diabetesreversed.com
Open in
urlscan Pro
2606:4700:20::681a:bac
Malicious Activity!
Public Scan
Submitted URL: https://email.newsaroundthehill.com/c/eJxs0juWpCoYAODVVIUefh4KgcHt0937AOSlIBaiqKu_Zyae_Au_adQDVUi8zQi94KIfOPC3HzlGk6Ua24Eg2luNYUAG61...
Effective URL: https://diabetesreversed.com/ptn/189?utm_campaign=db_3-drinks&utm_medium=email&utm_content=death-drinks&utm_source=rldnws&sub...
Submission: On November 02 via api from ES — Scanned from ES
Effective URL: https://diabetesreversed.com/ptn/189?utm_campaign=db_3-drinks&utm_medium=email&utm_content=death-drinks&utm_source=rldnws&sub...
Submission: On November 02 via api from ES — Scanned from ES
Summary
This website contacted 37 IPs
in 4 countries
across 29 domains to perform 115 HTTP transactions.
The main IP is 2606:4700:20::681a:bac, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is diabetesreversed.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 16th 2023. Valid for: a year.
This is the only time diabetesreversed.com was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 16th 2023. Valid for: a year.
This is the only time diabetesreversed.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
1
34.110.180.34
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.180.110.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.180.110.34.bc.googleusercontent.com
| email.newsaroundthehill.com |
1
34.195.209.248
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-209-248.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-209-248.compute-1.amazonaws.com
| track.newsaroundthehill.com |
7
76.223.4.85
(United States)
ASN16509 (AMAZON-02, US)
PTR: a96f7da9125d7945d.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a96f7da9125d7945d.awsglobalaccelerator.com
| secure.ultracart.com | |
| bartn.ultracartstore.com |
8
18.66.107.4
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-107-4.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-107-4.fra56.r.cloudfront.net
| dndngvalp4jdj.cloudfront.net |
1
2a00:1450:4001:809::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googleoptimize.com |
1
52.222.232.153
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-153.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-153.fra56.r.cloudfront.net
| d2zah9y47r7bi2.cloudfront.net |
1
18.244.38.106
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-244-38-106.cdg52.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-244-38-106.cdg52.r.cloudfront.net
| d9i5ve8f04qxt.cloudfront.net |
8
108.138.2.149
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-138-2-149.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-138-2-149.fra56.r.cloudfront.net
| dw26xg4lubooo.cloudfront.net |
4
2a00:1450:4001:82a::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
13.32.27.3
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-3.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-3.fra56.r.cloudfront.net
| token.ultracart.com |
10
2a02:26f0:3500:16::215:148f
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| use.typekit.net |
1
18.66.97.10
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net
| static.hotjar.com |
4
2a03:2880:f083:9:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
3
18.244.183.170
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-244-183-170.lhr61.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-244-183-170.lhr61.r.cloudfront.net
| d1pqvb2h9xgm7r.cloudfront.net |
1
13.224.245.12
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-245-12.lhr62.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-245-12.lhr62.r.cloudfront.net
| script.hotjar.com |
7
35.227.244.1
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 1.244.227.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 1.244.227.35.bc.googleusercontent.com
| shop.pe | |
| app.shop.pe | |
| manage.safeopt.com |
3
18.66.122.10
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-10.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-10.fra60.r.cloudfront.net
| d3rr3d0n31t48m.cloudfront.net |
5
2001:4860:4802:32::36
(United States)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| region1.analytics.google.com | |
| region1.google-analytics.com |
1
18.66.112.79
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net
| vc.hotjar.io |
8
13.249.12.93
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-249-12-93.cdg53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-249-12-93.cdg53.r.cloudfront.net
| d2ex3jtfzskk20.cloudfront.net |
1
2a03:2880:f177:83:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
1
3.5.29.172
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
| addshoppers.s3.amazonaws.com |
1
35.190.54.17
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 17.54.190.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 17.54.190.35.bc.googleusercontent.com
| shopper.shop.pe |
1
75.2.91.175
(United States)
ASN16509 (AMAZON-02, US)
PTR: a954c1fc80b8251dc.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a954c1fc80b8251dc.awsglobalaccelerator.com
| nytrng.com |
1
99.86.91.49
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-49.cdg50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-49.cdg50.r.cloudfront.net
| cdn.nytrng.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 32 |
cloudfront.net
dndngvalp4jdj.cloudfront.net d2zah9y47r7bi2.cloudfront.net d9i5ve8f04qxt.cloudfront.net dw26xg4lubooo.cloudfront.net d1pqvb2h9xgm7r.cloudfront.net d3rr3d0n31t48m.cloudfront.net d2ex3jtfzskk20.cloudfront.net |
3 MB |
| 11 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 506 p.typekit.net — Cisco Umbrella Rank: 621 |
229 KB |
| 9 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335 |
204 KB |
| 8 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223 |
67 KB |
| 7 |
shop.pe
1 redirects
shop.pe — Cisco Umbrella Rank: 12607 app.shop.pe — Cisco Umbrella Rank: 14525 shopper.shop.pe — Cisco Umbrella Rank: 14983 |
11 KB |
| 6 |
ultracart.com
1 redirects
secure.ultracart.com — Cisco Umbrella Rank: 533076 token.ultracart.com |
16 KB |
| 5 |
uprivaladserver.net
2 redirects
api.uprivaladserver.net — Cisco Umbrella Rank: 533703 |
8 KB |
| 4 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174 |
177 KB |
| 4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35 |
244 KB |
| 3 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040 |
328 B |
| 3 |
bing.com
bat.bing.com — Cisco Umbrella Rank: 366 |
14 KB |
| 2 |
nytrng.com
