thegutrehab.com Open in urlscan Pro
2606:4700:4400::ac40:93c2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://track.roinattrack.com/70898205-677f-4109-8f21-2eb6b76615f2?tardev=email_&pub=1896&cst=0.55&pi_adid=830923&pi_clickid=e...
Effective URL:
https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuid...
Submission Tags: falconsandbox
Submission: On July 06 via api (July 6th 2022, 1:07:42 pm UTC) from US — Scanned from DE

Summary HTTP 45 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 16 domains to perform 45 HTTP transactions. The main IP is 2606:4700:4400::ac40:93c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is thegutrehab.com. The Cisco Umbrella rank of the primary domain is 354914.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 30th 2022. Valid for: a year.

This is the only time thegutrehab.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.193.209.105 18.193.209.105	16509 (AMAZON-02) (AMAZON-02)
1 2	34.107.202.36 34.107.202.36	15169 (GOOGLE) (GOOGLE)
3 17	2606:4700:440... 2606:4700:4400::ac40:93c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:440... 2606:4700:4400::6812:21d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	34.117.39.58 34.117.39.58	15169 (GOOGLE) (GOOGLE)
1 4	35.227.244.1 35.227.244.1	15169 (GOOGLE) (GOOGLE)
3	143.204.215.89 143.204.215.89	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:d200:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.170.181.87 54.170.181.87	16509 (AMAZON-02) (AMAZON-02)
1	18.195.149.11 18.195.149.11	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b130:4c96:5596:18cd:cf5	14618 (AMAZON-AES) (AMAZON-AES)
1	52.4.135.4 52.4.135.4	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	52.216.65.48 52.216.65.48	16509 (AMAZON-02) (AMAZON-02)
2	35.190.54.17 35.190.54.17	15169 (GOOGLE) (GOOGLE)
1	75.2.91.175 75.2.91.175	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.66 143.204.215.66	16509 (AMAZON-02) (AMAZON-02)
45	18

1 18.193.209.105 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-209-105.eu-central-1.compute.amazonaws.com

track.roinattrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.202.36 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 36.202.107.34.bc.googleusercontent.com

www.gdrytrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:4400::ac40:93c2 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www2.thegutrehab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thegutrehab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:4400::6812:21d9 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gundrymd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.39.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.39.117.34.bc.googleusercontent.com

www.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.244.1 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 1.244.227.35.bc.googleusercontent.com

shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.215.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-89.fra53.r.cloudfront.net

d3rr3d0n31t48m.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:d200:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.181.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-181-87.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.149.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-149-11.eu-central-1.compute.amazonaws.com

link.dsctrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:4c96:5596:18cd:cf5 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.135.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-135-4.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.65.48 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

addshoppers.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.54.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.54.190.35.bc.googleusercontent.com

shopper.shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.91.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: a954c1fc80b8251dc.awsglobalaccelerator.com

nytrng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-66.fra53.r.cloudfront.net

cdn.nytrng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	thegutrehab.com 3 redirects www2.thegutrehab.com — Cisco Umbrella Rank: 381078 thegutrehab.com — Cisco Umbrella Rank: 354914	17 KB
8	gundrymd.com cdn.gundrymd.com — Cisco Umbrella Rank: 231234	574 KB
6	shop.pe 1 redirects shop.pe — Cisco Umbrella Rank: 10806 shopper.shop.pe — Cisco Umbrella Rank: 12504	11 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3723 rp.liadm.com — Cisco Umbrella Rank: 2606 rp4.liadm.com — Cisco Umbrella Rank: 10858	12 KB
3	cloudfront.net d3rr3d0n31t48m.cloudfront.net	52 KB
2	nytrng.com nytrng.com — Cisco Umbrella Rank: 5587 cdn.nytrng.com — Cisco Umbrella Rank: 22707	843 B
2	amazonaws.com addshoppers.s3.amazonaws.com — Cisco Umbrella Rank: 15325	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	173 KB
2	gdrytrk.com 1 redirects www.gdrytrk.com — Cisco Umbrella Rank: 269422	454 B
1	google.de www.google.de — Cisco Umbrella Rank: 5448	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 119	347 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 5133	338 B
1	dsctrk.com link.dsctrk.com — Cisco Umbrella Rank: 201188
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 457	458 B
1	upsellit.com www.upsellit.com — Cisco Umbrella Rank: 10371	15 KB
1	roinattrack.com 1 redirects track.roinattrack.com — Cisco Umbrella Rank: 341492	663 B
45	16

	Domain	Requested by
10	www2.thegutrehab.com	3 redirects thegutrehab.com www2.thegutrehab.com
8	cdn.gundrymd.com	thegutrehab.com
7	thegutrehab.com	thegutrehab.com
4	shop.pe	1 redirects d3rr3d0n31t48m.cloudfront.net shopper.shop.pe
3	d3rr3d0n31t48m.cloudfront.net	thegutrehab.com shop.pe
2	shopper.shop.pe	shop.pe d3rr3d0n31t48m.cloudfront.net
2	addshoppers.s3.amazonaws.com	d3rr3d0n31t48m.cloudfront.net
2	www.googletagmanager.com	thegutrehab.com www.googletagmanager.com
2	www.gdrytrk.com	1 redirects www.googletagmanager.com
1	cdn.nytrng.com	nytrng.com
1	nytrng.com	d3rr3d0n31t48m.cloudfront.net
1	www.google.de	thegutrehab.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	rp4.liadm.com	thegutrehab.com
1	rp.liadm.com	1 redirects
1	link.dsctrk.com	thegutrehab.com
1	beacon.krxd.net	thegutrehab.com
1	b-code.liadm.com	www.googletagmanager.com
1	www.upsellit.com	www.googletagmanager.com
1	track.roinattrack.com	1 redirects
45	21

This site contains links to these domains. Also see Links.

Domain
gundrymd.com
cdn.gundrymd.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-30` - `2023-05-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.upsellit.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-30` - `2022-11-01`	2 years	crt.sh
actitrk.com Starfield Secure Certificate Authority - G2	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
link.dsctrk.com R3	`2022-05-24` - `2022-08-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.shop.pe RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-06` - `2022-09-06`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
nytrng.com Amazon	`2022-04-24` - `2023-05-23`	a year	crt.sh
*.nytrng.com Amazon	`2021-10-17` - `2022-11-14`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w00000LpRS2AAN&origmainFunnelIdOrig=a0q3w000009faxXAAQ&origExternalOrig=true&origExternalIDOrig=a0q3w000009faxXAAQ&genericUrl=os220104a_ap-aff_tr_directpl_html_220429&orignameOrig=os220104a_ap-aff_tr_directpl_html_220429&origbrandOrig=Gundry%20MD&business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow&sessionid=319440460691
Frame ID: 73D9B3C5789FBE4F9BC5D400161EAC4F
Requests: 42 HTTP requests in this frame

Frame: https://www.gdrytrk.com/?nid=704&aid=1&adv_event_id=29&transaction_id=TRANSACTION_ID&amount=AMOUNT
Frame ID: AA20F1B39377926F2A17E7B31B78CD00
Requests: 1 HTTP requests in this frame

Frame: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=2e8ce51e4d1742e3b098be2c5c7e16aa
Frame ID: 1C0A88532908D862A396B42D3D465D2D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gundry MD - Is There A Solution For Leaky Gut?

Page URL History Show full URLs

https://track.roinattrack.com/70898205-677f-4109-8f21-2eb6b76615f2?tardev=email_&pub=1896&cst=0.55&pi_adid... HTTP 302
https://www.gdrytrk.com/5W9389/2L7GN6P/?sub2=8fa11a32-5118-47ad-99ef-9723f77415d0&sub1=PowerinBox_Ma... HTTP 302
https://www2.thegutrehab.com/cid/7013w000002H3WVAA0?subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&su... HTTP 302
https://www2.thegutrehab.com/fst/aff_tr_directpl_qqq?business_unit=a00f400000dk8tnaab&experimental=true&u... HTTP 301
https://www2.thegutrehab.com/fst/aff_tr_directpl_qqq/?business_unit=a00f400000dk8tnaab&experimental=true&... HTTP 302
https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w0... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

45
Requests

96 %
HTTPS

40 %
IPv6

16
Domains

21
Subdomains

18
IPs

4
Countries

859 kB
Transfer

1647 kB
Size

25
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://gundrymd.com/terms/
Title: here

Search URL Search Domain Scan URL

URL: https://gundrymd.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cdn.gundrymd.com/citations/citations.html
Title: Citations

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track.roinattrack.com/70898205-677f-4109-8f21-2eb6b76615f2?tardev=email_&pub=1896&cst=0.55&pi_adid=830923&pi_clickid=ed81e797cbdb49339a3736be8a35fe42 HTTP 302
https://www.gdrytrk.com/5W9389/2L7GN6P/?sub2=8fa11a32-5118-47ad-99ef-9723f77415d0&sub1=PowerinBox_Marketplace&sub5=wb5i1movh3epc5dh2bph889i HTTP 302
https://www2.thegutrehab.com/cid/7013w000002H3WVAA0?subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow HTTP 302
https://www2.thegutrehab.com/fst/aff_tr_directpl_qqq?business_unit=a00f400000dk8tnaab&experimental=true&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow HTTP 301
https://www2.thegutrehab.com/fst/aff_tr_directpl_qqq/?business_unit=a00f400000dk8tnaab&experimental=true&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow HTTP 302
https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w00000LpRS2AAN&origmainFunnelIdOrig=a0q3w000009faxXAAQ&origExternalOrig=true&origExternalIDOrig=a0q3w000009faxXAAQ&genericUrl=os220104a_ap-aff_tr_directpl_html_220429&orignameOrig=os220104a_ap-aff_tr_directpl_html_220429&origbrandOrig=Gundry%20MD&business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow&sessionid=319440460691 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://shop.pe/widget/widget_async.js HTTP 301
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

