22c2398784318ed77093f2f0a55d4c2f7fbc11b
6ca0800f2da232a4755dce81f8a9cdab7d8fb98c512a75ee286d16620f94d56c
79dd3d43be4175169701534835b66c037a40802f0a138da58ac80813c02a0c91
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8475a0af753a8f351552feb13837c8c06302f764ba9baa2c2cc315fb3e4fe448
8b03bc9c0f22c2c96b4159e282d5ad6f6292722bbca436bf5083fbd414f389ed
8c3e3cb898fc4b105fb6bde15eaf9aea86080964dfd60de5e197e9ae3028de4b
9893aa8834256d0e3bb3b65ab11673297a01199010da41c5a51b4028019e9823
99d93d91bccaaf340159e497e2d56dc95baac5ec71fea49fc8396303a42fde68
a6880eba5f4b351151b3bbb36631b888d3c0c975a825b808211cee752790e529
a707815fcff6851a9cf83f4091e61fb5142e9f2d49572c607de315aed18bc564
af4ec3994e8ae4861f974d895018e5d9623cd94d7c39db49d0d4c708847a781d
c130448ffb6075915d966f19b8daa0577f1f0b2434bb5f74e6b4435d5f4e059f
c2ef3a8a68a4f85b655772f4883d96148fb5dee2345b17317400a8e97745fe34
c6e8c5c26433ced712649f1d91fb1b9e6b5dbade1229b1a73d0e27961929c3df
c710dade8fe42f0cec4e4851488c1d00b891b3a71ecab565f6a75eb603f68423
cf70438cff4bb6e3c83289b36ea0ea31f5f1ab289da7520d729eb2c4951eba3d
d399af7dcbfa54dd89e4b7a24fb393ee80c48e1b64ebeb440cf9652a11e18934
d5b5a3d18e3be9f005bf80b4d18d7fe588b3f20d89b30fbebd1d3d50c95418c9
d9e64ed8068d5fd6d4025163df32cedeba275f8a9d54eefbb214d3a3f88a8794
dbcd62d3688e6fac34a72e5e0562e06668ccb9285f2b785060e190384abeece3
ea66d1061bff02c00e2692d8e81e00dbb25f600f255d43e22c5fd1dca99a60a5
f61643c609e74bc4e0d1198aeed146cbfb6df2a47ccef6b5159c74332ca9b3fb
f9b2b6b3051f1a15c9f0d3f6cdfb82a9999d30b54b132a4b66d1490a8cfee6a4
fbe88e357222228becc0259abcefe7f87bf340a7143fd7974a50a35528e6eca0
fcd3781eb5776cefa7fa1a3590f5707f4e2e0cba9b250c77ff7095f7807453ec
fdeb244be69cf5eed2ebf7ac0442e1a15a36d4100cc49f795603ff29fb0ed6dc