nytrng.com — Cisco Umbrella Rank: 10781 cdn.nytrng.com — Cisco Umbrella Rank: 27425 |
837 B |
| 2 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462 |
71 B |
| 2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901 |
60 KB |
| 2 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 68 |
69 KB |
| 2 |
ultracartstore.com
bartn.ultracartstore.com |
2 KB |
| 2 |
fortawesome.com
use.fortawesome.com — Cisco Umbrella Rank: 21888 |
173 KB |
| 2 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 762 |
39 KB |
| 2 |
newsaroundthehill.com
2 redirects
email.newsaroundthehill.com track.newsaroundthehill.com |
1004 B |
| 1 |
safeopt.com
manage.safeopt.com — Cisco Umbrella Rank: 22111 |
835 B |
| 1 |
amazonaws.com
addshoppers.s3.amazonaws.com — Cisco Umbrella Rank: 18608 |
1 KB |
| 1 |
trackjs.com
usage.trackjs.com — Cisco Umbrella Rank: 2997 |
229 B |
| 1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 110 |
185 B |
| 1 |
hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2687 |
259 B |
| 1 |
google.es
www.google.es — Cisco Umbrella Rank: 23948 |
408 B |
| 1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78 |
257 B |
| 1 |
taboola.com
trc.taboola.com — Cisco Umbrella Rank: 705 |
367 B |
| 1 |
googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1969 |
50 KB |
| 1 |
diabetesreversed.com
diabetesreversed.com |
60 KB |
| 115 | 29 |
| Domain | Requested by | |
|---|---|---|
| 10 | use.typekit.net |
cdnjs.cloudflare.com
diabetesreversed.com |
| 9 | cdn.jsdelivr.net |
diabetesreversed.com
|
| 8 | d2ex3jtfzskk20.cloudfront.net |
diabetesreversed.com
|
| 8 | dw26xg4lubooo.cloudfront.net |
diabetesreversed.com
|
| 8 | cdnjs.cloudflare.com |
diabetesreversed.com
|
| 8 | dndngvalp4jdj.cloudfront.net |
diabetesreversed.com
code.jquery.com |
| 5 | secure.ultracart.com |
1 redirects
d2zah9y47r7bi2.cloudfront.net
|
| 5 | api.uprivaladserver.net |
2 redirects
api.uprivaladserver.net
|
| 4 | connect.facebook.net |
diabetesreversed.com
connect.facebook.net |
| 4 | www.googletagmanager.com |
diabetesreversed.com
www.googletagmanager.com cdnjs.cloudflare.com |
| 3 | app.shop.pe |
d2zah9y47r7bi2.cloudfront.net
|
| 3 | region1.analytics.google.com |
www.googletagmanager.com
|
| 3 | d3rr3d0n31t48m.cloudfront.net |
diabetesreversed.com
shop.pe |
| 3 | shop.pe |
1 redirects
d3rr3d0n31t48m.cloudfront.net
|
| 3 | bat.bing.com |
www.googletagmanager.com
bat.bing.com diabetesreversed.com |
| 3 | d1pqvb2h9xgm7r.cloudfront.net |
d2zah9y47r7bi2.cloudfront.net
|
| 2 | region1.google-analytics.com |
www.googletagmanager.com
|
| 2 | www.youtube.com |
cdn.jsdelivr.net
www.youtube.com |
| 2 | bartn.ultracartstore.com |
diabetesreversed.com
bartn.ultracartstore.com |
| 2 | use.fortawesome.com |
diabetesreversed.com
use.fortawesome.com |
| 2 | code.jquery.com |
diabetesreversed.com
|
| 1 | cdn.nytrng.com |
nytrng.com
|
| 1 | nytrng.com |
d3rr3d0n31t48m.cloudfront.net
|
| 1 | manage.safeopt.com |
d2zah9y47r7bi2.cloudfront.net
|
| 1 | shopper.shop.pe |
shop.pe
|
| 1 | addshoppers.s3.amazonaws.com |
d3rr3d0n31t48m.cloudfront.net
|
| 1 | usage.trackjs.com | |
| 1 | www.facebook.com |
diabetesreversed.com
|
| 1 | vc.hotjar.io |
d2zah9y47r7bi2.cloudfront.net
|
| 1 | p.typekit.net |
diabetesreversed.com
|
| 1 | www.google.es |
diabetesreversed.com
|
| 1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
| 1 | script.hotjar.com |
static.hotjar.com
|
| 1 | trc.taboola.com |
diabetesreversed.com
www.googletagmanager.com |
| 1 | static.hotjar.com |
diabetesreversed.com
|
| 1 | token.ultracart.com |
diabetesreversed.com
|
| 1 | d9i5ve8f04qxt.cloudfront.net |
diabetesreversed.com
|
| 1 | d2zah9y47r7bi2.cloudfront.net |
diabetesreversed.com
|
| 1 | www.googleoptimize.com |
diabetesreversed.com
|
| 1 | diabetesreversed.com | |
| 1 | track.newsaroundthehill.com | 1 redirects |
| 1 | email.newsaroundthehill.com | 1 redirects |
| 115 | 42 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| secure.ultracart.com |
| secure.trust-guard.com |
| bartonpublishing.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-02-14 - 2024-02-13 |
a year | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
| *.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
| *.ultracartstore.com Amazon RSA 2048 M02 |
2023-05-06 - 2024-06-03 |
a year | crt.sh |
| token.ultracart.com Amazon RSA 2048 M01 |
2023-02-20 - 2024-01-13 |
a year | crt.sh |
| use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-21 - 2024-10-21 |
a year | crt.sh |
| *.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
| *.hotjar.com Amazon ECDSA 256 M01 |
2023-03-09 - 2024-04-06 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-08-12 - 2023-11-10 |
3 months | crt.sh |
| www.bing.com Microsoft Azure TLS Issuing CA 01 |
2023-10-24 - 2024-04-21 |
6 months | crt.sh |
| *.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-10-23 - 2024-11-22 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
| *.google.es GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
| *.hotjar.io Amazon ECDSA 256 M01 |
2023-03-09 - 2024-04-06 |
a year | crt.sh |
| *.shop.pe RapidSSL TLS RSA CA G1 |
2023-07-13 - 2024-07-12 |
a year | crt.sh |
| *.trackjs.com RapidSSL TLS RSA CA G1 |
2023-07-31 - 2024-08-11 |
a year | crt.sh |
| *.s3.amazonaws.com Amazon RSA 2048 M01 |
2023-10-10 - 2024-07-03 |
9 months | crt.sh |
| *.safeopt.com GlobeSSL DV CA |
2023-05-23 - 2024-06-14 |
a year | crt.sh |
| nytrng.com Amazon RSA 2048 M02 |
2023-03-25 - 2024-04-22 |
a year | crt.sh |
| *.nytrng.com Amazon RSA 2048 M03 |
2023-08-15 - 2024-09-10 |
a year | crt.sh |
| secure.ultracart.com Amazon RSA 2048 M01 |
2023-05-06 - 2024-06-03 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://diabetesreversed.com/ptn/189?utm_campaign=db_3-drinks&utm_medium=email&utm_content=death-drinks&utm_source=rldnws&subid=rldnws_23-1027a&utm_term=email&AFFID=470602
Frame ID: 3CF1F78E7FD7947174B80B06AA6856F1
Requests: 111 HTTP requests in this frame
Frame:
https://www.googletagmanager.com/ns.html?id=GTM-S4P8
Frame ID: 6D8B2716FB3525716D5F95C598C23AE2
Requests: 3 HTTP requests in this frame
Frame:
https://nytrng.com/iframe?vcp=4dd5h0np&as_id=41743d6579af40c085d863535b705544
Frame ID: 474D0C48493509F433BD81AE90488D62
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
3 DrinksPage URL History Show full URLs
-
https://email.newsaroundthehill.com/c/eJxs0juWpCoYAODVVIUefh4KgcHt0937AOSlIBaiqKu_Zyae_Au_adQDVUi8zQi94KIfOPC3Hz...