Request Chain 24

https://rp.liadm.com/j?dtstmp=1657112857710&aid=a-02uo&se=eyJldmVudCI6InZpZXdDb250ZW50IiwibmFtZSI6Ii8yMjA0MThhL3BsL3BsMjIwNDE4YS5waHAiLCJjb250ZW50VHlwZSI6IkxhbmRpbmdQYWdlIn0&duid=87e4200bd901--01g79sz33czkgg7jtswafd8rea&tna=v2.4.0&pu=https%3A%2F%2Fthegutrehab.com%2F220418a%2Fpl%2Fpl220418a.php%3ForigexperimentalOrig%3Dtrue%26step%3D1%26funnelSTPId%3Da0q3w000009faxcAAA%26origuidOrig%3Daff_tr_directpl_html_220429%26origspidOrig%3Dnull%26step%3D1%26origdsidOrig%3Da0v3w00000LpRS2AAN%26origmainFunnelIdOrig%3Da0q3w000009faxXAAQ%26origExternalOrig%3Dtrue%26origExternalIDOrig%3Da0q3w000009faxXAAQ%26genericUrl%3Dos220104a_ap-aff_tr_directpl_html_220429%26orignameOrig%3Dos220104a_ap-aff_tr_directpl_html_220429%26origbrandOrig%3DGundry%2520MD%26business_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-aff-totalrestore-pwri-desk-directpl-qqq-roi%26utm_campaign_id%3D7013w000002H3WVAA0%26utm_content%3Dbanner_ad%26utm_medium%3Dcpa%26utm_source%3Ddsp%26subid1%3D48cfea177f7b47abafca90c594b8135a%26subid2%3D108%26subid5%3Deverflow%26sessionid%3D319440460691&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPkd1bmRyeSBNRCAtIElzIFRoZXJlIEEgU29sdXRpb24gRm9yIExlYWt5IEd1dD88L3RpdGxlPjxoMSBjbGFzcz0iYXJ0aWNsZS10aXRsZSI-Q291bGQgVGhlc2UgQ29tbW9uICJIZWFsdGggRm9vZHMiIEJlIFdyZWNraW5nIFlvdXIgR3V0PzwvaDE- HTTP 302
https://rp4.liadm.com/j?dtstmp=1657112857710&aid=a-02uo&se=eyJldmVudCI6InZpZXdDb250ZW50IiwibmFtZSI6Ii8yMjA0MThhL3BsL3BsMjIwNDE4YS5waHAiLCJjb250ZW50VHlwZSI6IkxhbmRpbmdQYWdlIn0&duid=87e4200bd901--01g79sz33czkgg7jtswafd8rea&tna=v2.4.0&pu=https%3A%2F%2Fthegutrehab.com%2F220418a%2Fpl%2Fpl220418a.php%3ForigexperimentalOrig%3Dtrue%26step%3D1%26funnelSTPId%3Da0q3w000009faxcAAA%26origuidOrig%3Daff_tr_directpl_html_220429%26origspidOrig%3Dnull%26step%3D1%26origdsidOrig%3Da0v3w00000LpRS2AAN%26origmainFunnelIdOrig%3Da0q3w000009faxXAAQ%26origExternalOrig%3Dtrue%26origExternalIDOrig%3Da0q3w000009faxXAAQ%26genericUrl%3Dos220104a_ap-aff_tr_directpl_html_220429%26orignameOrig%3Dos220104a_ap-aff_tr_directpl_html_220429%26origbrandOrig%3DGundry%2520MD%26business_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-aff-totalrestore-pwri-desk-directpl-qqq-roi%26utm_campaign_id%3D7013w000002H3WVAA0%26utm_content%3Dbanner_ad%26utm_medium%3Dcpa%26utm_source%3Ddsp%26subid1%3D48cfea177f7b47abafca90c594b8135a%26subid2%3D108%26subid5%3Deverflow%26sessionid%3D319440460691&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPkd1bmRyeSBNRCAtIElzIFRoZXJlIEEgU29sdXRpb24gRm9yIExlYWt5IEd1dD88L3RpdGxlPjxoMSBjbGFzcz0iYXJ0aWNsZS10aXRsZSI-Q291bGQgVGhlc2UgQ29tbW9uICJIZWFsdGggRm9vZHMiIEJlIFdyZWNraW5nIFlvdXIgR3V0PzwvaDE-&i6=MmEwMTo0YTA6MmI6OjU%3D&n3pc=true

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pl220418a.php Show response
thegutrehab.com/220418a/pl/
Redirect Chain

https://track.roinattrack.com/70898205-677f-4109-8f21-2eb6b76615f2?tardev=email_&pub=1896&cst=0.55&pi_adid=830923&pi_clickid=ed81e797cbdb49339a3736be8a35fe42
https://www.gdrytrk.com/5W9389/2L7GN6P/?sub2=8fa11a32-5118-47ad-99ef-9723f77415d0&sub1=PowerinBox_Marketplace&sub5=wb5i1movh3epc5dh2bph889i
https://www2.thegutrehab.com/cid/7013w000002H3WVAA0?subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow
https://www2.thegutrehab.com/fst/aff_tr_directpl_qqq?business_unit=a00f400000dk8tnaab&experimental=true&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVA...
https://www2.thegutrehab.com/fst/aff_tr_directpl_qqq/?business_unit=a00f400000dk8tnaab&experimental=true&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WV...
https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w0...

8 KB
3 KB

166ms
145ms

Document
text/html

2606:4700:4400::ac40:93c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w00000LpRS2AAN&origmainFunnelIdOrig=a0q3w000009faxXAAQ&origExternalOrig=true&origExternalIDOrig=a0q3w000009faxXAAQ&genericUrl=os220104a_ap-aff_tr_directpl_html_220429&orignameOrig=os220104a_ap-aff_tr_directpl_html_220429&origbrandOrig=Gundry%20MD&business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow&sessionid=319440460691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1b034acc8689c02813267d500a7f3bc1d8f96262077ff5a74a9d8832a0ce666

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7268907d4c436940-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 06 Jul 2022 13:07:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, max-age = 0
cf-cache-status: DYNAMIC
cf-ray: 7268907a4fcd9054-FRA
content-length: 0
date: Wed, 06 Jul 2022 13:07:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w00000LpRS2AAN&origmainFunnelIdOrig=a0q3w000009faxXAAQ&origExternalOrig=true&origExternalIDOrig=a0q3w000009faxXAAQ&genericUrl=os220104a_ap-aff_tr_directpl_html_220429&orignameOrig=os220104a_ap-aff_tr_directpl_html_220429&origbrandOrig=Gundry%20MD&business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow&sessionid=319440460691
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (af36242f44a2)
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 pl220418a.css
thegutrehab.com/220418a/pl/css/ 4 KB
1 KB 137ms
136ms Stylesheet
text/css 2606:4700:4400::ac40:93c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thegutrehab.com/220418a/pl/css/pl220418a.css
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w00000LpRS2AAN&origmainFunnelIdOrig=a0q3w000009faxXAAQ&origExternalOrig=true&origExternalIDOrig=a0q3w000009faxXAAQ&genericUrl=os220104a_ap-aff_tr_directpl_html_220429&orignameOrig=os220104a_ap-aff_tr_directpl_html_220429&origbrandOrig=Gundry%20MD&business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow&sessionid=319440460691
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:93c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fd1ac5f74a58bfb9c87e4675ef3f6154980c81333fd89b13a3999135bfb4f52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w00000LpRS2AAN&origmainFunnelIdOrig=a0q3w000009faxXAAQ&origExternalOrig=true&origExternalIDOrig=a0q3w000009faxXAAQ&genericUrl=os220104a_ap-aff_tr_directpl_html_220429&orignameOrig=os220104a_ap-aff_tr_directpl_html_220429&origbrandOrig=Gundry%20MD&business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow&sessionid=319440460691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"11e3-11ef9b484c240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Wed, 06 Jul 2022 14:07:37 GMT
cache-control: public, max-age=3600
cf-polished: origSize=4579
cf-ray: 7268907e3da49054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H2 200 gundry_icon.png
cdn.gundrymd.com/images/ 2 KB
3 KB 351ms
191ms Image
image/webp 2606:4700:4400::6812:21d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gundrymd.com/images/gundry_icon.png
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w00000LpRS2AAN&origmainFunnelIdOrig=a0q3w000009faxXAAQ&origExternalOrig=true&origExternalIDOrig=a0q3w000009faxXAAQ&genericUrl=os220104a_ap-aff_tr_directpl_html_220429&orignameOrig=os220104a_ap-aff_tr_directpl_html_220429&origbrandOrig=Gundry%20MD&business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow&sessionid=319440460691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ea387768f404e9973c3d408cae3f2a4f7fec174febf1e6efa4904086355c81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
cf-cache-status: HIT
x-amz-request-id: QR5EBZ2DYB7676BW
cf-polished: origFmt=png, origSize=2958
cf-ray: 7268907f38eb9bb0-FRA
last-modified: Wed, 27 Apr 2022 22:47:47 GMT
content-disposition: inline; filename="gundry_icon.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2286
x-amz-id-2: L4OsH2wbU0q+ndizEFG3rdHEDBFBN4HLpL98uqNqMuqJhcnqsW7l2fgE60gtL6p+g3PI1DlbN0E=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "530b312db7fd8e171949f9a9f79ea304"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-version-id: GRBEU05OA8BDrsJPx7cVOHawaxuc0voS
cache-control: public, max-age=3600
accept-ranges: bytes
content-type: image/webp
expires: Wed, 06 Jul 2022 14:07:37 GMT

GET
H2 200 cin_banana_thumbnail.jpg
cdn.gundrymd.com/images/ 76 KB
77 KB 204ms
204ms Image
image/jpeg 2606:4700:4400::6812:21d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gundrymd.com/images/cin_banana_thumbnail.jpg
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w00000LpRS2AAN&origmainFunnelIdOrig=a0q3w000009faxXAAQ&origExternalOrig=true&origExternalIDOrig=a0q3w000009faxXAAQ&genericUrl=os220104a_ap-aff_tr_directpl_html_220429&orignameOrig=os220104a_ap-aff_tr_directpl_html_220429&origbrandOrig=Gundry%20MD&business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow&sessionid=319440460691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16eb653a63887080d36639336638d21e130ca7b70aef03ae6e2ae6f69e535320

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
cf-cache-status: HIT
x-amz-request-id: EN2Y5ZQ7MW3ZSSAK
cf-polished: degrade=85, origSize=302750, status=webp_bigger
cf-ray: 7268907f895e9bb0-FRA
last-modified: Tue, 31 Aug 2021 17:36:32 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77996
x-amz-id-2: zoClarCLteBPWNI3n8xIPpT4GyLXa22L1auSbK9CA3PIo1QApFAEDibLxIb7qlWfdH6rSGTXBpU=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "2ad90d511657eddde7d3842d4329cb48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ukP2JRWeVEf6ZgH5hQxHKLI6kHXl.tVD
cache-control: public, max-age=3600
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 06 Jul 2022 14:07:37 GMT

