www2.gundrymd.com Open in urlscan Pro
2606:4700::6812:3c1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fightleakygut.com/
Effective URL:
https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-em...
Submission: On April 11 via api (April 11th 2023, 6:26:12 pm UTC) from US — Scanned from DE

Summary HTTP 104 Redirects Behaviour Indicators

Summary

This website contacted 54 IPs in 10 countries across 45 domains to perform 104 HTTP transactions. The main IP is 2606:4700::6812:3c1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www2.gundrymd.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 28th 2022. Valid for: a year.

This is the only time www2.gundrymd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::6815:2990	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 29	2606:4700::68... 2606:4700::6812:3c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	34.117.39.58 34.117.39.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	52.50.253.161 52.50.253.161	16509 (AMAZON-02) (AMAZON-02)
1 5	35.227.244.1 35.227.244.1	15169 (GOOGLE) (GOOGLE)
3	18.66.122.52 18.66.122.52	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:21f... 2600:9000:21f3:d600:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	54.214.43.55 54.214.43.55	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::10 2a02:2638:d::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	104.18.37.231 104.18.37.231	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.144.208 172.64.144.208	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:2c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	52.217.174.169 52.217.174.169	16509 (AMAZON-02) (AMAZON-02)
2	35.190.54.17 35.190.54.17	15169 (GOOGLE) (GOOGLE)
1	99.83.128.14 99.83.128.14	16509 (AMAZON-02) (AMAZON-02)
1 2	3.122.65.10 3.122.65.10	16509 (AMAZON-02) (AMAZON-02)
2 2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
1	88.221.168.23 88.221.168.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.58.179.181 52.58.179.181	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.152 185.86.138.152	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	63.33.154.254 63.33.154.254	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1 2	52.19.94.146 52.19.94.146	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.197.183.248 18.197.183.248	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4216:9abd:bdd2:b3e3:4fec	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	2.18.128.46 2.18.128.46	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.155.81.193 54.155.81.193	16509 (AMAZON-02) (AMAZON-02)
1	3.132.49.211 3.132.49.211	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.76 18.66.97.76	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6812:1b75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
104	54

1 2606:4700:3032::6815:2990 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fightleakygut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700::6812:3c1 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www2.gundrymd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.gundrymd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.39.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.39.117.34.bc.googleusercontent.com

www.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.50.253.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-253-161.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.227.244.1 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 1.244.227.35.bc.googleusercontent.com

shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.122.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-52.fra60.r.cloudfront.net

d3rr3d0n31t48m.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:d600:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.214.43.55 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-214-43-55.us-west-2.compute.amazonaws.com

app.leadsrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.37.231 (None, )

ASN13335 (CLOUDFLARENET, US)

gundrymd.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.144.208 (United States)

ASN13335 (CLOUDFLARENET, US)

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:2c1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gundrymd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.174.169 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

addshoppers.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.54.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.54.190.35.bc.googleusercontent.com

shopper.shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.128.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: a954c1fc80b8251dc.awsglobalaccelerator.com

nytrng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.65.10 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-65-10.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.82 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.179.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-179-181.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.154.254 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-154-254.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.94.146 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-94-146.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.183.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-183-248.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:9abd:bdd2:b3e3:4fec (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.128.46 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-128-46.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.81.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-81-193.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.132.49.211 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-49-211.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-76.fra56.r.cloudfront.net

cdn.nytrng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1b75 (United States)

ASN13335 (CLOUDFLARENET, US)

stat.youniverssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	gundrymd.com 2 redirects www2.gundrymd.com cdn.gundrymd.com — Cisco Umbrella Rank: 230702	4 MB
11	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3638 gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2381 sslwidget.criteo.com — Cisco Umbrella Rank: 1825 widget.us.criteo.com — Cisco Umbrella Rank: 18056 dis.criteo.com — Cisco Umbrella Rank: 718	29 KB
7	shop.pe 1 redirects shop.pe — Cisco Umbrella Rank: 9964 shopper.shop.pe — Cisco Umbrella Rank: 12202 app.shop.pe — Cisco Umbrella Rank: 12919	12 KB
5	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 3895 gundrymd.attn.tv	40 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 secure.adnxs.com — Cisco Umbrella Rank: 429	4 KB
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 100 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	1 KB
3	youniverssl.com stat.youniverssl.com — Cisco Umbrella Rank: 708447	17 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 4000	718 B
3	cloudfront.net d3rr3d0n31t48m.cloudfront.net	53 KB
3	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 611	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	292 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 676	880 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 215	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1416	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 302	509 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 323	877 B
2	nytrng.com nytrng.com — Cisco Umbrella Rank: 7018 cdn.nytrng.com — Cisco Umbrella Rank: 23098	835 B
2	amazonaws.com addshoppers.s3.amazonaws.com — Cisco Umbrella Rank: 15074	6 KB
2	leadsrx.com app.leadsrx.com — Cisco Umbrella Rank: 11761	19 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5216	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	gstatic.com fonts.gstatic.com	23 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1951	268 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2254	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4239	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 27532	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2368	406 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 733	581 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 720	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1310	884 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2776	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 437	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 935	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1297	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 387	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1982	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1246	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 604	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 533	360 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 340	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 616	802 B
1	attentivemobile.com events.attentivemobile.com — Cisco Umbrella Rank: 3633	179 B
1	upsellit.com www.upsellit.com — Cisco Umbrella Rank: 11891	20 KB
1	fightleakygut.com 1 redirects fightleakygut.com	728 B
104	45