HTTP 302
http://track.newsaroundthehill.com/?xtl=1e490qy9p51vg1ee4wkwf2gjqyybgoew8sdm14vvk5cootl7jzi8njo2b5l9acpexr9lcwo... HTTP 302
https://api.uprivaladserver.net/v2/a/click?tid=5e39cca3ba2e541b808fbb92&clid=5e4af49bba2e54095ceb2175&p=1&rn... Page URL
-
https://api.uprivaladserver.net/cdn-cgi/phish-bypass?atok=j17mur5t.FBetfVo2lKvHR71VDHe6Uxin4tig2XS.zw-169896...
HTTP 301
https://api.uprivaladserver.net/v2/a/click?tid=5e39cca3ba2e541b808fbb92&clid=5e4af49bba2e54095ceb2175&p=1&rn... HTTP 302
https://secure.ultracart.com/aff/E9FB17EAC174D6018B4E171A03205D00/index.html?&utm_source=rldnws&utm_mediu... HTTP 302
https://diabetesreversed.com/ptn/189?utm_campaign=db_3-drinks&utm_medium=email&utm_content=death-drinks&u... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Vue.js
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:/([\d.]+))?/vue(?:\.min)?\.js
Axios
(JavaScript libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Optimize
(A/B Testing)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googleoptimize\.com/optimize\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //static\.hotjar\.com/
Lodash
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- lodash.*\.js
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
TrackJs
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- tracker\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
URL: https://secure.ultracart.com/checkout/cvv2/both.jsp
Title: help finding code?
Title: help finding code?
Search URL Search Domain Scan URL
URL: http://secure.trust-guard.com/security/2593
Search URL Search Domain Scan URL
URL: http://secure.trust-guard.com/privacy/2593
Search URL Search Domain Scan URL
URL: http://secure.trust-guard.com/business/2593
Search URL Search Domain Scan URL
URL: http://secure.trust-guard.com/certified/2593
Search URL Search Domain Scan URL
URL: https://bartonpublishing.com/
Title: Home
Title: Home
Search URL Search Domain Scan URL
URL: https://bartonpublishing.com/terms
Title: Terms and Conditions
Title: Terms and Conditions
Search URL Search Domain Scan URL
URL: https://bartonpublishing.com/privacy
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: https://bartonpublishing.com/delivery
Title: Shipping
Title: Shipping
Search URL Search Domain Scan URL
URL: https://bartonpublishing.com/refund
Title: Refunds & Cancelations
Title: Refunds & Cancelations
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://email.newsaroundthehill.com/c/eJxs0juWpCoYAODVVIUefh4KgcHt0937AOSlIBaiqKu_Zyae_Au_adQDVUi8zQi94KIfOPC3HzlGk6Ua24Eg2luNYUAG615IYBYxeIcRI0wAEMYEMTR00H1__fY_gL4AyBf9-YEXRatpuyz5WKfqjQ8xdjqndxx9rduL_PfCvy_8W4vUS_dP-geQ36vGF_kGQwX63GJjcDowhralWezmz30rl03j-5SAnufCdM41DvMT-DpnrFgUUm_mKiLqlhuRQ-KrshGv8zMNQ4PeqHgZlIKvvgX7oF5DwRYCoqd7APpo2bRG1zC-T9Wke6o9JIFaHr1aJj-c-6Br8vNGr-HDIn22M-HzGPZrgyGniDSBOV1YpKjFWTd5iJ2yfLQbFsR6jhyh5J6s8HXxvOKCawEv5pmoUOgmejFrCbXhwGt5kLETbu1op1tR0ek5rINziepO4lBTr5yIGja_ebERqy7AEGd_37zqRZVB3JKKRe6T8BcAm6o6X7g3wb_IN3mo0SSezKEgScnikN6UzJvTLNvAC99PrFJd0jN4MBdxlxPsncae9gwwGd5lnJO8bTBxelG0y7XKdTJF53U_kinHLv8eqOPV7cTdGXUkKdy1aQvw6drEc5JdUAeTqOOzC7ljBivZQUjx_wAAAP__pcbmig
HTTP 302
http://track.newsaroundthehill.com/?xtl=1e490qy9p51vg1ee4wkwf2gjqyybgoew8sdm14vvk5cootl7jzi8njo2b5l9acpexr9lcwow3a7m8nbfl2njzd77w16eblxe0mihthwifz06c1r2f1i04vgz116lf5dnlgw22yvbwagztfua31trzcnf5aq88hictmhjp4x7q5l4zpvm2vu7sxp17oml0c31jmx29mlc9vtpau9s45ouwy1k05680g343ydf9htkh8t2r2tr1h9jj3bir4p969jca1tw2i8trz0efd2wwuwvgn0rcmzufg1vklbym9ubd6bg9lc1phph9p3fbx121ljhyy8tckbr79ya49kasd9hx115dtbv&eih=3z4ec3lv5g0ia3ro9uahero8wgc5ofi8r8sv2bmtkmz7h1ex3gxg95 HTTP 302
https://api.uprivaladserver.net/v2/a/click?tid=5e39cca3ba2e541b808fbb92&clid=5e4af49bba2e54095ceb2175&p=1&rnd=%5BCACHE-BUSTING-ID-HERE%5D&uid=%5BSAME_UNIQUE_RANDOM_ID%5D Page URL
-
https://api.uprivaladserver.net/cdn-cgi/phish-bypass?atok=j17mur5t.FBetfVo2lKvHR71VDHe6Uxin4tig2XS.zw-1698968212-0-%2Fv2%2Fa%2Fclick%3Ftid%3D5e39cca3ba2e541b808fbb92%26clid%3D5e4af49bba2e54095ceb2175%26p%3D1%26rnd%3D%255BCACHE-BUSTING-ID-HERE%255D%26uid%3D%255BSAME_UNIQUE_RANDOM_ID%255D
HTTP 301
https://api.uprivaladserver.net/v2/a/click?tid=5e39cca3ba2e541b808fbb92&clid=5e4af49bba2e54095ceb2175&p=1&rnd=%5BCACHE-BUSTING-ID-HERE%5D&uid=%5BSAME_UNIQUE_RANDOM_ID%5D HTTP 302
https://secure.ultracart.com/aff/E9FB17EAC174D6018B4E171A03205D00/index.html?&utm_source=rldnws&utm_medium=email&utm_term=email&utm_content=death-drinks&utm_campaign=db_3-drinks&subid=rldnws_23-1027a HTTP 302
https://diabetesreversed.com/ptn/189?utm_campaign=db_3-drinks&utm_medium=email&utm_content=death-drinks&utm_source=rldnws&subid=rldnws_23-1027a&utm_term=email&AFFID=470602 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://email.newsaroundthehill.com/c/eJxs0juWpCoYAODVVIUefh4KgcHt0937AOSlIBaiqKu_Zyae_Au_adQDVUi8zQi94KIfOPC3HzlGk6Ua24Eg2luNYUAG615IYBYxeIcRI0wAEMYEMTR00H1__fY_gL4AyBf9-YEXRatpuyz5WKfqjQ8xdjqndxx9rduL_PfCvy_8W4vUS_dP-geQ36vGF_kGQwX63GJjcDowhralWezmz30rl03j-5SAnufCdM41DvMT-DpnrFgUUm_mKiLqlhuRQ-KrshGv8zMNQ4PeqHgZlIKvvgX7oF5DwRYCoqd7APpo2bRG1zC-T9Wke6o9JIFaHr1aJj-c-6Br8vNGr-HDIn22M-HzGPZrgyGniDSBOV1YpKjFWTd5iJ2yfLQbFsR6jhyh5J6s8HXxvOKCawEv5pmoUOgmejFrCbXhwGt5kLETbu1op1tR0ek5rINziepO4lBTr5yIGja_ebERqy7AEGd_37zqRZVB3JKKRe6T8BcAm6o6X7g3wb_IN3mo0SSezKEgScnikN6UzJvTLNvAC99PrFJd0jN4MBdxlxPsncae9gwwGd5lnJO8bTBxelG0y7XKdTJF53U_kinHLv8eqOPV7cTdGXUkKdy1aQvw6drEc5JdUAeTqOOzC7ljBivZQUjx_wAAAP__pcbmig HTTP 302
- http://track.newsaroundthehill.com/?xtl=1e490qy9p51vg1ee4wkwf2gjqyybgoew8sdm14vvk5cootl7jzi8njo2b5l9acpexr9lcwow3a7m8nbfl2njzd77w16eblxe0mihthwifz06c1r2f1i04vgz116lf5dnlgw22yvbwagztfua31trzcnf5aq88hictmhjp4x7q5l4zpvm2vu7sxp17oml0c31jmx29mlc9vtpau9s45ouwy1k05680g343ydf9htkh8t2r2tr1h9jj3bir4p969jca1tw2i8trz0efd2wwuwvgn0rcmzufg1vklbym9ubd6bg9lc1phph9p3fbx121ljhyy8tckbr79ya49kasd9hx115dtbv&eih=3z4ec3lv5g0ia3ro9uahero8wgc5ofi8r8sv2bmtkmz7h1ex3gxg95 HTTP 302
- https://api.uprivaladserver.net/v2/a/click?tid=5e39cca3ba2e541b808fbb92&clid=5e4af49bba2e54095ceb2175&p=1&rnd=%5BCACHE-BUSTING-ID-HERE%5D&uid=%5BSAME_UNIQUE_RANDOM_ID%5D