GET
H2 200 gundry_scrubs.jpg
cdn.gundrymd.com/images/ 15 KB
15 KB 203ms
202ms Image
image/webp 2606:4700:4400::6812:21d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gundrymd.com/images/gundry_scrubs.jpg
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w00000LpRS2AAN&origmainFunnelIdOrig=a0q3w000009faxXAAQ&origExternalOrig=true&origExternalIDOrig=a0q3w000009faxXAAQ&genericUrl=os220104a_ap-aff_tr_directpl_html_220429&orignameOrig=os220104a_ap-aff_tr_directpl_html_220429&origbrandOrig=Gundry%20MD&business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow&sessionid=319440460691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83c4a5e9bfed78d9ac7fc6be2bf6a7d9387c8a9100b3c5d9e674499dc2c8051c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
cf-cache-status: HIT
x-amz-request-id: CA14SFHK5QN8E5CA
cf-polished: qual=85, origFmt=jpeg, origSize=22166
cf-ray: 7268907f89619bb0-FRA
last-modified: Mon, 29 Mar 2021 23:58:34 GMT
content-disposition: inline; filename="gundry_scrubs.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15480
x-amz-id-2: NkMmTlhUtThRQv66Jy7D/EPN1xwnurhYV5HlTTcKGJN1ZP/OgfjEfvKRKX71A+Q8f6OI9teuYSA=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "94b4270d37a50c49aae1764a65b065da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-version-id: xMb.9v2cJC9NhLiJ0LO_VBUyBqNsylO1
cache-control: public, max-age=3600
accept-ranges: bytes
content-type: image/webp
expires: Wed, 06 Jul 2022 14:07:37 GMT

GET
H3 200 network.js Show response
thegutrehab.com/theme/js/ 462 B
548 B 43ms
42ms Script
application/javascript 2606:4700:4400::ac40:93c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thegutrehab.com/theme/js/network.js
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w00000LpRS2AAN&origmainFunnelIdOrig=a0q3w000009faxXAAQ&origExternalOrig=true&origExternalIDOrig=a0q3w000009faxXAAQ&genericUrl=os220104a_ap-aff_tr_directpl_html_220429&orignameOrig=os220104a_ap-aff_tr_directpl_html_220429&origbrandOrig=Gundry%20MD&business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow&sessionid=319440460691
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:93c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c89f9f5b2138a96cd73e68c338a8eb0a6fcd4de2505de0140a20b836de6ec41d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w00000LpRS2AAN&origmainFunnelIdOrig=a0q3w000009faxXAAQ&origExternalOrig=true&origExternalIDOrig=a0q3w000009faxXAAQ&genericUrl=os220104a_ap-aff_tr_directpl_html_220429&orignameOrig=os220104a_ap-aff_tr_directpl_html_220429&origbrandOrig=Gundry%20MD&business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow&sessionid=319440460691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 135
cf-polished: origSize=548
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"224-11ef9b484c240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 7268907f1ece9054-FRA
expires: Wed, 06 Jul 2022 14:07:37 GMT

GET
H3 200 variables.css
thegutrehab.com/theme/ 68 B
386 B 31ms
31ms Stylesheet
text/css 2606:4700:4400::ac40:93c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thegutrehab.com/theme/variables.css
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/220418a/pl/css/pl220418a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:93c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7645e843621a446e7333f854f2311d810ee36357ec05284861ac66f95b1c1d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/220418a/pl/css/pl220418a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 5500
cf-polished: origSize=71
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"47-11ef9b484c240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 7268907f1ed19054-FRA
expires: Wed, 06 Jul 2022 14:07:37 GMT

GET
H3 200 colors.css
thegutrehab.com/theme/ 30 B
366 B 31ms
30ms Stylesheet
text/css 2606:4700:4400::ac40:93c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thegutrehab.com/theme/colors.css
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/theme/variables.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:93c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9710b24243a15f095dfa868f577880046436f4a36a4e5e924cc1dbf3f085358c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/theme/variables.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
cf-cache-status: HIT
age: 5499
cf-polished: origSize=35
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: "23-11ef9b484c240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 7268907f4f239054-FRA
expires: Wed, 06 Jul 2022 14:07:37 GMT

GET
H3 200 fonts.css
thegutrehab.com/theme/ 1 KB
662 B 23ms
22ms Stylesheet
text/css 2606:4700:4400::ac40:93c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thegutrehab.com/theme/fonts.css
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/theme/variables.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:93c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c5cf7cd49b559f21197c03dfc999bcaabc8fc09ba7f9d2d8e5d923529df5610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/theme/variables.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 5499
cf-polished: origSize=1270
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"4f6-11ef9b484c240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 7268907f4f259054-FRA
expires: Wed, 06 Jul 2022 14:07:37 GMT

GET
H3 200 general.css
thegutrehab.com/theme/ 293 B
485 B 30ms
29ms Stylesheet
text/css 2606:4700:4400::ac40:93c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thegutrehab.com/theme/general.css
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/theme/variables.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:93c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad790ffc3ef7a0308929c61f2b494b8bf0fde88e97640c7432d7d48ad8fd7328

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/theme/variables.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 5499
cf-polished: origSize=370
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"172-11ef9b484c240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 7268907f4f289054-FRA
expires: Wed, 06 Jul 2022 14:07:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 521 KB
104 KB 70ms
46ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV

Requested by

Host: thegutrehab.com
URL: https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w00000LpRS2AAN&origmainFunnelIdOrig=a0q3w000009faxXAAQ&origExternalOrig=true&origExternalIDOrig=a0q3w000009faxXAAQ&genericUrl=os220104a_ap-aff_tr_directpl_html_220429&orignameOrig=os220104a_ap-aff_tr_directpl_html_220429&origbrandOrig=Gundry%20MD&business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow&sessionid=319440460691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2dba484f8c0d017cd19da12d005ef0ba28e6978e9318797ec3de7f85cd3c34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105964
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Jul 2022 13:07:37 GMT

GET
H2 200 blue-gradient.jpg
cdn.gundrymd.com/images/ 96 KB
96 KB 188ms
188ms Image
image/webp 2606:4700:4400::6812:21d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gundrymd.com/images/blue-gradient.jpg
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/220418a/pl/css/pl220418a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63edea6f9f37fdd78bd898b2dcd13d68511e1ac366d3c2608f786c7a5232777f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
cf-cache-status: HIT
x-amz-request-id: 49G6CNGJCFRDSRRD
cf-polished: qual=85, origFmt=jpeg, origSize=196355
cf-ray: 7268907f89629bb0-FRA
last-modified: Fri, 14 Aug 2020 19:54:18 GMT
content-disposition: inline; filename="blue-gradient.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 97928
x-amz-id-2: N2VSTn0DYozKLq6snTWUNb3e4lMG9mqz6J6JOyc5CcOh2hcLHKRLAIPiRkm9slEZe961j2525q0=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "3a4c59d46438a696ce08b0a6bd636664"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-version-id: null
cache-control: public, max-age=3600
accept-ranges: bytes
content-type: image/webp
expires: Wed, 06 Jul 2022 14:07:37 GMT

GET
H2 200 AtlasTypewriter-Light.otf
cdn.gundrymd.com/fonts/ 36 KB
36 KB 62ms
42ms Font
binary/octet-stream 2606:4700:4400::6812:21d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gundrymd.com/fonts/AtlasTypewriter-Light.otf
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/theme/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4db9985ecc7b624791fecec1cdebb57313b3dad2b8de4c447e0e90b114e12696

Request headers

Referer: https://thegutrehab.com/
Origin: https://thegutrehab.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 4650
content-length: 36976
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EN2SX2QW8WC29JCW
x-amz-id-2: ewfTlJ8TrW5DA5AkuT1MZbSaiAPaLnq/mh3PttU66spUW3fmqEjgi/qrdgm/gGb9uyCNH7/PhDU=
last-modified: Fri, 11 Mar 2022 00:47:01 GMT
server: cloudflare
etag: "18b1402d8e7b510bded52b4d025fdfe6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-version-id: 16RnaX1ysdAMOYAYApP1vXPBjzEmuimd
accept-ranges: bytes
cf-ray: 7268907fab6e996f-FRA
expires: Wed, 06 Jul 2022 14:07:37 GMT

GET
H2 200 TiemposHeadline-Medium.otf
cdn.gundrymd.com/fonts/ 77 KB
77 KB 63ms
44ms Font
binary/octet-stream 2606:4700:4400::6812:21d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gundrymd.com/fonts/TiemposHeadline-Medium.otf
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/theme/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b851bd3a93d18841897b546cd7406369bef400dab8f8ddaa70cbe6a7b571689

Request headers

Referer: https://thegutrehab.com/
Origin: https://thegutrehab.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 4650
content-length: 78668
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EN2V5BBT4BHWWS6B
x-amz-id-2: cDQXx7uRaHBe4pt7lN1MrYYiM5fZIUGn6zq+2t2QZ9EfmmhvdWr20V7qXq44S4bOWBo72XvXLzU=
last-modified: Fri, 11 Mar 2022 00:46:12 GMT
server: cloudflare
etag: "99549ca04d0d20759849b21655095fd5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-version-id: mI2o.WypRskX6r11yxHNuXsmG9lwfhzn
accept-ranges: bytes
cf-ray: 7268907fab73996f-FRA
expires: Wed, 06 Jul 2022 14:07:37 GMT

GET
H2 200 TiemposHeadline-Regular.otf
cdn.gundrymd.com/fonts/ 113 KB
114 KB 44ms
25ms Font
binary/octet-stream 2606:4700:4400::6812:21d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gundrymd.com/fonts/TiemposHeadline-Regular.otf
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/theme/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11cf6f8d61cb030b32ca8725d83518499fec39584e25fdafea23798c1394674f

Request headers

Referer: https://thegutrehab.com/
Origin: https://thegutrehab.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 4650
content-length: 116060
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EN2JM35T4JTZ5XBR
x-amz-id-2: bNmulHQYOnTyKunbT5PbkVHj9zcGX5hzB1pEWw2ubuAu41fNIasX195xmquBBfoLGd7zUaOskaI=
last-modified: Fri, 08 Oct 2021 21:25:14 GMT
server: cloudflare
etag: "1f2f9aab9b2dd7ddf565be934bb753e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-version-id: criu_SZfEbk9r6RLq8glr6OfCJEIekSJ
accept-ranges: bytes
cf-ray: 7268907fab72996f-FRA
expires: Wed, 06 Jul 2022 14:07:37 GMT

GET
H2 200 AtlasGrotesk-Light.otf
cdn.gundrymd.com/fonts/ 155 KB
156 KB 62ms
43ms Font
binary/octet-stream 2606:4700:4400::6812:21d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gundrymd.com/fonts/AtlasGrotesk-Light.otf
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/theme/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b87c522688726e0172569cb2baf1973674d560fc9c16e1fafe56724066c71142