	Domain	Requested by
23	www2.gundrymd.com	2 redirects www2.gundrymd.com
7	cdn.gundrymd.com	www2.gundrymd.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
4	shop.pe	1 redirects d3rr3d0n31t48m.cloudfront.net www2.gundrymd.com
3	stat.youniverssl.com	www2.gundrymd.com stat.youniverssl.com
3	cdn.attn.tv	www.googletagmanager.com cdn.attn.tv
3	d3rr3d0n31t48m.cloudfront.net	www2.gundrymd.com shop.pe
3	beacon.krxd.net	www2.gundrymd.com
3	fonts.googleapis.com	www2.gundrymd.com
3	www.googletagmanager.com	www2.gundrymd.com www.googletagmanager.com
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	cm.g.doubleclick.net	2 redirects
2	x.bidswitch.net	1 redirects
2	shopper.shop.pe	shop.pe www2.gundrymd.com
2	addshoppers.s3.amazonaws.com	d3rr3d0n31t48m.cloudfront.net
2	gundrymd.attn.tv	www2.gundrymd.com
2	region1.analytics.google.com	www.googletagmanager.com
2	app.leadsrx.com	www2.gundrymd.com
2	www.google.de	www2.gundrymd.com
2	stats.g.doubleclick.net	www2.gundrymd.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www2.gundrymd.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.nytrng.com	nytrng.com
1	s.thebrighttag.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	nytrng.com	d3rr3d0n31t48m.cloudfront.net
1	app.shop.pe	www2.gundrymd.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com	www2.gundrymd.com
1	events.attentivemobile.com	cdn.attn.tv
1	dynamic.criteo.com	www.googletagmanager.com
1	www.google.com	www2.gundrymd.com
1	www.upsellit.com	www.googletagmanager.com
1	fightleakygut.com	1 redirects
104	58

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-28` - `2023-05-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.upsellit.com RapidSSL TLS RSA CA G1	`2022-10-04` - `2023-10-04`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
*.attn.tv Amazon RSA 2048 M01	`2023-02-22` - `2023-05-02`	2 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.leadsrx.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-05` - `2023-05-06`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
attn.tv Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-02-29`	a year	crt.sh
attentivemobile.com Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-02-29`	a year	crt.sh
*.shop.pe RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-10` - `2023-08-10`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
nytrng.com Amazon RSA 2048 M02	`2023-03-25` - `2024-04-22`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
itm.ivitrack.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M02	`2023-02-10` - `2023-07-01`	5 months	crt.sh
*.nytrng.com Amazon RSA 2048 M01	`2023-02-22` - `2023-10-13`	8 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
Frame ID: 68E6E991D2D48CEE41E9FFF98DFD8AC6
Requests: 69 HTTP requests in this frame

Frame: https://www2.gundrymd.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1681228800
Frame ID: 5B14D2141471E60478431ED2E136A815
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www2.gundrymd.com&origin=onetag
Frame ID: 7DD27DC464884D1499B30DAB004DDCC0
Requests: 2 HTTP requests in this frame

Frame: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=933b9f51632049b185d9f9a17f413f9d
Frame ID: 08E1A7F0C5219D820A476A7F86C36960
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-jhRaQPaS-vveZeuMjdbpzlCpnHZ1fLTf0IAh0w&expires=30
Frame ID: 93E49F1B5C83C7E0D76126BDCBE0F896
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gut Cleanse Protocol

Page URL History Show full URLs

http://fightleakygut.com/ HTTP 301
https://www2.gundrymd.com/cid/7013w000001vIl6AAE HTTP 302
https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq?business_unit=a00f400000dk8tnaab&... HTTP 301
https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

104
Requests

87 %
HTTPS

28 %
IPv6

45
Domains

58
Subdomains

54
IPs

10
Countries

4146 kB
Transfer

46156 kB
Size

64
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fightleakygut.com/ HTTP 301
https://www2.gundrymd.com/cid/7013w000001vIl6AAE HTTP 302
https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email HTTP 301
https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://shop.pe/widget/widget_async.js HTTP 301
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

Request Chain 58

https://gum.criteo.com/sid/json?origin=onetag&domain=gundrymd.com&sn=ChromeSyncframe&so=0&topUrl=www2.gundrymd.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=i-eHHHxDbFNBN2h5VVdBOEZUMVg5VjJzVGJROXA5OHdxOVkzOFFXYnQ4YXBlYmxiU2FlWUtsL2Z3RXB5aGgxb3dpQU5tTEVMV05vdXBqV0w5SFFyeHpNNm9xektESFovUm90MTVOaDVPSU5RS3h2OGJOdDFCeUs0RHNvaVNwb3JUb3ZsbDMxejQ2ZHFIOFpWelBzRUlOOERBQ09KSjE4WEtndGNOZVU1Z3huSHMzYVlneDRBaFora282WWpIQzQzOGNPV294dnlWZG1vRElXNHpnejFwU1hIcUxIL0o0d05EQWQ4YmJpVVhpVUlpcXAzdEt6WFB6cFJkZVpobzJJVHJBTitDeHRvZmpnQ1BlUFRBVVB4TWw2dk5wQT09fA&cppv=2