- https://shop.pe/widget/widget_async.js HTTP 301
- https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
115 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
click
api.uprivaladserver.net/v2/a/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cf.errors.css
api.uprivaladserver.net/cdn-cgi/styles/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-exclamation.png
api.uprivaladserver.net/cdn-cgi/images/ |
452 B 540 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
189
diabetesreversed.com/ptn/ Redirect Chain
|
265 KB 60 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ |
157 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
video-js.min.css
cdn.jsdelivr.net/npm/video.js@7.9.7/dist/ |
39 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.min.css
dndngvalp4jdj.cloudfront.net/diabetesreversed.com/styles/global/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
optimize.js
www.googleoptimize.com/ |
128 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tracker.js
d2zah9y47r7bi2.cloudfront.net/releases/current/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.6.3.min.js
code.jquery.com/ |
88 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect.js
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ |
101 KB 101 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bdebd8cf.js
use.fortawesome.com/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modernizr3.6.0.min.js
dndngvalp4jdj.cloudfront.net/vendor/ |
15 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
video.min.js
cdn.jsdelivr.net/npm/video.js@7.9.7/dist/ |
488 KB 134 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Youtube.min.js
cdn.jsdelivr.net/npm/videojs-youtube@2.6.1/dist/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vue.min.js
cdnjs.cloudflare.com/ajax/libs/vue/2.6.11/ |
91 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel.gif
dndngvalp4jdj.cloudfront.net/diabetesreversed.com/images/global/ |
43 B 474 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cinnamon-placeholder.jpg
dndngvalp4jdj.cloudfront.net/diabetesreversed.com/images/global/ |
113 KB 114 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2593-small-gray.gif
dw26xg4lubooo.cloudfront.net/seals/security/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2593-small-gray.gif
dw26xg4lubooo.cloudfront.net/seals/privacy/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2593-small-gray.gif
dw26xg4lubooo.cloudfront.net/seals/business/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2593-small-gray.gif
dw26xg4lubooo.cloudfront.net/seals/certified/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2593-header-gray.gif
dw26xg4lubooo.cloudfront.net/seals/security/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2593-header-gray.gif
dw26xg4lubooo.cloudfront.net/seals/privacy/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2593-header-gray.gif
dw26xg4lubooo.cloudfront.net/seals/business/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2593-header-gray.gif
dw26xg4lubooo.cloudfront.net/seals/certified/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dr-saunders.jpg
dndngvalp4jdj.cloudfront.net/diabetesreversed.com/images/video/990/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
UCAffiliateNetworkPixel
bartn.ultracartstore.com/cgi-bin/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.17.1/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pep.min.js
code.jquery.com/pep/0.4.3/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.lazyload.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/3.0.5/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loadCSS.min.js
cdnjs.cloudflare.com/ajax/libs/loadCSS/3.1.0/ |
810 B 702 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
withinviewport.min.js
cdn.jsdelivr.net/npm/withinviewport@2.1.2/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.withinviewport.min.js
cdn.jsdelivr.net/npm/withinviewport@2.1.2/ |
2 KB 881 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
arg.min.js
cdn.jsdelivr.net/npm/@vunamhung/arg.js@1.4.0/src/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
url.min.js
cdnjs.cloudflare.com/ajax/libs/js-url/2.5.3/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
base64.min.js
cdn.jsdelivr.net/npm/js-base64@3.7.5/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lodash.min.js
cdnjs.cloudflare.com/ajax/libs/lodash.js/4.17.21/ |
71 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
script.min.js
dndngvalp4jdj.cloudfront.net/diabetesreversed.com/scripts/global/ |
28 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
208 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
checkout-hosted-fields-1.0.js
token.ultracart.com/checkout/ |
45 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ |
82 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pwg5lyf.js
use.typekit.net/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
220 B 220 B |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
woff2.css
use.fortawesome.com/kits/bdebd8cf/publications/124809/ |
227 KB 168 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iframe_api
www.youtube.com/ |
993 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hotjar-350326.js
static.hotjar.com/c/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
202 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
6b6784a7-7952-4d61-9a2d-1fbb14766255
https://diabetesreversed.com/ |
31 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
14 KB 14 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
49 KB 49 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
d1pqvb2h9xgm7r.cloudfront.net/v1/ |
29 B 372 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
255 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
244 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bat.js
bat.bing.com/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mark