Request headers

Referer: https://thegutrehab.com/
Origin: https://thegutrehab.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 4650
content-length: 159164
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EN2M1WETYHBRX5DQ
x-amz-id-2: +q0+EJRiEziAtkBw2iqXGTCz7qlWDySMs1/leTUxtB06gT9UFJOvggN2NBZwlX5ffvH4blSBx/M=
last-modified: Fri, 11 Mar 2022 00:47:01 GMT
server: cloudflare
etag: "7edff2f6bdfe1607d2cc8d4f4d51eb80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-version-id: HUPgsb5cDHmBHRFzcTn_KY42C2kCEEjK
accept-ranges: bytes
cf-ray: 7268907fab6f996f-FRA
expires: Wed, 06 Jul 2022 14:07:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 37ms
19ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PCDR074HFD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16fdac438856bdb0e8fb206038b063cf5e92154fe8dc73ceb47a5e600d8a0f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70607
x-xss-protection: 0
expires: Wed, 06 Jul 2022 13:07:37 GMT

GET
H2 200 goldenhippo.jsp Show response
www.upsellit.com/active/ 60 KB
15 KB 37ms
13ms Script
application/x-javascript 34.117.39.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upsellit.com/active/goldenhippo.jsp

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.39.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.39.117.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

bb9bb101e17f0cd0adbd100fdd144427b1fbe061a029a901b784a9ae621e8b5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
server: nginx
age: 70182
date: Tue, 05 Jul 2022 17:37:55 GMT
vary: Accept-Encoding
content-type: application/x-javascript;charset=ISO-8859-1
cache-control: max-age=86400
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15158
expires: Wed, 06 Jul 2022 17:37:55 GMT

GET
H3 204 /
www.gdrytrk.com/ Frame AA20 0
0 145ms
128ms Document
text/plain 34.107.202.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gdrytrk.com/?nid=704&aid=1&adv_event_id=29&transaction_id=TRANSACTION_ID&amount=AMOUNT
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.202.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.202.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://thegutrehab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Jul 2022 13:07:37 GMT
server: nginx
vary: Origin
via: 1.1 google
x-eflow-request-id: 820cf812-002e-4d3f-b2ee-b2ec26461346

GET
H2

200

widget_async.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/
Redirect Chain

https://shop.pe/widget/widget_async.js
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

2 KB
1 KB

39ms
8ms

Script
application/javascript

143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w00000LpRS2AAN&origmainFunnelIdOrig=a0q3w000009faxXAAQ&origExternalOrig=true&origExternalIDOrig=a0q3w000009faxXAAQ&genericUrl=os220104a_ap-aff_tr_directpl_html_220429&orignameOrig=os220104a_ap-aff_tr_directpl_html_220429&origbrandOrig=Gundry%20MD&business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow&sessionid=319440460691
Protocol: H2
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5269df070cb6c2a14f21520998832ef328235d5941b1af04d5858cba2e758e58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 12:47:59 GMT
content-encoding: gzip
last-modified: Tue, 05 Jul 2022 14:46:54 GMT
server: AmazonS3
age: 1179
etag: "cdf560a03cf07e28b7b8e3619fab24b4"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 905
x-amz-cf-id: Vldq5OdSIRipEfOeyXPG3QjcIedTopoLmvTooUTk56IVNA2PPYcUtQ==
x-amz-meta-mtime: 1657032412.7

Redirect headers

content-security-policy: frame-ancestors none;
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
server: nginx
date: Wed, 06 Jul 2022 13:07:37 GMT
x-frame-options: deny
content-type: text/html
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178

GET
H2 200 a-02uo.min.js Show response
b-code.liadm.com/ 27 KB
10 KB 27ms
8ms Script
application/javascript 2600:9000:2057:d200:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-02uo.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c013c0c8e577c57774e5e5d287aad5194d3ed4383811776e2a36802d3e3c14ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:10:35 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
age: 14221
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
content-encoding: gzip
x-amz-cf-id: QpsbcrX4-SW7xmFEegkYvTwZQ7PqG9G-C4rGv-KU7KT0MpEdKg41jw==

GET
H3 200 site.js Show response
www2.thegutrehab.com/assets/js/ 20 KB
5 KB 24ms
23ms Script
application/javascript 2606:4700:4400::ac40:93c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/assets/js/site.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521724206d4c7eb14981b5623b34995e760cc3610e1b5eaf30648bab1b30d5eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
via: 1.1 spaces-router (af36242f44a2)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2799
cf-polished: origSize=32727
x-dns-prefetch-control: off
cf-bgj: minify
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 02 Jul 2022 00:03:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7fd7-181bc382c98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 7268908078e59054-FRA
expires: Wed, 06 Jul 2022 14:07:37 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
458 B 89ms
27ms Image
text/plain 54.170.181.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=NqKvCG4b&event_type=default&company_id=4772303201
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w00000LpRS2AAN&origmainFunnelIdOrig=a0q3w000009faxXAAQ&origExternalOrig=true&origExternalIDOrig=a0q3w000009faxXAAQ&genericUrl=os220104a_ap-aff_tr_directpl_html_220429&orignameOrig=os220104a_ap-aff_tr_directpl_html_220429&origbrandOrig=Gundry%20MD&business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow&sessionid=319440460691
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.181.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-181-87.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1657112857
x-served-by: beacon-n008-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 400 conversion.gif
link.dsctrk.com/ 0
0 78ms
9ms Image
text/html 18.195.149.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.dsctrk.com/conversion.gif?et=prelander
Requested by: Host: thegutrehab.com
URL: https://thegutrehab.com/220418a/pl/pl220418a.php?origexperimentalOrig=true&step=1&funnelSTPId=a0q3w000009faxcAAA&origuidOrig=aff_tr_directpl_html_220429&origspidOrig=null&step=1&origdsidOrig=a0v3w00000LpRS2AAN&origmainFunnelIdOrig=a0q3w000009faxXAAQ&origExternalOrig=true&origExternalIDOrig=a0q3w000009faxXAAQ&genericUrl=os220104a_ap-aff_tr_directpl_html_220429&orignameOrig=os220104a_ap-aff_tr_directpl_html_220429&origbrandOrig=Gundry%20MD&business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-pwri-desk-directpl-qqq-roi&utm_campaign_id=7013w000002H3WVAA0&utm_content=banner_ad&utm_medium=cpa&utm_source=dsp&subid1=48cfea177f7b47abafca90c594b8135a&subid2=108&subid5=everflow&sessionid=319440460691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.195.149.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-149-11.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 request-ip Show response
www2.thegutrehab.com/ 60 B
468 B 137ms
137ms Script
application/javascript 2606:4700:4400::ac40:93c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/request-ip

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/assets/js/site.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d717f6a04f79ba6dc86daa5d95885e79e67c048a54fe61e87dabd5af755cef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
via: 1.1 spaces-router (af36242f44a2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3c-MEoU1RoRTPmfyaDNdVdkiQhvgGo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-cache, max-age = 0
cf-ray: 72689080a9219054-FRA

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1657112857710&aid=a-02uo&se=eyJldmVudCI6InZpZXdDb250ZW50IiwibmFtZSI6Ii8yMjA0MThhL3BsL3BsMjIwNDE4YS5waHAiLCJjb250ZW50VHlwZSI6IkxhbmRpbmdQYWdlIn0&duid=87e4200bd901--01g7...
https://rp4.liadm.com/j?dtstmp=1657112857710&aid=a-02uo&se=eyJldmVudCI6InZpZXdDb250ZW50IiwibmFtZSI6Ii8yMjA0MThhL3BsL3BsMjIwNDE4YS5waHAiLCJjb250ZW50VHlwZSI6IkxhbmRpbmdQYWdlIn0&duid=87e4200bd901--01g...

13 B
553 B

286ms
95ms

XHR
application/json

52.4.135.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1657112857710&aid=a-02uo&se=eyJldmVudCI6InZpZXdDb250ZW50IiwibmFtZSI6Ii8yMjA0MThhL3BsL3BsMjIwNDE4YS5waHAiLCJjb250ZW50VHlwZSI6IkxhbmRpbmdQYWdlIn0&duid=87e4200bd901--01g79sz33czkgg7jtswafd8rea&tna=v2.4.0&pu=https%3A%2F%2Fthegutrehab.com%2F220418a%2Fpl%2Fpl220418a.php%3ForigexperimentalOrig%3Dtrue%26step%3D1%26funnelSTPId%3Da0q3w000009faxcAAA%26origuidOrig%3Daff_tr_directpl_html_220429%26origspidOrig%3Dnull%26step%3D1%26origdsidOrig%3Da0v3w00000LpRS2AAN%26origmainFunnelIdOrig%3Da0q3w000009faxXAAQ%26origExternalOrig%3Dtrue%26origExternalIDOrig%3Da0q3w000009faxXAAQ%26genericUrl%3Dos220104a_ap-aff_tr_directpl_html_220429%26orignameOrig%3Dos220104a_ap-aff_tr_directpl_html_220429%26origbrandOrig%3DGundry%2520MD%26business_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-aff-totalrestore-pwri-desk-directpl-qqq-roi%26utm_campaign_id%3D7013w000002H3WVAA0%26utm_content%3Dbanner_ad%26utm_medium%3Dcpa%26utm_source%3Ddsp%26subid1%3D48cfea177f7b47abafca90c594b8135a%26subid2%3D108%26subid5%3Deverflow%26sessionid%3D319440460691&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPkd1bmRyeSBNRCAtIElzIFRoZXJlIEEgU29sdXRpb24gRm9yIExlYWt5IEd1dD88L3RpdGxlPjxoMSBjbGFzcz0iYXJ0aWNsZS10aXRsZSI-Q291bGQgVGhlc2UgQ29tbW9uICJIZWFsdGggRm9vZHMiIEJlIFdyZWNraW5nIFlvdXIgR3V0PzwvaDE-&i6=MmEwMTo0YTA6MmI6OjU%3D&n3pc=true