Request Chain 61

https://sslwidget.criteo.com/event?a=34370&v=5.15.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvp%26p%3Dundefined%26tms%3Dcustom-guide&p3=e%3Dvp%26p%3Dundefined%26tms%3Dcustom-guide&p4=e%3Ddis&adce=1&bundle=Lcu2rV9GMGtKWmJndFRGbW5LTTlWaW5EVDRCYjhGS1VaV1VYaUM1cXZjcVdwdUJrJTJCdmZFQ2lYSGg2ekNhM0ZNJTJCdGxkSmN5MmhaZ0F4dVNTVVU5azZqaUlGeUxwSVVFJTJGcnBqbVM4cUwwRVgyRmxVVmd3dCUyRllDTmhtSmhRM1BKamNFN1hwQXRqQSUyQnFuaVBtSXJFeTA5MzRzdTBRJTNEJTNE&tld=gundrymd.com&dy=1&fu=https%253A%252F%252Fwww2.gundrymd.com%252Fos210331a_ap%253Fbusiness_unit%253Da00f400000dk8tnaab%2526utm_campaign%253Dgmd-email-magazine-biocomplete3-advertorial%2526utm_campaign_id%253D7013w000001vIl6AAE%2526utm_source%253Demail%2526sessionid%253D514341940131%2526uid%253Demail_bc3_210407_dos_qqq%2526dsid%253Da0v3w00000LpvDhAAJ%2526step%253D1&ceid=c9a16829-d77e-4ad1-bb54-ec5dece5a8de&dtycbr=55369 HTTP 302
https://widget.us.criteo.com/event?a=34370&v=5.15.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvp%26p%3Dundefined%26tms%3Dcustom-guide&p3=e%3Dvp%26p%3Dundefined%26tms%3Dcustom-guide&p4=e%3Ddis&adce=1&bundle=Lcu2rV9GMGtKWmJndFRGbW5LTTlWaW5EVDRCYjhGS1VaV1VYaUM1cXZjcVdwdUJrJTJCdmZFQ2lYSGg2ekNhM0ZNJTJCdGxkSmN5MmhaZ0F4dVNTVVU5azZqaUlGeUxwSVVFJTJGcnBqbVM4cUwwRVgyRmxVVmd3dCUyRllDTmhtSmhRM1BKamNFN1hwQXRqQSUyQnFuaVBtSXJFeTA5MzRzdTBRJTNEJTNE&tld=gundrymd.com&dy=1&fu=https%253A%252F%252Fwww2.gundrymd.com%252Fos210331a_ap%253Fbusiness_unit%253Da00f400000dk8tnaab%2526utm_campaign%253Dgmd-email-magazine-biocomplete3-advertorial%2526utm_campaign_id%253D7013w000001vIl6AAE%2526utm_source%253Demail%2526sessionid%253D514341940131%2526uid%253Demail_bc3_210407_dos_qqq%2526dsid%253Da0v3w00000LpvDhAAJ%2526step%253D1&ceid=c9a16829-d77e-4ad1-bb54-ec5dece5a8de&dtycbr=55369

Request Chain 67

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-jhRaQPaS-vveZeuMjdbpzlCpnHZ1fLTf0IAh0w&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-jhRaQPaS-vveZeuMjdbpzlCpnHZ1fLTf0IAh0w&expires=30

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-q3IRevaS-vveZeuMjdbpzlCpnHb90rh3xva09Q&google_cm&google_hm=ay1xM0lSZXZhUy12dmVaZXVNamRicHpsQ3BuSGI5MHJoM3h2YTA5UQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-q3IRevaS-vveZeuMjdbpzlCpnHb90rh3xva09Q&google_cm=&google_hm=ay1xM0lSZXZhUy12dmVaZXVNamRicHpsQ3BuSGI5MHJoM3h2YTA5UQ&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-q3IRevaS-vveZeuMjdbpzlCpnHb90rh3xva09Q&google_gid=CAESEOsQqamWor6Su_gUPqzNBpQ&google_cver=1&google_ula=913071,0

Request Chain 69

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3698594724096122541

Request Chain 70

https://secure.adnxs.com/setuid?entity=52&code=k-QHuNB_aS-vveZeuMjdbpzlCpnHakZFJgKIZZpQ HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QHuNB_aS-vveZeuMjdbpzlCpnHakZFJgKIZZpQ

Request Chain 78

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-NAESmvaS-vveZeuMjdbpzlCpnHZhVZkDRuEZ7A HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-NAESmvaS-vveZeuMjdbpzlCpnHZhVZkDRuEZ7A&verify=true

Request Chain 81

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DQ1c9vaS-vveZeuMjdbpzlCpnHZqGazmWy-KyA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DQ1c9vaS-vveZeuMjdbpzlCpnHZqGazmWy-KyA&C=1

Request Chain 82

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=o5oDBBzkJqD4u2PytqkqrEY7kkWM22wl HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=o5oDBBzkJqD4u2PytqkqrEY7kkWM22wl

Request Chain 84

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-CxJhs_aS-vveZeuMjdbpzlCpnHZ7KljHPZ4yNA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-CxJhs_aS-vveZeuMjdbpzlCpnHZ7KljHPZ4yNA

Request Chain 94

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pLQXIU-r9wlRO2eLiZC5cNgV_FVsiU2b

Request Chain 95

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=3UQOc8T_VJ3GDiihLMBCkj0VqdDZVQxW

104 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/
Redirect Chain

http://fightleakygut.com/
https://www2.gundrymd.com/cid/7013w000001vIl6AAE
https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm...
https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&ut...

37 KB
15 KB

460ms
460ms

Document
text/html

2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

237862a2fcb4a1cb316733cbdb5100ac65ce88cf56cf67ea163f542b5fe816b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-apo-via: origin,host
cf-cache-status: MISS
cf-ray: 7b6546925ade3655-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 11 Apr 2023 18:26:03 GMT
expires: Tue, 11 Apr 2023 19:26:03 GMT
last-modified: Tue, 11 Apr 2023 07:45:11 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-apo-via: origin,host
cf-cache-status: EXPIRED
cf-ray: 7b6546918acb2c26-FRA
content-security-policy: default-src 'none'
content-type: text/html; charset=UTF-8
date: Tue, 11 Apr 2023 18:26:03 GMT
expires: Tue, 11 Apr 2023 19:26:03 GMT
location: /fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 process_env.js Show response
www2.gundrymd.com/ 1 KB
1 KB 146ms
146ms Script
application/javascript 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/process_env.js?ver=41120237

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd5ff3eb67b8c86e485b83d240d9c25749d1a820e85f7137b78bdf8d3bb9bd33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:03 GMT
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Apr 2023 18:01:13 GMT
server: cloudflare
etag: W/"4d4-187717a9d57"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: private, no-cache, max-age = 0
cf-ray: 7b6546956f6b3655-FRA

GET
H3 200 polyfills.js Show response
www2.gundrymd.com/build/ 94 KB
34 KB 136ms
136ms Script
application/javascript 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/build/polyfills.js?ver=41120237