trc.taboola.com/taboolaaccount-nickbartonpublishingcom/log/3/ |
0 367 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
UCAffiliateNetworkPixel
bartn.ultracartstore.com/cgi-bin/ |
0 526 B |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modules.ff7668e49c0d149938c4.js
script.hotjar.com/ |
228 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
www-widgetapi.js
www.youtube.com/s/player/9d15588c/www-widgetapi.vflset/ |
215 KB 67 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/8939f9/00000000000000007735a061/30/ |
18 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/1c0a46/00000000000000007735a075/30/ |
18 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/f18587/00000000000000007735a07a/30/ |
17 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/b1c445/00000000000000007735b72e/30/ |
25 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/faabc2/00000000000000007735b726/30/ |
20 KB 20 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/9e9765/00000000000000007735b72d/30/ |
20 KB 21 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/706b32/00000000000000007735b733/30/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/808773/00000000000000007735c4d4/30/ |
39 KB 40 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/2bd7e2/00000000000000007735c4d6/30/ |
36 KB 37 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2191266674438236
connect.facebook.net/signals/config/ |
133 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
widget_async.js
d3rr3d0n31t48m.cloudfront.net/widget/ Redirect Chain
|
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ns.html
www.googletagmanager.com/ Frame 6D8B |
488 B 263 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.analytics.google.com/g/ |
0 257 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 257 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.es/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p.gif
p.typekit.net/ |
35 B 205 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
350326
vc.hotjar.io/sessions/ |
0 259 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ |
20 B 441 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.analytics.google.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
120 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
0
bat.bing.com/action/ Frame 6D8B |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
mark
trc.taboola.com/taboolaaccount-nickbartonpublishingcom/log/3/ Frame 6D8B |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4013529.js
bat.bing.com/p/action/ |
0 118 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0
bat.bing.com/action/ |
0 228 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
triggerRunner.js
d3rr3d0n31t48m.cloudfront.net/widget/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cinnamon-rolls_three-drinks-anxiety-intro_v1a_42m-57s_2023-07-13_218mb.mp4
d2ex3jtfzskk20.cloudfront.net/diabetes/ |
64 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
51 KB 51 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
widget.js
d3rr3d0n31t48m.cloudfront.net/widget/ |
189 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cinnamon-rolls_three-drinks-anxiety-intro_v1a_42m-57s_2023-07-13_218mb.mp4
d2ex3jtfzskk20.cloudfront.net/diabetes/ |
3 MB 3 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
region1.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
region1.analytics.google.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cinnamon-rolls_three-drinks-anxiety-intro_v1a_42m-57s_2023-07-13_218mb.mp4
d2ex3jtfzskk20.cloudfront.net/diabetes/ |
759 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
params
shop.pe/widget/main/init/ |
260 B 755 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
usage.gif
usage.trackjs.com/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
params
shop.pe/widget/main/init/ |
1 KB 649 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
attribution
app.shop.pe/app/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
attribution
app.shop.pe/app/ |
32 B 169 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
59c9b28feb9047a1a361d655a0ee6d8a.js
addshoppers.s3.amazonaws.com/customize/6329c975b2c6bf04db000a08/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
input.js
shopper.shop.pe/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
status
app.shop.pe/app/datapartners/ |
34 B 510 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cinnamon-rolls_three-drinks-anxiety-intro_v1a_42m-57s_2023-07-13_218mb.mp4
d2ex3jtfzskk20.cloudfront.net/diabetes/ |
175 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
HEAD H2 |
consent
manage.safeopt.com/ |
0 835 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iframe
nytrng.com/ Frame 474D |
419 B 511 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pl.2.2.min.js
cdn.nytrng.com/ Frame 474D |
0 326 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cinnamon-rolls_three-drinks-anxiety-intro_v1a_42m-57s_2023-07-13_218mb.mp4
d2ex3jtfzskk20.cloudfront.net/diabetes/ |
99 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cinnamon-rolls_three-drinks-anxiety-intro_v1a_42m-57s_2023-07-13_218mb.mp4
d2ex3jtfzskk20.cloudfront.net/diabetes/ |
108 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
allowedCountries
secure.ultracart.com/rest/v2/checkout/ |
10 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
allowedCountries
secure.ultracart.com/rest/v2/checkout/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
atc-button_v2a_19-97.png
dndngvalp4jdj.cloudfront.net/diabetesreversed.com/images/global/ |
105 KB 105 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sdk.js
connect.facebook.net/en_US/ |
302 KB 86 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cinnamon-rolls_three-drinks-anxiety-intro_v1a_42m-57s_2023-07-13_218mb.mp4
d2ex3jtfzskk20.cloudfront.net/diabetes/ |
162 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
cart