Requested by

Protocol

Server

52.4.135.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-135-4.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:38 GMT
x-pixel-event-id: e3191638-cf86-4c45-85d6-5e67f281c4c6
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 69d80d5c21f7a580
request-time: 1
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Wed, 06 Jul 2022 13:07:37 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1657112857710&aid=a-02uo&se=eyJldmVudCI6InZpZXdDb250ZW50IiwibmFtZSI6Ii8yMjA0MThhL3BsL3BsMjIwNDE4YS5waHAiLCJjb250ZW50VHlwZSI6IkxhbmRpbmdQYWdlIn0&duid=87e4200bd901--01g79sz33czkgg7jtswafd8rea&tna=v2.4.0&pu=https%3A%2F%2Fthegutrehab.com%2F220418a%2Fpl%2Fpl220418a.php%3ForigexperimentalOrig%3Dtrue%26step%3D1%26funnelSTPId%3Da0q3w000009faxcAAA%26origuidOrig%3Daff_tr_directpl_html_220429%26origspidOrig%3Dnull%26step%3D1%26origdsidOrig%3Da0v3w00000LpRS2AAN%26origmainFunnelIdOrig%3Da0q3w000009faxXAAQ%26origExternalOrig%3Dtrue%26origExternalIDOrig%3Da0q3w000009faxXAAQ%26genericUrl%3Dos220104a_ap-aff_tr_directpl_html_220429%26orignameOrig%3Dos220104a_ap-aff_tr_directpl_html_220429%26origbrandOrig%3DGundry%2520MD%26business_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-aff-totalrestore-pwri-desk-directpl-qqq-roi%26utm_campaign_id%3D7013w000002H3WVAA0%26utm_content%3Dbanner_ad%26utm_medium%3Dcpa%26utm_source%3Ddsp%26subid1%3D48cfea177f7b47abafca90c594b8135a%26subid2%3D108%26subid5%3Deverflow%26sessionid%3D319440460691&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPkd1bmRyeSBNRCAtIElzIFRoZXJlIEEgU29sdXRpb24gRm9yIExlYWt5IEd1dD88L3RpdGxlPjxoMSBjbGFzcz0iYXJ0aWNsZS10aXRsZSI-Q291bGQgVGhlc2UgQ29tbW9uICJIZWFsdGggRm9vZHMiIEJlIFdyZWNraW5nIFlvdXIgR3V0PzwvaDE-&i6=MmEwMTo0YTA6MmI6OjU%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://thegutrehab.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 0ec7e615da246e6f
request-time: 0
content-length: 0
x-content-type-options: nosniff

POST
H2 204 collect
region1.analytics.google.com/g/ 0
338 B 40ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PCDR074HFD&gtm=2oe6t0&_p=1891175064&_z=ccd.v9B&_gaz=1&cid=1087949483.1657112858&ul=en-us&sr=1600x1200&_s=1&sid=1657112857&sct=1&seg=0&dl=https%3A%2F%2Fthegutrehab.com%2F220418a%2Fpl%2Fpl220418a.php%3ForigexperimentalOrig%3Dtrue%26step%3D1%26funnelSTPId%3Da0q3w000009faxcAAA%26origuidOrig%3Daff_tr_directpl_html_220429%26origspidOrig%3Dnull%26step%3D1%26origdsidOrig%3Da0v3w00000LpRS2AAN%26origmainFunnelIdOrig%3Da0q3w000009faxXAAQ%26origExternalOrig%3Dtrue%26origExternalIDOrig%3Da0q3w000009faxXAAQ%26genericUrl%3Dos220104a_ap-aff_tr_directpl_html_220429%26orignameOrig%3Dos220104a_ap-aff_tr_directpl_html_220429%26origbrandOrig%3DGundry%2520MD%26business_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-aff-totalrestore-pwri-desk-directpl-qqq-roi%26utm_campaign_id%3D7013w000002H3WVAA0%26utm_content%3Dbanner_ad%26utm_medium%3Dcpa%26utm_source%3Ddsp%26subid1%3D48cfea177f7b47abafca90c594b8135a%26subid2%3D108%26subid5%3Deverflow%26sessionid%3D319440460691&dt=Gundry%20MD%20-%20Is%20There%20A%20Solution%20For%20Leaky%20Gut%3F&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCDR074HFD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 13:07:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thegutrehab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
347 B 59ms
19ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PCDR074HFD&cid=1087949483.1657112858&gtm=2oe6t0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCDR074HFD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 13:07:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thegutrehab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 56ms
32ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PCDR074HFD&cid=1087949483.1657112858&gtm=2oe6t0&aip=1&z=1245653492

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 13:07:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www2.thegutrehab.com/proxy/funnel/stats/alternsave/ 29 B
441 B 127ms
126ms Script
application/javascript 2606:4700:4400::ac40:93c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/proxy/funnel/stats/alternsave/?event=eyJmdW5uZWxTVEZJZCI6ImEwcTN3MDAwMDA5ZmF4WEFBUSIsInVybCI6InBsMjIwNDE4YS5waHAiLCJldmVudFR5cGUiOiJQYWdlIFZpZXciLCJzZXNzaW9uSWQiOiIzMTk0NDA0NjA2OTEiLCJkZXN0aW5hdGlvbklkIjoiYTB2M3cwMDAwMExwUlMyQUFOIiwiZnVubmVsU1RQSWQiOiJhMHEzdzAwMDAwOWZheGNBQUEiLCJzcGxpdFRlc3RpbmdJZCI6bnVsbCwic3BsaXRUZXN0aW5nRnVubmVsSWQiOm51bGwsIm1haW5GdW5uZWxJRCI6ImEwcTN3MDAwMDA5ZmF4WEFBUSIsImN1c3RvbVBheUxvYWQxIjoie30iLCJjdXN0b21QYXlMb2FkMiI6IntcImV4cGVyaW1lbnRhbFwiOnRydWUsXCJzaXRlXCI6dHJ1ZSxcIm5vbi1ldmVudFwiOjB9IiwidXRtU291cmNlIjoiZHNwIiwidXRtTWVkaXVtIjoiY3BhIiwidXRtQ2FtcGFpZ24iOiJnbWQtYWZmLXRvdGFscmVzdG9yZS1wd3JpLWRlc2stZGlyZWN0cGwtcXFxLXJvaSIsInV0bUNhbXBhaWduSWQiOiI3MDEzdzAwMDAwMkgzV1ZBQTAiLCJ1dG1Db250ZW50IjoiYmFubmVyX2FkIiwidXRtVGVybSI6bnVsbCwiYWZmSWQiOiIiLCJvZmZJZCI6IiIsInN1YklkMSI6IjQ4Y2ZlYTE3N2Y3YjQ3YWJhZmNhOTBjNTk0YjgxMzVhIiwic3ViSWQyIjoiMTA4Iiwic3ViSWQzIjpudWxsLCJzdWJJZDQiOm51bGwsInN1YklkNSI6ImV2ZXJmbG93Iiwic2FsZXNGdW5uZWwiOiJGdW5uZWwiLCJ2aXNpdG9ySWQiOm51bGwsInJlZmVycmFsVXJsIjoiIiwiYnJhbmQiOiJHdW5kcnkgTUQiLCJicm93c2VyIjoiQ2hyb21lIiwib3MiOiJXaW5kb3dzIiwiZGV2aWNlIjoiRGVza3RvcCJ9

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/assets/js/site.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5b1625932b3d2b242b95c8680756c5d79135956bb1f6fd0b9544261a9d56389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
via: 1.1 spaces-router (af36242f44a2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d-RfI0mb55JJVfolfOEMKnZBLgoWw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-cache, max-age = 0
cf-ray: 72689080f99f9054-FRA

GET
H3 200 / Show response
www2.thegutrehab.com/proxy/funnel/stats/alternsave/ 29 B
441 B 135ms
135ms Script
application/javascript 2606:4700:4400::ac40:93c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/proxy/funnel/stats/alternsave/?event=eyJmdW5uZWxTVEZJZCI6ImEwcTN3MDAwMDA5ZmF4WEFBUSIsInVybCI6InBsMjIwNDE4YS5waHAiLCJldmVudFR5cGUiOiJOZXcgU2Vzc2lvbiIsInNlc3Npb25JZCI6IjMxOTQ0MDQ2MDY5MSIsImRlc3RpbmF0aW9uSWQiOiJhMHYzdzAwMDAwTHBSUzJBQU4iLCJmdW5uZWxTVFBJZCI6ImEwcTN3MDAwMDA5ZmF4Y0FBQSIsInNwbGl0VGVzdGluZ0lkIjpudWxsLCJzcGxpdFRlc3RpbmdGdW5uZWxJZCI6bnVsbCwibWFpbkZ1bm5lbElEIjoiYTBxM3cwMDAwMDlmYXhYQUFRIiwiY3VzdG9tUGF5TG9hZDEiOiJ7fSIsImN1c3RvbVBheUxvYWQyIjoie1wiZXhwZXJpbWVudGFsXCI6dHJ1ZSxcInNpdGVcIjp0cnVlLFwibm9uLWV2ZW50XCI6MH0iLCJ1dG1Tb3VyY2UiOiJkc3AiLCJ1dG1NZWRpdW0iOiJjcGEiLCJ1dG1DYW1wYWlnbiI6ImdtZC1hZmYtdG90YWxyZXN0b3JlLXB3cmktZGVzay1kaXJlY3RwbC1xcXEtcm9pIiwidXRtQ2FtcGFpZ25JZCI6IjcwMTN3MDAwMDAySDNXVkFBMCIsInV0bUNvbnRlbnQiOiJiYW5uZXJfYWQiLCJ1dG1UZXJtIjpudWxsLCJhZmZJZCI6IiIsIm9mZklkIjoiIiwic3ViSWQxIjoiNDhjZmVhMTc3ZjdiNDdhYmFmY2E5MGM1OTRiODEzNWEiLCJzdWJJZDIiOiIxMDgiLCJzdWJJZDMiOm51bGwsInN1YklkNCI6bnVsbCwic3ViSWQ1IjoiZXZlcmZsb3ciLCJzYWxlc0Z1bm5lbCI6IkZ1bm5lbCIsInZpc2l0b3JJZCI6bnVsbCwicmVmZXJyYWxVcmwiOiIiLCJicmFuZCI6Ikd1bmRyeSBNRCIsImJyb3dzZXIiOiJDaHJvbWUiLCJvcyI6IldpbmRvd3MiLCJkZXZpY2UiOiJEZXNrdG9wIn0=

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/assets/js/site.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5b1625932b3d2b242b95c8680756c5d79135956bb1f6fd0b9544261a9d56389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
via: 1.1 spaces-router (af36242f44a2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d-RfI0mb55JJVfolfOEMKnZBLgoWw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-cache, max-age = 0
cf-ray: 72689080f9a09054-FRA