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

394867e02ba0cd9a4779459a8e933387b0bb9e2a7ad14f2ee63aca19d2da3c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=96745
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 07 Apr 2023 21:48:43 GMT
server: cloudflare
etag: W/"179e9-1875db17278"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 7b6546956f6e3655-FRA
expires: Tue, 11 Apr 2023 19:26:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 583 KB
123 KB 690ms
157ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d5cb9e4d99fccd74b9013691c88a04c41cec517eddde2c2985be8aa2dcf6f8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125547
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Apr 2023 18:26:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 371 KB
90 KB 614ms
81ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WLKKPD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75bc09906e5e97f2b427bffcaa560f73772ea0fe387507d1423abdc15915cc7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91800
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Apr 2023 18:26:04 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
981 B 582ms
50ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@600;900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ab431b25bc022e066b75d1153f0d13be5f7a8708d57f689db14adc636bf0073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 18:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 18:26:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 18:26:04 GMT

GET
H2 200 gundry-logo.jpg
cdn.gundrymd.com/images/ 3 KB
4 KB 226ms
192ms Image
image/webp 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gundrymd.com/images/gundry-logo.jpg
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a2914b51918db5968e25efb198b1b94e9be28dd3356751255544954e8f29df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:04 GMT
x-amz-version-id: f5O95PO0dAG8oDPyOnnSLZ0MSkXFCEZW
cf-cache-status: HIT
x-amz-request-id: 3MDQ9KD71MJ58MY3
cf-polished: qual=85, origFmt=jpeg, origSize=4571
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="gundry-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3280
x-amz-id-2: /u46tTOPVf9ek2EHFtCnpdI2ikWQhaCSY07t2167THlp8hbbH1Gk8885K4XNdxU6e/Kf5l1mkqI=
cf-bgj: imgq:85,h2pri
last-modified: Mon, 30 Jan 2023 22:04:40 GMT
server: cloudflare
etag: "6534b079e432031ab72ea0beb4411445"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 7b6546969ab02c26-FRA
expires: Tue, 11 Apr 2023 19:26:04 GMT

GET
H3 200 fst_abbrev_funnel_confs.js Show response
www2.gundrymd.com/ 20 MB
1 MB 151ms
151ms Script
application/javascript 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/fst_abbrev_funnel_confs.js?ver=41120237

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1b667a8f71f8baeee181d61de4615e16ea8de691d471bb121f5b9988ef03cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:04 GMT
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: MISS
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Apr 2023 10:36:24 GMT
server: cloudflare
etag: W/"13a9a0c-1876fe35d3b"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 7b65469658c63655-FRA
expires: Tue, 11 Apr 2023 19:26:04 GMT

GET
H3 200 main.css
www2.gundrymd.com/build/ 18 MB
1 MB 294ms
294ms Stylesheet
text/css 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/build/main.css?ver=41120237

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=19392222
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 07 Apr 2023 21:48:09 GMT
server: cloudflare
etag: W/"127e6de-1875db0eda8"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 7b6546983bd53655-FRA
expires: Tue, 11 Apr 2023 19:26:04 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
522 B 290ms
60ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 18:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 18:26:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 18:26:04 GMT

GET
H3 200 countries.js Show response
www2.gundrymd.com/ 2 KB
2 KB 124ms
124ms Script
application/javascript 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/countries.js?ver=41120237

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff9de73b7a09cb0423bb961843c2c76a15f04897ccb418adb6710c18bf7f9a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=2477
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 15:56:34 GMT
server: cloudflare
etag: W/"9ad-18771087ec5"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 7b65469ab8b93655-FRA
expires: Tue, 11 Apr 2023 19:26:04 GMT

GET
H2 200 goldenhippo.jsp Show response
www.upsellit.com/active/ 83 KB
20 KB 55ms
17ms Script
application/x-javascript 34.117.39.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upsellit.com/active/goldenhippo.jsp

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.39.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.39.117.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a937099ba970d226b1685debdd89e67a0988aee19add0aa182a0b8b33a4dd49e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
date: Tue, 11 Apr 2023 17:10:26 GMT
server: nginx
age: 4538
vary: Accept-Encoding
content-type: application/x-javascript;charset=ISO-8859-1
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20286
expires: Wed, 12 Apr 2023 17:10:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Apr 2023 18:05:10 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1254
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 11 Apr 2023 20:05:10 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
458 B 106ms
27ms Image
text/plain 52.50.253.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=NqKvCG4b&event_type=default&company_id=4772303201
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.253.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-253-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: beacon-n021-dub-prod.krxd.net
date: Tue, 11 Apr 2023 18:26:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=47 t=1681237564
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 request-ip Show response
www2.gundrymd.com/ 60 B
464 B 146ms
145ms Script
application/javascript 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/request-ip

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2f191036d844a4cac18f4c1f77b33b2e1d2318b1360b7674e431313bd94cac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:05 GMT
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"3c-KO0LtkDYMPm0yXKc/ldWYeizet4"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, max-age = 0
cf-apo-via: origin,host
cf-ray: 7b65469c7c6e3655-FRA

GET
H3 200 getsession Show response
www2.gundrymd.com/proxy/utils/ 0
411 B 165ms
165ms XHR
application/octet-stream 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/proxy/utils/getsession

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
x-brand: Gundry MD
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (e46a9e002bdb), 1.1 spaces-router (e46a9e002bdb)
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-expose-headers: X-Brand
access-control-allow-credentials: true
cf-apo-via: origin,host
cf-ray: 7b65469c7c7d3655-FRA

GET
H3 200 bundle.js Show response
www2.gundrymd.com/build/ 4 MB
746 KB 132ms
132ms Script
application/javascript 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/build/bundle.js?ver=41120237

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e63d431b85ce83e2bb4b21a6c629774ee7e35bddaed03d2769c906a21435d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=4631679
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 07 Apr 2023 21:50:19 GMT
server: cloudflare
etag: W/"46ac7f-1875db2e978"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 7b65469c9cb93655-FRA
expires: Tue, 11 Apr 2023 19:26:05 GMT