secure.ultracart.com/rest/v2/checkout/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cart
secure.ultracart.com/rest/v2/checkout/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
atc-button_v2a_19-97.png
dndngvalp4jdj.cloudfront.net/diabetesreversed.com/images/global/ |
105 KB 105 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cinnamon-rolls_three-drinks-anxiety-intro_v1a_42m-57s_2023-07-13_218mb.mp4
d2ex3jtfzskk20.cloudfront.net/diabetes/ |
657 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- bat.bing.com
- URL
- https://bat.bing.com/action/0?ti=4013529&Ver=2
- Domain
- trc.taboola.com
- URL
- https://trc.taboola.com/taboolaaccount-nickbartonpublishingcom/log/3/mark?marking-type=Retargeting&item-url=https://diabetesreversed.com/>mcb=81044087
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)241 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture boolean| pagePerformanceRecorded number| preloadTime function| recordPagePerformance function| addLoadEvent object| dataLayer object| google_tag_manager object| google_tag_data object| google_optimize function| isYouTubeUrl function| playerUsingYouTube object| bp object| _trackJs object| trackJs function| loadJS function| $ function| jQuery object| _uca object| WebFontConfig object| WebFont object| FortAwesomeConfig string| woffCSSFilename string| cssFilename string| cssUrl object| Modernizr object| vttjs function| WebVTT function| videojs undefined| Youtube function| hj object| _hjSettings function| Vue function| fbq function| _fbq function| axios object| PointerEventsPolyfill object| Cookies object| jsonCookies function| loadCSS function| withinviewport function| MakeArg function| Arg function| url object| Base64 function| _ object| TimeMe boolean| _ucaloaded string| _ucav function| ucGetCssSelectorShort function| ucParentsCalc function| ucCalculateSelector function| ucaPushPageEvent number| c_start function| ucaEvent function| ucAnpFailback function| ucRemoveBadMacros function| ucAnpCallback function| launchNotification function| showMyCookies boolean| bounce_rate_control_fired function| recordCallToActionRevealEvent boolean| orderFormStarted function| recordStartedOrderFormEvent function| recordEmailSubmittedEvent function| recordEmailFailedToSubmitEvent function| sendPageview boolean| mainPlayerAnalyticsPlaying function| mainPlayerAnalytics function| addOptionProgress function| resetUpsellDecisions function| addToItemsTaken function| addToItemsRejected function| addUpsellProgress function| rejectUpsellProgress function| orderFinalizing function| lazyGTMEvent function| addTrackingData function| getAmazonData function| pushDataToAmazon function| recordAmazonData function| getUltraCartData boolean| dataPushedToUltraCart function| pushDataToUltraCart function| recordUltraCartData object| hoverTopIntent function| loadExitIntent number| videoHelperCount function| videoHelper function| webengageHelper function| addthisproHelper function| isInt function| enableExitPopup function| disableExitPopup function| leaveInterstitialPage function| slideTo function| delayDisplay object| callToActionShown function| deselectText function| selectText function| showMyObject object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| appMounted function| showIt2 boolean| videoPlayed object| playerSection object| contentSection object| footerSection object| ctaSection object| videoPlayer object| controlsBox number| playerRatioWidth number| playerRatioHeight function| visitHomepage function| videoPlayerCallback function| placePlayButton function| hidePlayer function| revealPlayer function| revealFooter function| updateLayout function| updateCta function| checkVideoPlayerPosition function| hideWebEngage object| footer object| sliderComponentSettings object| mainPlayer object| mainPlayerInitialized function| mainPlayerCallback function| mainPlayerCallbackSetup object| mainPlayerSettings function| loadMainPlayer function| loadMainPlayerMiniPlayer function| resizeMainPlayer function| updatePlayerControlsRate boolean| paymentInfoCallbackFired object| paymentInfoAdded object| getCartProgress object| getCartDone object| getCartFail object| updateCartDone object| updateCartFail object| refreshCartDone object| shippingEstimateReceived object| ultraCartError object| finalizeOrderProgress object| finalizeOrderSuccess object| applyCouponProgress object| applyCouponDone object| cartBillingFieldsStarted object| cartBillingFieldsChanged object| cartShippingFieldsChanged object| cartHostedFieldsSetupExecuted object| cartHostedFieldsInitialized object| gtmp object| fbk object| otp object| mplr object| sc object| odf object| uct object| uc object| vjs object| alertify object| bdetect object| Typekit string| exitsplashmessage string| exitsplashpage object| AddShoppersWidgetOptions function| UltraCartHostedFields object| bootstrap object| bpApp number| genTime number| genUsage object| gaGlobal function| UET function| UET_init function| UET_push object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ boolean| ucaInit object| ueto_c018f390be object| uetq object| AddShoppersLoader object| AddShoppersLoaderErrorHandlers function| AddShoppersTriggerRunner function| as_cleanse_field function| as_detect_cc function| as_gaPageView function| as_gaSocial function| as_gaEvent function| as_gaSet function| as_logMessage function| DataPartnerStatusGeo function| as_logError function| as_resolveEnvironmentURL object| _mag object| AddShoppersWidget function| AddShoppersWidget_plus_one object| SchemaParser object| _add number| ieVer object| obj number| AddShoppersWidgetLoaded object| AddShoppersWidgetLang number| c_end number| loadTime object| result boolean| _iml boolean| is_mocked function| asIsProductPage function| asOfferRedemption object| FB object| __buffer33 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .api.uprivaladserver.net/ | Name: __cf_mw_byp Value: j17mur5t.FBetfVo2lKvHR71VDHe6Uxin4tig2XS.zw-1698968212-0-/v2/a/click?tid=5e39cca3ba2e541b808fbb92&clid=5e4af49bba2e54095ceb2175&p=1&rnd=%5BCACHE-BUSTING-ID-HERE%5D&uid=%5BSAME_UNIQUE_RANDOM_ID%5D |