GET
H3 200 / Show response
www2.thegutrehab.com/proxy/funnel/stats/alternsave/ 29 B
441 B 215ms
214ms Script
application/javascript 2606:4700:4400::ac40:93c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/proxy/funnel/stats/alternsave/?event=eyJmdW5uZWxTVEZJZCI6ImEwcTN3MDAwMDA5ZmF4WEFBUSIsInVybCI6InBsMjIwNDE4YS5waHAiLCJldmVudFR5cGUiOiJEZXN0aW5hdGlvbiIsInNlc3Npb25JZCI6IjMxOTQ0MDQ2MDY5MSIsImRlc3RpbmF0aW9uSWQiOiJhMHYzdzAwMDAwTHBSUzJBQU4iLCJmdW5uZWxTVFBJZCI6ImEwcTN3MDAwMDA5ZmF4Y0FBQSIsInNwbGl0VGVzdGluZ0lkIjpudWxsLCJzcGxpdFRlc3RpbmdGdW5uZWxJZCI6bnVsbCwibWFpbkZ1bm5lbElEIjoiYTBxM3cwMDAwMDlmYXhYQUFRIiwiY3VzdG9tUGF5TG9hZDEiOiJ7fSIsImN1c3RvbVBheUxvYWQyIjoie1wiZXhwZXJpbWVudGFsXCI6dHJ1ZSxcInNpdGVcIjp0cnVlLFwibm9uLWV2ZW50XCI6MH0iLCJ1dG1Tb3VyY2UiOiJkc3AiLCJ1dG1NZWRpdW0iOiJjcGEiLCJ1dG1DYW1wYWlnbiI6ImdtZC1hZmYtdG90YWxyZXN0b3JlLXB3cmktZGVzay1kaXJlY3RwbC1xcXEtcm9pIiwidXRtQ2FtcGFpZ25JZCI6IjcwMTN3MDAwMDAySDNXVkFBMCIsInV0bUNvbnRlbnQiOiJiYW5uZXJfYWQiLCJ1dG1UZXJtIjpudWxsLCJhZmZJZCI6IiIsIm9mZklkIjoiIiwic3ViSWQxIjoiNDhjZmVhMTc3ZjdiNDdhYmFmY2E5MGM1OTRiODEzNWEiLCJzdWJJZDIiOiIxMDgiLCJzdWJJZDMiOm51bGwsInN1YklkNCI6bnVsbCwic3ViSWQ1IjoiZXZlcmZsb3ciLCJzYWxlc0Z1bm5lbCI6IkZ1bm5lbCIsInZpc2l0b3JJZCI6bnVsbCwicmVmZXJyYWxVcmwiOiIiLCJicmFuZCI6Ikd1bmRyeSBNRCIsImJyb3dzZXIiOiJDaHJvbWUiLCJvcyI6IldpbmRvd3MiLCJkZXZpY2UiOiJEZXNrdG9wIn0=

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/assets/js/site.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5b1625932b3d2b242b95c8680756c5d79135956bb1f6fd0b9544261a9d56389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:37 GMT
via: 1.1 spaces-router (af36242f44a2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d-RfI0mb55JJVfolfOEMKnZBLgoWw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-cache, max-age = 0
cf-ray: 72689080f9a39054-FRA

GET
H2 200 triggerRunner.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 10 KB
4 KB 8ms
7ms Script
application/javascript 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=c2be5aa
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 380ef284cc9c44f82f786f246a822011a779932c9cd2ee34c451182ec2952468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 14:47:57 GMT
content-encoding: gzip
last-modified: Tue, 05 Jul 2022 14:46:55 GMT
server: AmazonS3
age: 80381
etag: "c05dc39da4472e153fdd108b733b2dfd"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 3759
x-amz-cf-id: VuqkofpF90LvXh7OGLnTs5p0V9P9Kfh2ou78sNsC6UI986r4iu3qeg==
x-amz-meta-mtime: 1657032412.68

GET
H2 200 widget.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 182 KB
47 KB 8ms
8ms Script
application/javascript 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=59b59fa
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c82a7d5e9cbd4e07925904252c3102fb2160e7e480fb4fe58e3cf2e31ef61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 14:47:58 GMT
content-encoding: gzip
last-modified: Tue, 05 Jul 2022 14:46:56 GMT
server: AmazonS3
age: 80381
etag: "0a6f666c8cd1eb3a43a2ccf4a60bc91a"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 47542
x-amz-cf-id: m2PGNYpM2cesX6AZeKk2X9_lfgnuB1Qt3uHVkwrcxYBwSzd5yqweaA==
x-amz-meta-mtime: 1657032410.98

GET
H3 200 params Show response
shop.pe/widget/main/init/ 260 B
247 B 128ms
119ms Script
text/javascript 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/widget/main/init/params?siteid=61b7632473efc371cfbbfdf9&product=Gundry%20MD%20-%20Is%20There%20A%20Solution%20For%20Leaky%20Gut%3F&product_url=https%3A%2F%2Fthegutrehab.com%2F220418a%2Fpl%2Fpl220418a.php&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fthegutrehab.com%2F220418a%2Fpl%2Fpl220418a.php%3ForigexperimentalOrig%3Dtrue%26step%3D1%26funnelSTPId%3Da0q3w000009faxcAAA%26origuidOrig%3Daff_tr_directpl_html_220429%26origspidOrig%3Dnull%26step%3D1%26origdsidOrig%3Da0v3w00000LpRS2AAN%26origmainFunnelIdOrig%3Da0q3w000009faxXAAQ%26origExternalOrig%3Dtrue%26origExternalIDOrig%3Da0q3w000009faxXAAQ%26genericUrl%3Dos220104a_ap-aff_tr_directpl_html_220429%26orignameOrig%3Dos220104a_ap-aff_tr_directpl_html_220429%26origbrandOrig%3DGundry%2520MD%26business_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-aff-totalrestore-pwri-desk-directpl-qqq-roi%26utm_campaign_id%3D7013w000002H3WVAA0%26utm_content%3Dbanner_ad%26utm_medium%3Dcpa%26utm_source%3Ddsp%26subid1%3D48cfea177f7b47abafca90c594b8135a%26subid2%3D108%26subid5%3Deverflow%26sessionid%3D319440460691&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&rand=82899&cookie=&referer=

Requested by

Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=59b59fa

Protocol

Security

QUIC, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

18d1f0efe60c6703f36bda6174f82cbd96a6486d619bbcea48c5b187854040bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:38 GMT
content-encoding: gzip
access-control-allow-origin: https://my.addshoppers.com
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version: 47
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: deny
etag: W/"944683e8cb277e711148476b0ad2c95485a2c700"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
content-type: text/javascript
via: 1.1 google
access-control-allow-credentials: true
content-security-policy: frame-ancestors none;
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken

GET
H3 200 / Show response
www2.thegutrehab.com/proxy/funnel/stats/alternsave/ 29 B
441 B 160ms
160ms Script
application/javascript 2606:4700:4400::ac40:93c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/proxy/funnel/stats/alternsave/?event=eyJmdW5uZWxTVEZJZCI6ImEwcTN3MDAwMDA5ZmF4WEFBUSIsInVybCI6InBsMjIwNDE4YS5waHAiLCJldmVudFR5cGUiOiJFeHBsb3JpdW0tQWZmaWxpYXRlSW5mbyIsInNlc3Npb25JZCI6IjMxOTQ0MDQ2MDY5MSIsImRlc3RpbmF0aW9uSWQiOiJhMHYzdzAwMDAwTHBSUzJBQU4iLCJmdW5uZWxTVFBJZCI6ImEwcTN3MDAwMDA5ZmF4Y0FBQSIsInNwbGl0VGVzdGluZ0lkIjpudWxsLCJzcGxpdFRlc3RpbmdGdW5uZWxJZCI6bnVsbCwibWFpbkZ1bm5lbElEIjoiYTBxM3cwMDAwMDlmYXhYQUFRIiwiY3VzdG9tUGF5TG9hZDEiOiJ7XCJzYWxlc0Z1bm5lbFwiOlwiUEhQXCIsXCJ1dG1Tb3VyY2VcIjpcImRzcFwiLFwidXRtTWVkaXVtXCI6XCJjcGFcIixcInV0bUNhbXBhaWduXCI6XCJnbWQtYWZmLXRvdGFscmVzdG9yZS1wd3JpLWRlc2stZGlyZWN0cGwtcXFxLXJvaVwiLFwidXRtQ2FtcGFpZ25JZFwiOlwiNzAxM3cwMDAwMDJIM1dWQUEwXCJ9IiwiY3VzdG9tUGF5TG9hZDIiOiJ7XCJ1dG1Db250ZW50XCI6XCJiYW5uZXJfYWRcIixcInV0bVRlcm1cIjpudWxsLFwic3ViSWQxXCI6XCI0OGNmZWExNzdmN2I0N2FiYWZjYTkwYzU5NGI4MTM1YVwiLFwic3ViSWQyXCI6XCIxMDhcIixcInN1YklkM1wiOm51bGwsXCJzdWJJZDRcIjpudWxsLFwic3ViSWQ1XCI6XCJldmVyZmxvd1wiLFwibm9uLWV2ZW50XCI6MH0iLCJ1dG1Tb3VyY2UiOiJkc3AiLCJ1dG1NZWRpdW0iOiJjcGEiLCJ1dG1DYW1wYWlnbiI6ImdtZC1hZmYtdG90YWxyZXN0b3JlLXB3cmktZGVzay1kaXJlY3RwbC1xcXEtcm9pIiwidXRtQ2FtcGFpZ25JZCI6IjcwMTN3MDAwMDAySDNXVkFBMCIsInV0bUNvbnRlbnQiOiJiYW5uZXJfYWQiLCJ1dG1UZXJtIjpudWxsLCJhZmZJZCI6IiIsIm9mZklkIjoiIiwic3ViSWQxIjoiNDhjZmVhMTc3ZjdiNDdhYmFmY2E5MGM1OTRiODEzNWEiLCJzdWJJZDIiOiIxMDgiLCJzdWJJZDMiOm51bGwsInN1YklkNCI6bnVsbCwic3ViSWQ1IjoiZXZlcmZsb3ciLCJzYWxlc0Z1bm5lbCI6IkZ1bm5lbCIsInZpc2l0b3JJZCI6bnVsbCwicmVmZXJyYWxVcmwiOiIiLCJicmFuZCI6Ikd1bmRyeSBNRCIsImJyb3dzZXIiOiJDaHJvbWUiLCJvcyI6IldpbmRvd3MiLCJkZXZpY2UiOiJEZXNrdG9wIn0=

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/assets/js/site.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5b1625932b3d2b242b95c8680756c5d79135956bb1f6fd0b9544261a9d56389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:38 GMT
via: 1.1 spaces-router (af36242f44a2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d-RfI0mb55JJVfolfOEMKnZBLgoWw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-cache, max-age = 0
cf-ray: 726890836dc99054-FRA