GET
H3 200 invisible.js Show response
www2.gundrymd.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 5B14 29 KB
13 KB 17ms
17ms Script
application/javascript 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.gundrymd.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1681228800
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c19db965c27b08acf4b7f56802f21f1635691dbaf8bfdd0fcc79610c0197a06

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:04 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7b65469cdd0b3655-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

widget_async.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/
Redirect Chain

https://shop.pe/widget/widget_async.js
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

2 KB
1 KB

44ms
7ms

Script
application/javascript

18.66.122.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
Protocol: H2
Server: 18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29f8b5e76198a5cf0d4ae4012f89fca455ecebe7fc4fc7b8b4bc73ea5b064ed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 17:35:25 GMT
content-encoding: gzip
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 3041
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 906
last-modified: Mon, 03 Apr 2023 14:33:56 GMT
server: AmazonS3
etag: "631275ac472c831119d3b5499b4fa3a0"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: Cesj2asEnRJlIRK8k-HW9WNWaArl1XBBdymYTB2Xbsa1ipLL83KvNA==
x-amz-meta-mtime: 1680532433.86

Redirect headers

date: Tue, 11 Apr 2023 18:26:05 GMT
content-security-policy: frame-ancestors none;
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
server: nginx
x-frame-options: deny
content-type: text/html
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178

GET
H2 200 dtag.js Show response
cdn.attn.tv/gundrymd/ 5 KB
3 KB 1359ms
1331ms Script
text/javascript 2600:9000:21f3:d600:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/gundrymd/dtag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WLKKPD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a911d7ec96edb167bb0e244f1ffc3724fe94592a1a23e587a53925ae8c5c6363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: stXug_jW.dU0YpP0ywzdCx4etIpxSm6G
content-encoding: gzip
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
date: Tue, 11 Apr 2023 18:26:07 GMT
last-modified: Wed, 23 Nov 2022 20:29:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"d65fcb4182213449623b0e095015a6fb"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=120
x-amz-replication-status: COMPLETED
x-amz-cf-id: _E0kiJ0ATEXQmh5WJ3QUKagYQHR_3CIULOsLmFZPNWROCczjQ-4CNQ==

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
520 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/main.css?ver=41120237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ced828274fbe5f7845745497072193c07068f2fe8b03c4a647defcfd2def4c97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 18:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 17:10:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 18:26:05 GMT

GET
H3 200 pica.js
www2.gundrymd.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 5B14 7 KB
3 KB 14ms
14ms Other
application/javascript 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.gundrymd.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481f9c82fdf1edadf769daa32b26dac35c052864cf602c7d48fb045d30ae4eb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:05 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7b65469ed85a3655-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 45ms
45ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=343998780&t=pageview&_s=1&dl=https%3A%2F%2Fwww2.gundrymd.com%2Ffst%2Fos210407_ap-email_biocomplete3_dos_qqq%2F%3Fbusiness_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-email-magazine-biocomplete3-advertorial%26utm_campaign_id%3D7013w000001vIl6AAE%26utm_source%3Demail&dp=%2Ffst%2Fos210407_ap-email_biocomplete3_dos_qqq%2F&ul=en-us&de=UTF-8&dt=Gundry%20MD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1292742087&gjid=1958574425&cid=990742926.1681237565&tid=UA-80924995-1&_gid=847186238.1681237565&_r=1&_slc=1&gtm=45He34a0n815PNTFNV&z=275364592

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/polyfills.js?ver=41120237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.gundrymd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www2.gundrymd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 triggerRunner.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 11 KB
4 KB 7ms
7ms Script
application/javascript 18.66.122.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=bbf7e2b
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8970068c0ba0df2ba2996a0f33ae87f66c2c938b57d33bab4fcc1509b0112f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 14:35:16 GMT
content-encoding: gzip
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 705050
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3812
last-modified: Mon, 03 Apr 2023 14:33:56 GMT
server: AmazonS3
etag: "f06f780f214b6c5ba6b70f79412017cd"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
x-amz-cf-id: E-7T0POVEO4R0vrELCCwIf-ArYIVqpJ8cyZHM2hFA8_N3wxZ7Mss6A==
x-amz-meta-mtime: 1680532433.85

GET
H2 200 widget.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 187 KB
48 KB 8ms
7ms Script
application/javascript 18.66.122.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4b562b9
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64c1439951306a2c7e0ac25a7c3a83616c5cf5a0b1b62dc04e0b4b7ca0ff9195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 14:35:16 GMT
content-encoding: gzip
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 705050
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 48511
last-modified: Mon, 03 Apr 2023 14:33:57 GMT
server: AmazonS3
etag: "329863de52ff3e86907080fd837e02c6"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000, public
accept-ranges: bytes
x-amz-cf-id: xatJnIyU9--eCmRLYQys_SzBFFEYw105WuKCKDAMxmw5kwzYE0RqDQ==
x-amz-meta-mtime: 1680532432.2

POST
H3 200 7b6546925ade3655 Show response
www2.gundrymd.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 5B14 2 B
404 B 31ms
31ms XHR
text/plain 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.gundrymd.com/cdn-cgi/challenge-platform/h/b/cv/result/7b6546925ade3655
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1681228800
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 11 Apr 2023 18:26:05 GMT
content-encoding: br
server: cloudflare
cf-ray: 7b6546a08ae13655-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 70ms
18ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-80924995-1&cid=990742926.1681237565&jid=1292742087&gjid=1958574425&_gid=847186238.1681237565&_u=YEBAAAAAAAAAAC~&z=2063870852

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/polyfills.js?ver=41120237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.gundrymd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 11 Apr 2023 18:26:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www2.gundrymd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 setaffparameters Show response
www2.gundrymd.com/proxy/affiliate/ 20 B
517 B 150ms
150ms XHR
application/json 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/proxy/affiliate/setaffparameters