|
| secure.ultracart.com/ | Name: AWSALB Value: t1rZ6kuN5HTK4xYDy49EQPV5pM4O9Hqe2rOR4eQAK8W/dnUHXHHB/b85l+oa16F6gURNcLSxq78X1nV+ssMjR/TFhca7PjDIFK4tBbiaSYnXG9pnaCSdGKnBkepL |
|
| secure.ultracart.com/ | Name: AWSALBCORS Value: t1rZ6kuN5HTK4xYDy49EQPV5pM4O9Hqe2rOR4eQAK8W/dnUHXHHB/b85l+oa16F6gURNcLSxq78X1nV+ssMjR/TFhca7PjDIFK4tBbiaSYnXG9pnaCSdGKnBkepL |
|
| .secure.ultracart.com/ | Name: ucacid Value: 602952191.719228 |
|
| secure.ultracart.com/ | Name: JSESSIONID Value: abcBNQyXQWVFOLrT-AJsi |
|
| secure.ultracart.com/ | Name: LBJSESSIONID Value: abcBNQyXQWVFOLrT-AJsi.n315 |
|
| diabetesreversed.com/ | Name: PHPSESSID Value: e20dib9689d89lcal82ofe2oe0 |
|
| .diabetesreversed.com/ | Name: bp_dep Value: 1 |
|
| .diabetesreversed.com/ | Name: bp_0 Value: %7B%22client%22%3A%7B%22original_url%22%3A%22https%3A%5C%2F%5C%2Fdiabetesreversed.com%5C%2Fptn%5C%2F189%3Fsubid%3Drldnws_23-1027a%26AFFID%3D470602%22%2C%22converting_referrer_url%22%3Anull%7D%2C%22session%22%3A%7B%22start_date%22%3A%222023-11-02T19%3A37%3A00-0400%22%2C%22session_id%22%3A%22BP-202311021937-000341%22%7D%2C%22internal%22%3A%7B%22upfront_offer%22%3Anull%2C%22upfront_creative%22%3Anull%7D%2C%22page%22%3A%7B%22traffic_source%22%3A%22unknown%22%2C%22subid%22%3A%22rldnws_23-1027a%22%2C%22facebook_pixel_id%22%3A%222191266674438236%22%2C%22lead_gen%22%3Atrue%2C%22exit-popup%22%3Atrue%2C%22double_exit-popup%22%3Atrue%2C%22web_engage%22%3Afalse%2C%22interstitial_redirect%22%3Afalse%7D%2C%22cart%22%3A%7B%22returnOnErrorUrl%22%3A%22https%3A%5C%2F%5C%2Fdiabetesreversed.com%5C%2Fcheckout%22%2C%22redirectToUrl%22%3A%22https%3A%5C%2F%5C%2Fdiabetesreversed.com%5C%2Fcheckout%3Ferror%3DSorry%252C%2520we%2520could%2520not%2520complete%2520your%2520order.%2520Please%2520try%2520again.%22%2C%22upsell_path%22%3A%22DEFAULT%22%2C%22items_taken%22%3A%7B%7D%2C%22items_rejected%22%3A%7B%7D%2C%22buysafe_wanted%22%3Anull%7D%2C%22order%22%3A%7B%22encrypted_hash%22%3Anull%7D%7D |
|
| .diabetesreversed.com/ | Name: bp_2 Value: %7B%22page%22%3A%7B%22campaign_name%22%3A%22db_3-drinks%22%2C%22campaign_medium%22%3A%22email%22%2C%22campaign_source%22%3A%22rldnws%22%2C%22campaign_content%22%3A%22death-drinks%22%2C%22campaign_term%22%3A%22email%22%7D%7D |
|
| .diabetesreversed.com/ | Name: bp_3 Value: %7B%7D |
|
| .diabetesreversed.com/ | Name: bp_c Value: 1.0.0 |
|
| .diabetesreversed.com/ | Name: _gcl_au Value: 1.1.1789498616.1698968223 |
|
| .youtube.com/ | Name: YSC Value: CAPqvaFRRHo |
|
| .youtube.com/ | Name: VISITOR_INFO1_LIVE Value: OmLtHGUSemA |
|
| bartn.ultracartstore.com/ | Name: AWSALBCORS Value: 2NpWcskoufmlvxIj7VOum9PHIrXlv+2S1S7MBRQuvL96odQC6GPkknxInuWH+EhfZV56g5Ww4PS7ASW9i9GM/OVNP7VAJcXQgl0DNYFdI4K2MvxOLRT311NMex9q |
|
| .diabetesreversed.com/ | Name: ucacid Value: 602952191.719228 |
|
| .diabetesreversed.com/ | Name: _ga Value: GA1.1.1023835527.1698968224 |
|
| .diabetesreversed.com/ | Name: _ga_NX56J5LKGZ Value: GS1.1.1698968224.1.0.1698968224.0.0.0 |
|
| .diabetesreversed.com/ | Name: _hjFirstSeen Value: 1 |
|
| .diabetesreversed.com/ | Name: _hjIncludedInSessionSample_350326 Value: 1 |
|
| .diabetesreversed.com/ | Name: _hjSession_350326 Value: eyJpZCI6IjllNmI4MGFkLTdlZTYtNGU3Mi1hNjg2LWI5MjcwYjIxYjA1ZCIsImNyZWF0ZWQiOjE2OTg5NjgyMjQ3OTYsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjpmYWxzZX0= |
|
| .diabetesreversed.com/ | Name: _hjSessionUser_350326 Value: eyJpZCI6ImNjMDdjMGZmLTEyYjYtNWE0OC1hN2FhLTk2NDExYTM5NWNkZSIsImNyZWF0ZWQiOjE2OTg5NjgyMjQ3NDYsImV4aXN0aW5nIjp0cnVlfQ== |
|
| .diabetesreversed.com/ | Name: _hjAbsoluteSessionInProgress Value: 1 |
|
| .diabetesreversed.com/ | Name: _ga_20VM4VGG0M Value: GS1.1.1698968223.1.0.1698968224.59.0.0 |
|
| .diabetesreversed.com/ | Name: _uetsid Value: baf0db4079d811eeafa50b0c76ac40fc |
|
| .diabetesreversed.com/ | Name: _uetvid Value: bafe00a079d811ee9685f743baa8f726 |
|
| .bing.com/ | Name: MUID Value: 013A1F20913A69002A050C9D90926892 |
|
| .diabetesreversed.com/ | Name: _fbp Value: fb.1.1698968228371.953128731 |
|
| diabetesreversed.com/ | Name: addshoppers.com Value: 2%7C1%3A0%7C10%3A1698968230%7C15%3Aaddshoppers.com%7C44%3ANDE3NDNkNjU3OWFmNDBjMDg1ZDg2MzUzNWI3MDU1NDQ%3D%7Caba4098596d074902f41135ce82dc53f5c53eec34142e0fe9978f7d4b57ac1c7 |
|
| shop.pe/ | Name: addshoppers Value: "2|1:0|10:1698968231|11:addshoppers|44:NDE3NDNkNjU3OWFmNDBjMDg1ZDg2MzUzNWI3MDU1NDQ=|31e9724461aed4ba819a1f38b4c0a2c29c040e4b5381c872ee24dda4a617d1bf" |
|
| .diabetesreversed.com/ | Name: bp_1 Value: {%22returning_visitor%22:true} |
|
| diabetesreversed.com/ | Name: UltraCartShoppingCartID Value: E377C656078B60018B9265EFFA201000 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
addshoppers.s3.amazonaws.com
api.uprivaladserver.net
app.shop.pe
bartn.ultracartstore.com
bat.bing.com
cdn.jsdelivr.net
cdn.nytrng.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
d1pqvb2h9xgm7r.cloudfront.net
d2ex3jtfzskk20.cloudfront.net
d2zah9y47r7bi2.cloudfront.net
d3rr3d0n31t48m.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
diabetesreversed.com
dndngvalp4jdj.cloudfront.net
dw26xg4lubooo.cloudfront.net
email.newsaroundthehill.com
manage.safeopt.com
nytrng.com
p.typekit.net
region1.analytics.google.com
region1.google-analytics.com
script.hotjar.com
secure.ultracart.com
shop.pe
shopper.shop.pe
static.hotjar.com
stats.g.doubleclick.net
token.ultracart.com
track.newsaroundthehill.com
trc.taboola.com
usage.trackjs.com
use.fortawesome.com
use.typekit.net
vc.hotjar.io
www.facebook.com
www.google.es
www.googleoptimize.com
www.googletagmanager.com
www.youtube.com
bat.bing.com
trc.taboola.com
108.138.2.149
13.224.245.12
13.249.12.93
13.32.27.3
158.69.52.117
18.244.183.170
18.244.38.106
18.66.107.4
18.66.112.79
18.66.122.10
18.66.97.10
2001:4860:4802:32::36
2606:4700:20::681a:bac
2606:4700:3036::6815:524e
2606:4700:4400::ac40:962d
2606:4700::6810:5514
2606:4700::6811:180e