GET
H3 200 params Show response
shop.pe/widget/main/init/ 1 KB
744 B 126ms
125ms Script
text/javascript 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/widget/main/init/params?siteid=61b7632473efc371cfbbfdf9&product=Gundry%20MD%20-%20Is%20There%20A%20Solution%20For%20Leaky%20Gut%3F&product_url=https%3A%2F%2Fthegutrehab.com%2F220418a%2Fpl%2Fpl220418a.php&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fthegutrehab.com%2F220418a%2Fpl%2Fpl220418a.php%3ForigexperimentalOrig%3Dtrue%26step%3D1%26funnelSTPId%3Da0q3w000009faxcAAA%26origuidOrig%3Daff_tr_directpl_html_220429%26origspidOrig%3Dnull%26step%3D1%26origdsidOrig%3Da0v3w00000LpRS2AAN%26origmainFunnelIdOrig%3Da0q3w000009faxXAAQ%26origExternalOrig%3Dtrue%26origExternalIDOrig%3Da0q3w000009faxXAAQ%26genericUrl%3Dos220104a_ap-aff_tr_directpl_html_220429%26orignameOrig%3Dos220104a_ap-aff_tr_directpl_html_220429%26origbrandOrig%3DGundry%2520MD%26business_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-aff-totalrestore-pwri-desk-directpl-qqq-roi%26utm_campaign_id%3D7013w000002H3WVAA0%26utm_content%3Dbanner_ad%26utm_medium%3Dcpa%26utm_source%3Ddsp%26subid1%3D48cfea177f7b47abafca90c594b8135a%26subid2%3D108%26subid5%3Deverflow%26sessionid%3D319440460691&callback=AddShoppersWidget.load_widget&rand=38870&cookie=2%7C1%3A0%7C10%3A1657112858%7C15%3Aaddshoppers.com%7C44%3AMmU4Y2U1MWU0ZDE3NDJlM2IwOThiZTJjNWM3ZTE2YWE%3D%7C9199233e107bfdcd331fabac7abc3bad31800aeb53321bc1d8b2cbe42f31ede5&referer=

Requested by

Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=59b59fa

Protocol

Security

QUIC, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

a72ae0479994166d649585835db42a71c47cfbd7abaac259e6e0718de9515774

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:38 GMT
content-encoding: gzip
access-control-allow-origin: https://my.addshoppers.com
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version: 47
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: deny
etag: W/"bc41f46c07df80673d3d76fa4116339e8173c2c3"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
content-type: text/javascript
via: 1.1 google
access-control-allow-credentials: true
content-security-policy: frame-ancestors none;
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken

GET
H3 200 / Show response
www2.thegutrehab.com/proxy/funnel/stats/alternsave/ 29 B
441 B 128ms
127ms Script
application/javascript 2606:4700:4400::ac40:93c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/proxy/funnel/stats/alternsave/?event=eyJmdW5uZWxTVEZJZCI6ImEwcTN3MDAwMDA5ZmF4WEFBUSIsInVybCI6InBsMjIwNDE4YS5waHAiLCJldmVudFR5cGUiOiJSRVFVRVNULUlQIiwic2Vzc2lvbklkIjoiMzE5NDQwNDYwNjkxIiwiZGVzdGluYXRpb25JZCI6ImEwdjN3MDAwMDBMcFJTMkFBTiIsImZ1bm5lbFNUUElkIjoiYTBxM3cwMDAwMDlmYXhjQUFBIiwic3BsaXRUZXN0aW5nSWQiOm51bGwsInNwbGl0VGVzdGluZ0Z1bm5lbElkIjpudWxsLCJtYWluRnVubmVsSUQiOiJhMHEzdzAwMDAwOWZheFhBQVEiLCJjdXN0b21QYXlMb2FkMSI6IntcImFsdGVybmFpR3Vlc3RJZFwiOlwiYWVkYzA2MmItMTAxMi00Zjc5LWE3ZGItZDRjZTlmZGQxZTk2LHRoZWd1dHJlaGFiLmNvbSwsYmxvYjpodHRwczpcIn0iLCJjdXN0b21QYXlMb2FkMiI6IntcImFsdGVybmFpVmlzaXRvcklkXCI6XCJcIixcImlwXCI6XCIxNzIuNzAuMTM1LjNcIixcInVhXCI6XCJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC41MyBTYWZhcmkvNTM3LjM2XCIsXCJub24tZXZlbnRcIjowfSIsInV0bVNvdXJjZSI6ImRzcCIsInV0bU1lZGl1bSI6ImNwYSIsInV0bUNhbXBhaWduIjoiZ21kLWFmZi10b3RhbHJlc3RvcmUtcHdyaS1kZXNrLWRpcmVjdHBsLXFxcS1yb2kiLCJ1dG1DYW1wYWlnbklkIjoiNzAxM3cwMDAwMDJIM1dWQUEwIiwidXRtQ29udGVudCI6ImJhbm5lcl9hZCIsInV0bVRlcm0iOm51bGwsImFmZklkIjoiIiwib2ZmSWQiOiIiLCJzdWJJZDEiOiI0OGNmZWExNzdmN2I0N2FiYWZjYTkwYzU5NGI4MTM1YSIsInN1YklkMiI6IjEwOCIsInN1YklkMyI6bnVsbCwic3ViSWQ0IjpudWxsLCJzdWJJZDUiOiJldmVyZmxvdyIsInNhbGVzRnVubmVsIjoiRnVubmVsIiwidmlzaXRvcklkIjpudWxsLCJyZWZlcnJhbFVybCI6IiIsImJyYW5kIjoiR3VuZHJ5IE1EIiwiYnJvd3NlciI6IkNocm9tZSIsIm9zIjoiV2luZG93cyIsImRldmljZSI6IkRlc2t0b3AifQ==

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/assets/js/site.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5b1625932b3d2b242b95c8680756c5d79135956bb1f6fd0b9544261a9d56389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:38 GMT
via: 1.1 spaces-router (af36242f44a2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d-RfI0mb55JJVfolfOEMKnZBLgoWw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-cache, max-age = 0
cf-ray: 726890841f619054-FRA

GET
H/1.1 200
OK A.js Show response
addshoppers.s3.amazonaws.com/61b7632473efc371cfbbfdf9/61b76db078f2f27efd9c4b80/ 17 KB
4 KB 404ms
116ms Script
application/javascript 52.216.65.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://addshoppers.s3.amazonaws.com/61b7632473efc371cfbbfdf9/61b76db078f2f27efd9c4b80/A.js?_t=1645033371
Requested by: Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=59b59fa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.65.48 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 45be41bfa1dc1ec0f712bbe1f194d9f853830cc1f10e5f6dc389beb63f7ab407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 13:07:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 17:42:52 GMT
Server: AmazonS3
x-amz-request-id: JKTX3JJZ96FAEGZK
ETag: "26dfe521e4023631d44dc226d45a13e8"
x-amz-version-id: XRkMcCsZ0xN3EIbNjPakXC.FYgAw6gf8
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 4055
x-amz-id-2: JcxaawJ43jiX9S/cLJqCgVv9KdQdZt48fjxuMih+d5ZFEbOj2DjQj+tsHewDQwX6rxqNFsexO88=

GET
H/1.1 200
OK c300986e77c94b13bd246c7dc0851b05.js Show response
addshoppers.s3.amazonaws.com/customize/61b7632473efc371cfbbfdf9/ 2 KB
1 KB 399ms
115ms Script
application/javascript 52.216.65.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://addshoppers.s3.amazonaws.com/customize/61b7632473efc371cfbbfdf9/c300986e77c94b13bd246c7dc0851b05.js?_t=1657035540
Requested by: Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=59b59fa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.65.48 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 520173313ed63cdcfd7868af5789e759d4448b9b59ded673fe57da2e75b0c18c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 13:07:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 15:39:01 GMT
Server: AmazonS3
x-amz-request-id: JKTM6K9NPGWSHX3S
ETag: "c209257c95f33481145891e39b1f132f"
x-amz-version-id: VoTJ7GyykKeGyWC1L8OhGSYeNa7729oA
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 619
x-amz-id-2: REsKo8XD636wvDxrxq+TnKcevI1cPiRvj7dNEGnBRIjuKVLSb79ne9nWSHu8SS78KfhFrm8R/Qo=

GET
H2 200 input.js Show response
shopper.shop.pe/ 26 KB
9 KB 36ms
9ms Script
application/javascript 35.190.54.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper.shop.pe/input.js
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.54.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bc1f719ad8a9fb36c5f164463ae53ad79a27e84143b027da42c6ee08021ff399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:09:56 GMT
content-encoding: gzip
age: 14262
x-guploader-uploadid: ADPycdsPjPjvL8se76qgMvXZBM8XBD7Waj_4ClLqq7fe4CWDnsjTZbAhQA6mI0KJw5iP4KObPWLSP_iGKvq3OPkmNSKn0oYA-xzP
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8883
last-modified: Thu, 21 Apr 2022 13:54:28 GMT
server: UploadServer
etag: "59ca2c390b4a140196dd06ead7968dd5"
vary: Accept-Encoding
x-goog-hash: crc32c=BLS7fA==, md5=WcosOQtKFAGW3Qbq15aN1Q==
x-goog-generation: 1650549267910243
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
x-goog-stored-content-length: 8883
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Wed, 06 Jul 2022 13:09:56 GMT

GET
H2 200 iframe Show response
nytrng.com/ Frame 1C0A 414 B
506 B 475ms
163ms Document
text/html 75.2.91.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=2e8ce51e4d1742e3b098be2c5c7e16aa
Requested by: Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=59b59fa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.91.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a954c1fc80b8251dc.awsglobalaccelerator.com
Software: gunicorn /
Resource Hash: ffe2a125952904943e58f59fedf5be5549adb44ea16a92ed10568b1d20d2b068

Request headers

Referer: https://thegutrehab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 414
content-type: text/html; charset=utf-8
date: Wed, 06 Jul 2022 13:07:38 GMT
server: gunicorn

HEAD
H3 200 consent Show response
shop.pe/query/datareg/ 0
25 B 126ms
116ms XHR
text/html 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/query/datareg/consent

Requested by

Host: shopper.shop.pe
URL: https://shopper.shop.pe/input.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:07:38 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version: 47
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: deny
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: HEAD, GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Data-Regulation-Gdpr-Enforced
content-security-policy: frame-ancestors none;
access-control-allow-headers: X-Requested-With, Content-Type, Data-Regulation-Gdpr-Enforced

GET
H2 200 pl.2.2.min.js Show response
cdn.nytrng.com/ Frame 1C0A 0
337 B 40ms
8ms Script
text/plain 143.204.215.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nytrng.com/pl.2.2.min.js
Requested by: Host: nytrng.com
URL: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=2e8ce51e4d1742e3b098be2c5c7e16aa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-66.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nytrng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 00:28:41 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jul 2019 16:57:19 GMT
server: AmazonS3
age: 1859938
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
x-amz-version-id: null
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: text/plain
content-length: 0
x-amz-cf-id: vuLwGdv4tBSVNoamRTmVZ5YBYNn-0hWFs5EeTNHG99pKxgL9dRoQBw==