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/polyfills.js?ver=41120237

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email
X-Brand: Gundry MD
accept-language: de-DE,de;q=0.9
XSRF-TOKEN: LAo4ym2g-qKP2dxs2KQs4m9Gc8udebGIm5sg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 11 Apr 2023 18:26:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (e46a9e002bdb), 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.gundrymd.com
access-control-expose-headers: X-Brand
access-control-allow-credentials: true
cf-ray: 7b6546a31eb03655-FRA

POST save
www2.gundrymd.com/proxy/funnel/stats/ 0
0

POST
H3 200 save Show response
www2.gundrymd.com/proxy/funnel/stats/ 16 B
513 B 152ms
152ms XHR
application/json 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/proxy/funnel/stats/save

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/polyfills.js?ver=41120237

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email&sessionid=514341940131
X-Brand: Gundry MD
accept-language: de-DE,de;q=0.9
XSRF-TOKEN: LAo4ym2g-qKP2dxs2KQs4m9Gc8udebGIm5sg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 11 Apr 2023 18:26:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (e46a9e002bdb), 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"10-MxB4y4MLcx6QDsp8b8vgp7iFMFo"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.gundrymd.com
access-control-expose-headers: X-Brand
access-control-allow-credentials: true
cf-ray: 7b6546a31eb83655-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 163ms
78ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-80924995-1&cid=990742926.1681237565&jid=1292742087&_u=YEBAAAAAAAAAAC~&z=1107971483

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 161ms
76ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-80924995-1&cid=990742926.1681237565&jid=1292742087&_u=YEBAAAAAAAAAAC~&z=1107971483

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 save Show response
www2.gundrymd.com/proxy/funnel/stats/ 16 B
446 B 178ms
178ms XHR
application/json 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/proxy/funnel/stats/save

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/polyfills.js?ver=41120237

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.gundrymd.com/fst/os210407_ap-email_biocomplete3_dos_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email&sessionid=514341940131
X-Brand: Gundry MD
accept-language: de-DE,de;q=0.9
XSRF-TOKEN: LAo4ym2g-qKP2dxs2KQs4m9Gc8udebGIm5sg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 11 Apr 2023 18:26:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (e46a9e002bdb), 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"10-MxB4y4MLcx6QDsp8b8vgp7iFMFo"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.gundrymd.com
access-control-expose-headers: X-Brand
access-control-allow-credentials: true
cf-ray: 7b6546a509a33655-FRA

GET
H2 200 visitor.js Show response
app.leadsrx.com/ 18 KB
19 KB 717ms
345ms Script
application/javascript 54.214.43.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.leadsrx.com/visitor.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.214.43.55 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-214-43-55.us-west-2.compute.amazonaws.com

Software

nginx/1.20.1 /

Resource Hash

6b5116bd2cb4809c6634b99a9b1ea0a0aeda596a94817682a0e4811e35eccc58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Apr 2023 12:15:55 GMT
server: nginx/1.20.1
etag: "64354f7b-492f"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 18735

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5MM7TKXSPX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0be5ae816cdb8a53ac29dad2d1fe14d88b22429d3991ee56b06afa0051b2d1b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80663
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Apr 2023 18:26:06 GMT

GET
H3 200 src_components_components_module_ts.js Show response
www2.gundrymd.com/build/ 257 KB
37 KB 198ms
198ms Script
application/javascript 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/build/src_components_components_module_ts.js

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/bundle.js?ver=41120237

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb58a07b80c8e145f1463201fb57d0faaba65642f05e5d277bfa467c16fb09fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/os210331a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email&sessionid=514341940131&uid=email_bc3_210407_dos_qqq&dsid=a0v3w00000LpvDhAAJ&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 07 Apr 2023 21:48:44 GMT
server: cloudflare
etag: W/"403f1-1875db17660"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 7b6546a529d43655-FRA
expires: Tue, 11 Apr 2023 19:26:06 GMT

GET
H3 200 src_pages__brand-pages-base_base-controllers_offer-selector_offer-selector-common_ts.js Show response
www2.gundrymd.com/build/ 17 KB
6 KB 127ms
126ms Script
application/javascript 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/build/src_pages__brand-pages-base_base-controllers_offer-selector_offer-selector-common_ts.js

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/bundle.js?ver=41120237

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39bf9095b84c4ce49ce9138d196838649f73a891b8c7fdc798c1e44a13def43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/os210331a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email&sessionid=514341940131&uid=email_bc3_210407_dos_qqq&dsid=a0v3w00000LpvDhAAJ&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 07 Apr 2023 21:48:44 GMT
server: cloudflare
etag: W/"4430-1875db17660"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 7b6546a529d83655-FRA
expires: Tue, 11 Apr 2023 19:26:06 GMT

GET
H3 200 src_pages_offer-selectors_secure-order210331a_secure-order210331a_module_ts.js Show response
www2.gundrymd.com/build/ 65 KB
14 KB 137ms
137ms Script
application/javascript 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/build/src_pages_offer-selectors_secure-order210331a_secure-order210331a_module_ts.js