2620:1ec:c11::200
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:82a::2008
2a00:1450:400c:c0b::9b
2a02:26f0:3500:16::215:148f
2a02:26f0:480:f::213:7ee1
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::300
2a04:4e42:600::649
3.5.29.172
34.110.180.34
34.195.209.248
35.190.54.17
35.227.244.1
52.222.232.153
75.2.91.175
76.223.4.85
99.86.91.49
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
03cdc51eddb62db48e3d837d746b3be21fc9d23a9cdd365aa4752995fdaeba92
06567a728f53c90685df233113fcf7cb571d9e107f69343df649ef0708a0a741
078b8a3edf2c8d09498a353a295027d3af0d97d943b1fb0eccac459350096951
0d67b31d075d589fd9334cb5d6dc697819e2e44404906c82e9f06c4f9896c132
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
0f8b51be52970d611cf0782e60cea11736ad6f4149049a428b44e398c92fed7d
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
12923b0687b7a4dccd5b96584a0cfea91038be8f229f069886bb9c434747353a
135d078e6be05f92fdc7476f22f8caced30a69ce0d62f74830ff7e0425096f37
1442bd1e775db156e5e8dfdac18d3363e323fe5dcaa648224124fb898b97b441
1451c36f0c07f257e59755ef9ae8f10b978021002fc37b9789c5a56ad3faf3f6
173205af9a806bc2e1b51c8540cd31339cde5c757bd336b9564b41117b7a75b8
1f69ce73b3df085d31acd6cd1a5a9f76e059cb75611b3df1646410f9d43b89d2
209bb7b937075bb8f56b474524ede4af3af8b65fabbdb7aee04519a9c566ac5a
2972c1195eea4d4bc97e23be5a2613e90e78e7be5fea98249342ef618eadc336
2bccea39c98365b0e567bb0fa75d34a33157553223aaf68a8e123d518c544f90
2d998a6e3a041b4d99acfa9b2a378bb704f9dfba140b327a5c06300d0a711c1c
2ea60161bdbf0d4ed9841566bb7eef82b1c9b9fe4d6c92afc26c56fd0f06f39a
2f0ff86f1db804c706bcb9391be5b53657e2d91e226cbf03489b5905ea7a80ef
305f589f1c60226b7abcdc9953f9ad4db1d35583c8aeca969ad1d9bf265a67bc
36335734cb290976ea5fbd9001e4a66cecabe5f4e3037cce31c34793763ad1f3
3675b34c1a19f0bf6b0540476b82e5d1488d077cef0f44869912037073bd1ea8
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
47f94a261066c56fe5e85501a8fa5a5a7dc9f6558032aafa1a6f5ecb96dd5880
4b4c8cab5b08674a09cb0719abd984198123d97831844808b90ec48756571422
4fb136b2a957745e842844e8c18d94204c5c354800c98ee7a26004c0ce758434
52e6e5d169ada330a6db09e88495c9553455127e3070271497efde807bd9f18f
53f680b19498d96205e755bfadce21e2f472118dab54055724e9ef3307f6f9fc
54b8d8d0e776e29aac2245b48e8e4d9767a10e683e723acb9f26b6b9a8433dda
578e43aee443910dace37bedbf47d21002aed9c9241fb51009e2f034ac05a99e
582cc085dd8fea044917d1efde838e77e845262fd025bbfe0339f808607c81f6
58f100c4d904927dae3f4706e15a41422ff6e24f986581d038f0d12db0ef8b77
5b0982665ac75fe86d5961a401e39da7a5e18af77d233c16416312e4bc0a088f
69cd4adc08e966d46f5761507524d805e48a7fc7c532a1b6cbdfa840038a6cf6
7102361b3ac8d0b22bccee66b1e12789541ea8ef000b97d23966160a731393c1
72d03430daa72d33ab2162785decdb48d0c37dd10c4231c421d45ca0ef007a8b
739a7067cd203d3d9eeabc9fe64ef96d40295deac0c5e69ca51548e2df655359
7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
87c47132c58efb7be4a7c5bd548a80a19660c96c5e66f90d400c3bcb73fe57fa
89b656200499f78f26cafb615eedea0a84ce83c6e72738cc268619cf544f83a1
8a83d3ad4f84fd85872e1fd292403858f7bc2367e1f29dfcda74ac6e7695888f
8cced5054900940c841159e3685fac84000e4798229091471ced6a0eae0cec90
8d3f694efacbf9053a4130a9336ce6397c69f4228835878b56f92f0180c2bc6d
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
8d907444746d6d94165b28693daff150b6443f65c2f2bf22e444343a78542266
96bc51d50bac351755adeadba03b4be90b7ee53a08ed12ceeeec1e99a61a1b54
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c018d809cfad83dba692fe02cca318dae9bd3a49f2d32b24a844449c5fbb8a0
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
9ee1bbacb4e40591fb5afa427263150f0db6870727adbf3c8cee967fc789fc3b
9f5e83e263d393311f0c71497778255cf5b0c41e3d08007d38205eca84cf7e96
a1a2a83a66a11f7fb015f301844ec6f8a795c68f81a9919eab03d386f64cdb04
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
a8d67a62dd3c7f942dd02fd04062af7475766b4869ef6c6445c94b3ebecd3463
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
aebcdd14fde2eb71b0849d1512f65e562aba001ccedc66afaa9e4a3c54179fc9
b083af11bff8f6237c9b83a2910ccb07625602e3c386de94daeedb8dab2b195d
b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1
b6acaafd2a133d399889a3be508cd33b8f1d85b88dd1c49a71b772d6bf45c88e
bc6aee2bbaec489f075a2383feaf92e56d5cf126b2685c1e23ff6274c40616c3
c2075a34a165a706550961a4fb16a57558c53bad8776ff16d2a407c97e1ca0cb
c64a4a0e33c1c003daf8ccdec1d930168a744b2a99a6fcb3e9a676ef05625864
c70be61ebf5ebc5fb158df7bcc05e1a645c16c863901eb8487fc3d14d2ac801a
c97be593b580109356a45ac97e33762be55a40708fb9f5b18dee90297337a89b
cba658713c715ceab1b67acc2e6ce6f37d3a8b87cab87f53f97d95aaa840ded5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbf75a8c31feb8068373acd3b7f7d4da0bb6956b1383d39a42556a1d9d63456
d12776ad9495219bc291a6b41d2e2c6592dc75913834d243eef5d93767be6437
d2cb7add9454b2f85aa1834c8ae6180bc5c45e043937bd10b9ca44a3b7ed113c
d4e0ec50cc37d8d344871730bf766c1c39f7a677288c669082f99b48c0f6bb8b
d5306113ba6ba130ac19c344d03bcf51ccf71461dbdd3871ef1b22f9187c7b7e
d7d39b75f8d8895c21e8f271d6b110535f413f39d348da21dc0e669d2769ed41
d826840a12449ebcf04ecf527239c85baa56dd9a6c6cd5c60c97c1fdbabf4563
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e385dd6986736f0c67e16709f61cf3f3b386d408a08d1f44c4038b773e819b69
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaef61a693bec2483439247f48dd8def6558804ed706f02ae6a346f32b80a92c
eb2ab77f8552bd8d85786562fffbbe755cd3ea6eca947effeca628b958577eb3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f3689078cc4972b94adfa705e9a9e4d82889399c8952ad9eea8f607326960c8c
f60c4a84c845d054e8fd40c501965fd0f4afb725d54fb7fa48049d79fc29aae8
f700c044043dc9f2bca4c9dcbc6da91cfaf983f6e7e91b4e0758fea0f57ed80b
f74957980261b1b568e19e7900b807781ef976d278a0cfb28d261a28eeb2690a
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f9f8a2c12a04d9ac4408a2e31569abedeac96e4817b3e3b25e10a80cff9fc200
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c
fd8967417795f539dbb323ead019548f84a3875f7c2277db47d2d7ed630a48c1
fdf5dfab742b9d6c8c626174cd7e8899d2350d3ada34202ad6f3e87dadabb36c