GET
H3 200 pixel.png Show response
shopper.shop.pe/ 609 B
638 B 19ms
9ms XHR
image/png 35.190.54.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper.shop.pe/pixel.png?data=eyJhY3RpdmVfY2FydCI6dHJ1ZSwiY3VzdG9tX3ZhbHVlcyI6eyJhc19uZXR3b3JrIjp0cnVlfSwiaWRzaG9wcGVyIjoiNjFiNzYzMjQ3M2VmYzM3MWNmYmJmZGY5Iiwic2Vzc2lvbl9pZCI6IjJlOGNlNTFlNGQxNzQyZTNiMDk4YmUyYzVjN2UxNmFhIiwiZGF0YXJlZ19nZHByX2NvbnNlbnRlZCI6ZmFsc2V9
Requested by: Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=59b59fa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.54.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 12:35:48 GMT
age: 1913
x-guploader-uploadid: ADPycduk1dOhab2c1YDEQn1hAzGYx4WD3h1_zqoOu7nQ9Tq57huxK1UAk0Jbe0J15mgQQEJuGm4zexaM5O1ZzCDmtst795k1w2j-
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 609
last-modified: Wed, 20 Sep 2017 16:12:07 GMT
server: UploadServer
etag: "6802175f61adc40617e8ba87a30aa6bd"
x-goog-hash: crc32c=Yf0PfA==, md5=aAIXX2GtxAYX6LqHowqmvQ==
x-goog-generation: 1505923927946539
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 609
accept-ranges: bytes
content-type: image/png
expires: Wed, 06 Jul 2022 13:35:48 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www2.thegutrehab.com/proxy/funnel/stats/alternsave	1969-12-31 23:59:59	Name: gdpr Value: 1
www2.thegutrehab.com/fst/aff_tr_directpl_qqq	1969-12-31 23:59:59	Name: gdpr Value: 1
thegutrehab.com/220418a/pl/css	1969-12-31 23:59:59	Name: gdpr Value: 1
thegutrehab.com/220418a/pl	1969-12-31 23:59:59	Name: gdpr Value: 1
www2.thegutrehab.com/assets/js	1969-12-31 23:59:59	Name: gdpr Value: 1
thegutrehab.com/theme/js	1969-12-31 23:59:59	Name: gdpr Value: 1
thegutrehab.com/theme	1969-12-31 23:59:59	Name: gdpr Value: 1
www2.thegutrehab.com/cid	1969-12-31 23:59:59	Name: gdpr Value: 1
www2.thegutrehab.com/fst	1969-12-31 23:59:59	Name: gdpr Value: 1
.track.roinattrack.com/	1970-01-20 04:19:59	Name: 70898205-677f-4109-8f21-2eb6b76615f2-v4 Value: BSyzEdBP08rxLybawFxFt02dxsKkEAy92a5E0d8qjWs
.track.roinattrack.com/	1970-01-20 13:04:08	Name: cc-v4 Value: 9jEZX4M7O1dCgn5YNs0%2BBqf3dsfo387kxN53e5VLM2dt9c28ccgZEeD7b8lSf%2Fir%2FICMrSMPCV2%2FWdzLwugHh5Jlp%2BS8%2BYIzr%2BbbSroyzjUFGohzUu5CSjy%2B1Gfi2BXHLw4LbVIpP%2FLzcc%2BTgelJLw%3D%3D
www.gdrytrk.com/	1970-01-20 04:19:59	Name: uniqueClick_2L7GN6P Value: 24accddb-a7dc-4fbd-9299-ac7043932720:1657112855
www.gdrytrk.com/	1970-01-20 06:28:08	Name: transaction_id Value: 48cfea177f7b47abafca90c594b8135a
.thegutrehab.com/	1970-01-20 06:28:08	Name: _gcl_au Value: 1.1.1695138055.1657112858
.thegutrehab.com/	1970-01-20 04:28:37	Name: alternaiGuestId Value: aedc062b-1012-4f79-a7db-d4ce9fdd1e96,thegutrehab.com,,blob:https:
.thegutrehab.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .thegutrehab.com
.thegutrehab.com/	1970-01-20 21:49:44	Name: _lc2_fpi Value: 87e4200bd901--01g79sz33czkgg7jtswafd8rea
.thegutrehab.com/	1970-01-20 21:49:44	Name: _ga_PCDR074HFD Value: GS1.1.1657112857.1.0.1657112857.60
.thegutrehab.com/	1970-01-20 21:49:44	Name: _ga Value: GA1.1.1087949483.1657112858
.krxd.net/	1970-01-20 08:37:44	Name: _kuid_ Value: O8OZ2KlJ
.krxd.net/	1970-01-20 04:21:25	Name: e_NqKvCG4b^company_id\|4772303201 Value: 1657112857
www2.thegutrehab.com/	1969-12-31 23:59:59	Name: gdpr Value: 1
.liadm.com/	1970-01-20 21:49:44	Name: lidid Value: 268dff07-bf2a-4996-8f6b-03c0579ad129
shop.pe/	1970-01-21 04:18:32	Name: addshoppers Value: "2\|1:0\|10:1657112858\|11:addshoppers\|44:MmU4Y2U1MWU0ZDE3NDJlM2IwOThiZTJjNWM3ZTE2YWE=\|c7913d99ed2e57b6f7e9ed386a5ea0677eff1bf3e96599d70bcade1be5f70610"
thegutrehab.com/	1970-01-21 04:18:32	Name: addshoppers.com Value: 2%7C1%3A0%7C10%3A1657112858%7C15%3Aaddshoppers.com%7C44%3AMmU4Y2U1MWU0ZDE3NDJlM2IwOThiZTJjNWM3ZTE2YWE%3D%7C9199233e107bfdcd331fabac7abc3bad31800aeb53321bc1d8b2cbe42f31ede5

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://link.dsctrk.com/conversion.gif?et=prelander Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addshoppers.s3.amazonaws.com
b-code.liadm.com
beacon.krxd.net
cdn.gundrymd.com
cdn.nytrng.com
d3rr3d0n31t48m.cloudfront.net
link.dsctrk.com
nytrng.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
shop.pe
shopper.shop.pe
stats.g.doubleclick.net
thegutrehab.com
track.roinattrack.com
www.gdrytrk.com
www.google.de
www.googletagmanager.com
www.upsellit.com
www2.thegutrehab.com
143.204.215.66
143.204.215.89
18.193.209.105
18.195.149.11
2001:4860:4802:34::36
2600:1f18:730:b130:4c96:5596:18cd:cf5
2600:9000:2057:d200:8:8845:1500:93a1
2606:4700:4400::6812:21d9
2606:4700:4400::ac40:93c2
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2008
2a00:1450:400c:c07::9b
34.107.202.36
34.117.39.58
35.190.54.17
35.227.244.1
52.216.65.48
52.4.135.4
54.170.181.87
75.2.91.175
011c82a7d5e9cbd4e07925904252c3102fb2160e7e480fb4fe58e3cf2e31ef61
0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170
11cf6f8d61cb030b32ca8725d83518499fec39584e25fdafea23798c1394674f
16eb653a63887080d36639336638d21e130ca7b70aef03ae6e2ae6f69e535320
16fdac438856bdb0e8fb206038b063cf5e92154fe8dc73ceb47a5e600d8a0f55
18d1f0efe60c6703f36bda6174f82cbd96a6486d619bbcea48c5b187854040bb
380ef284cc9c44f82f786f246a822011a779932c9cd2ee34c451182ec2952468
3c5cf7cd49b559f21197c03dfc999bcaabc8fc09ba7f9d2d8e5d923529df5610
45be41bfa1dc1ec0f712bbe1f194d9f853830cc1f10e5f6dc389beb63f7ab407
4db9985ecc7b624791fecec1cdebb57313b3dad2b8de4c447e0e90b114e12696
520173313ed63cdcfd7868af5789e759d4448b9b59ded673fe57da2e75b0c18c
521724206d4c7eb14981b5623b34995e760cc3610e1b5eaf30648bab1b30d5eb
5269df070cb6c2a14f21520998832ef328235d5941b1af04d5858cba2e758e58
63edea6f9f37fdd78bd898b2dcd13d68511e1ac366d3c2608f786c7a5232777f
6fd1ac5f74a58bfb9c87e4675ef3f6154980c81333fd89b13a3999135bfb4f52
83c4a5e9bfed78d9ac7fc6be2bf6a7d9387c8a9100b3c5d9e674499dc2c8051c
8b851bd3a93d18841897b546cd7406369bef400dab8f8ddaa70cbe6a7b571689
8d717f6a04f79ba6dc86daa5d95885e79e67c048a54fe61e87dabd5af755cef1
9710b24243a15f095dfa868f577880046436f4a36a4e5e924cc1dbf3f085358c
a72ae0479994166d649585835db42a71c47cfbd7abaac259e6e0718de9515774
ad790ffc3ef7a0308929c61f2b494b8bf0fde88e97640c7432d7d48ad8fd7328
b5b1625932b3d2b242b95c8680756c5d79135956bb1f6fd0b9544261a9d56389
b87c522688726e0172569cb2baf1973674d560fc9c16e1fafe56724066c71142
bb9bb101e17f0cd0adbd100fdd144427b1fbe061a029a901b784a9ae621e8b5e
bc1f719ad8a9fb36c5f164463ae53ad79a27e84143b027da42c6ee08021ff399
c013c0c8e577c57774e5e5d287aad5194d3ed4383811776e2a36802d3e3c14ed
c5ea387768f404e9973c3d408cae3f2a4f7fec174febf1e6efa4904086355c81
c89f9f5b2138a96cd73e68c338a8eb0a6fcd4de2505de0140a20b836de6ec41d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7645e843621a446e7333f854f2311d810ee36357ec05284861ac66f95b1c1d9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f1b034acc8689c02813267d500a7f3bc1d8f96262077ff5a74a9d8832a0ce666
f2dba484f8c0d017cd19da12d005ef0ba28e6978e9318797ec3de7f85cd3c34f
ffe2a125952904943e58f59fedf5be5549adb44ea16a92ed10568b1d20d2b068

thegutrehab.com Open in urlscan Pro 2606:4700:4400::ac40:93c2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

96 %HTTPS

40 %IPv6

16 Domains

21 Subdomains

18 IPs

4 Countries

859 kBTransfer

1647 kBSize

25 Cookies

3 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

thegutrehab.com Open in urlscan Pro
2606:4700:4400::ac40:93c2 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

96 %
HTTPS

40 %
IPv6

16
Domains

21
Subdomains

18
IPs

4
Countries

859 kB
Transfer

1647 kB
Size

25
Cookies

45 HTTP transactions
0 data transactions