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/bundle.js?ver=41120237

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

557d8fb3f9da3c9b70b3c237e2ece069a280469d935671f6d66a336f333d9c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/os210331a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email&sessionid=514341940131&uid=email_bc3_210407_dos_qqq&dsid=a0v3w00000LpvDhAAJ&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:06 GMT
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: MISS
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Apr 2023 21:48:54 GMT
server: cloudflare
etag: W/"1054c-1875db19d70"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 7b6546a529dc3655-FRA
expires: Tue, 11 Apr 2023 19:26:06 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
457 B 28ms
28ms Image
text/plain 52.50.253.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=NqKvCG4b&event_type=default&company_id=4772303201
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/os210331a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email&sessionid=514341940131&uid=email_bc3_210407_dos_qqq&dsid=a0v3w00000LpvDhAAJ&step=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.253.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-253-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: beacon-n021-dub-prod.krxd.net
date: Tue, 11 Apr 2023 18:26:06 GMT
cache-control: private, no-cache, no-store
x-request-time: D=42 t=1681237566
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 unified-tag.js Show response
cdn.attn.tv/tag/4-latest/ 107 KB
37 KB 9ms
9ms Script
application/javascript 2600:9000:21f3:d600:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_17d90e5be2
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/gundrymd/dtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d597f0c52d0263c81aa62e674219ccc9b05d4e9c1b7e534c75560f59cf0f8b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: OO3Kits27a93gb5hqRsn9Jy30D91Fluo
content-encoding: gzip
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
date: Tue, 11 Apr 2023 18:23:39 GMT
x-amz-cf-pop: FRA2-C2
age: 148
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 04 Apr 2023 17:56:14 GMT
server: AmazonS3
etag: W/"8271cbad39f4f8ac1ca9574ef264ad4a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
x-amz-cf-id: XL40RvKrZ199KGAtOSn6AN4WRj11Qm7OLL5lfX7osOWKZKic-Kan1w==

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 44 KB
15 KB 200ms
31ms Script
application/javascript 2a02:2638:d::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=34370

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WLKKPD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d609c83a62594f53440e427446263a44ba4a31c2fe4b39953b12f26cf0e29e4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 63ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5MM7TKXSPX&gtm=45je34a0&_p=343998780&_gaz=1&cid=990742926.1681237565&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681237566&sct=1&seg=0&dl=https%3A%2F%2Fwww2.gundrymd.com%2Fos210331a_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-email-magazine-biocomplete3-advertorial%26utm_campaign_id%3D7013w000001vIl6AAE%26utm_source%3Demail%26sessionid%3D514341940131%26uid%3Demail_bc3_210407_dos_qqq%26dsid%3Da0v3w00000LpvDhAAJ%26step%3D1&dt=Gundry%20MD&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5MM7TKXSPX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www2.gundrymd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 20ms
18ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5MM7TKXSPX&cid=990742926.1681237565&gtm=45je34a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5MM7TKXSPX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www2.gundrymd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 77ms
76ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5MM7TKXSPX&cid=990742926.1681237565&gtm=45je34a0&aip=1&z=947748651

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/os210331a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email&sessionid=514341940131&uid=email_bc3_210407_dos_qqq&dsid=a0v3w00000LpvDhAAJ&step=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
gundrymd.attn.tv/d/ 5 B
276 B 459ms
408ms Fetch
application/json 104.18.37.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gundrymd.attn.tv/d/?attn_vid=bb4fd5dd735a4c43a590fe155ae064d3
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/polyfills.js?ver=41120237
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
cf-ray: 7b6546a66c6335eb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 e
events.attentivemobile.com/ 0
179 B 160ms
117ms Ping
text/plain 172.64.144.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.17.6_fdae194bd6&pd=https%3A%2F%2Fwww2.gundrymd.com%2Fos210331a_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-email-magazine-biocomplete3-advertorial%26utm_campaign_id%3D7013w000001vIl6AAE%26utm_source%3Demail%26sessionid%3D514341940131%26uid%3Demail_bc3_210407_dos_qqq%26dsid%3Da0v3w00000LpvDhAAJ%26step%3D1&u=bb4fd5dd735a4c43a590fe155ae064d3&c=gundrymd&ceid=0xG&lt=1681237566418&tag=modern&cs=1533466536&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1681237566423
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_17d90e5be2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain;charset=UTF-8
x-envoy-upstream-service-time: 1
cf-ray: 7b6546a66fca911e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 gundrymd.attn.tv.js Show response
cdn.attn.tv/growth-tag-assets/client-configs/ 0
384 B 113ms
112ms Script
text/javascript 2600:9000:21f3:d600:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/growth-tag-assets/client-configs/gundrymd.attn.tv.js
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_17d90e5be2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
date: Tue, 11 Apr 2023 01:33:38 GMT
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 60748
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 0
x-amz-cf-id: D--KYlpEVzziDU0zpjBJ5C-3GKOdfsLbyBH6wGpjkbEnfFaj3_Yoyg==

GET
H3 200 phone.png
cdn.gundrymd.com/images/ 368 B
855 B 188ms
188ms Image
image/webp 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gundrymd.com/images/phone.png
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/os210331a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email&sessionid=514341940131&uid=email_bc3_210407_dos_qqq&dsid=a0v3w00000LpvDhAAJ&step=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 500106b3726d2de95d4aabe2539023db34bb562ea126baaf943c7188ee6cc599

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:07 GMT
x-amz-version-id: YhfWF38PRRwZcOOvHTWhry3k5jPa0xAN
cf-cache-status: HIT
x-amz-request-id: 3MDZKT470XEDBQEE
cf-polished: origFmt=png, origSize=489
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="phone.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 368
x-amz-id-2: u7la+6j6YJ3y4VVJMtopFnLI6l8x8UNYIiZZC792Dsb5lLXZjkN3Qlmi1PYJ0KxJ8DuzTaCvXRs=
cf-bgj: imgq:85,h2pri
last-modified: Mon, 30 Jan 2023 22:04:40 GMT
server: cloudflare
etag: "d266bd5c2a49d4acd83265d514ab8415"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 7b6546ab3bc83655-FRA
expires: Tue, 11 Apr 2023 19:26:07 GMT

GET
H3 200 guarantee-2.png
cdn.gundrymd.com/images/ 7 KB
7 KB 195ms
194ms Image
image/webp 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gundrymd.com/images/guarantee-2.png
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/os210331a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email&sessionid=514341940131&uid=email_bc3_210407_dos_qqq&dsid=a0v3w00000LpvDhAAJ&step=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ffc634f87750ebf219e3c416baf993af883981a03cd340c19aa362b81102aca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:07 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 67MWBH3G51MDMN87
cf-polished: origFmt=png, origSize=7717
content-disposition: inline; filename="guarantee-2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7048
x-amz-id-2: zs9SIE6b4L1gHd5g4d5dWoXhLKOAvLoDA0CkZ7Rqggl6sxkhELjBmOfp87AjfGolim+QUJtTEckMLfiETF9UJw==
cf-bgj: imgq:85,h2pri
last-modified: Sat, 08 Feb 2020 00:24:36 GMT
server: cloudflare
etag: "cab783378c5abbb911dfd32e8dff392b"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 7b6546ab3bcb3655-FRA
expires: Tue, 11 Apr 2023 19:26:07 GMT

GET
H3 200 BioComplete3-supp.png
cdn.gundrymd.com/images/bio-complete-3/ 43 KB
43 KB 189ms
188ms Image
image/webp 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gundrymd.com/images/bio-complete-3/BioComplete3-supp.png
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/os210331a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email&sessionid=514341940131&uid=email_bc3_210407_dos_qqq&dsid=a0v3w00000LpvDhAAJ&step=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32bbd2741e532fd7a14d845c3dec3137d96ff6726101762e31b2cadefe187096

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:07 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 3MDGYMBB1PJTBP7A
cf-polished: origFmt=png, origSize=78687
content-disposition: inline; filename="BioComplete3-supp.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43722
x-amz-id-2: lMvEwkzpkW3y3O3A2OS2tADI6+YkId5W1IjJCuE1raU9w5Fo0E2E7RJWfDoXy1YvTN47HocmyJoR9XEqgvxCeQ==
cf-bgj: imgq:85,h2pri
last-modified: Tue, 11 Feb 2020 01:04:47 GMT
server: cloudflare
etag: "26b4dfb8d4810a86ecad8ac56fdd4614"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 7b6546ab3bcd3655-FRA
expires: Tue, 11 Apr 2023 19:26:07 GMT

GET
H3 200 backgroundLights.jpg
cdn.gundrymd.com/images/bio-complete-3/ 43 KB
43 KB 247ms
247ms Image
image/webp 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gundrymd.com/images/bio-complete-3/backgroundLights.jpg
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/main.css?ver=41120237
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9c98801b167fa934f69d9c755f5b76dbf11d3ddd0970abd6eff16baf8285adf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:07 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 0X25XAE4CFFFETM9
cf-polished: qual=85, origFmt=jpeg, origSize=64213
content-disposition: inline; filename="backgroundLights.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43938
x-amz-id-2: v6N4MoppHHnBc+FI0SmsJLGRK8o2tuB4g+e1DJgj8EEX8CnTT7kRvrxzqnJXidq9TX1I2s4m0W8=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 11 Feb 2020 18:09:10 GMT
server: cloudflare
etag: "f6e91de0099bab3176d131445271e9de"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 7b6546ab3bce3655-FRA
expires: Tue, 11 Apr 2023 19:26:07 GMT

GET
H3 200 ProximaNova-Light.otf
www2.gundrymd.com/assets/fonts/Proxima-nova-light/ 61 KB
40 KB 127ms
127ms Font
font/otf 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/assets/fonts/Proxima-nova-light/ProximaNova-Light.otf

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/main.css?ver=41120237

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.gundrymd.com/build/main.css?ver=41120237
Origin: https://www2.gundrymd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:07 GMT
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Apr 2023 21:41:53 GMT
server: cloudflare
etag: W/"f5f8-1875dab30e8"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/otf
cache-control: public, max-age=3600
cf-ray: 7b6546ab4bda3655-FRA
expires: Tue, 11 Apr 2023 19:26:07 GMT

GET
H3 200 ProximaNova-Semibold.otf
www2.gundrymd.com/assets/fonts/Proxima-nova-semibold/ 62 KB
40 KB 157ms
157ms Font
font/otf 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/assets/fonts/Proxima-nova-semibold/ProximaNova-Semibold.otf

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/main.css?ver=41120237

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.gundrymd.com/build/main.css?ver=41120237
Origin: https://www2.gundrymd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:07 GMT
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Apr 2023 21:41:53 GMT
server: cloudflare
etag: W/"f68c-1875dab30e8"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/otf
cache-control: public, max-age=3600
cf-ray: 7b6546ab4bdd3655-FRA
expires: Tue, 11 Apr 2023 19:26:07 GMT

POST
H3 200 save Show response
www2.gundrymd.com/proxy/funnel/stats/ 16 B
446 B 147ms
147ms XHR
application/json 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.gundrymd.com/proxy/funnel/stats/save

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/polyfills.js?ver=41120237

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.gundrymd.com/os210331a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email&sessionid=514341940131&uid=email_bc3_210407_dos_qqq&dsid=a0v3w00000LpvDhAAJ&step=1
X-Brand: Gundry MD
accept-language: de-DE,de;q=0.9
XSRF-TOKEN: tUaZ48Oz-XLvp2suSigkGcbwk6ZJm5CWnbF4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 11 Apr 2023 18:26:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (e46a9e002bdb), 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"10-MxB4y4MLcx6QDsp8b8vgp7iFMFo"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.gundrymd.com
access-control-expose-headers: X-Brand
access-control-allow-credentials: true
cf-ray: 7b6546ab7c483655-FRA

GET
H3 200 red-check2.png
cdn.gundrymd.com/images/prebiothrive/ 550 B
989 B 190ms
190ms Image
image/webp 2606:4700::6812:3c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gundrymd.com/images/prebiothrive/red-check2.png
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/os210331a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-email-magazine-biocomplete3-advertorial&utm_campaign_id=7013w000001vIl6AAE&utm_source=email&sessionid=514341940131&uid=email_bc3_210407_dos_qqq&dsid=a0v3w00000LpvDhAAJ&step=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:3c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae157e8ff75d368d1de8c7445b4055357fd195be400cf2ff1c412561c8686e65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:07 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 4AEE2YY3EKJ9YW9S
cf-polished: origFmt=png, origSize=663
content-disposition: inline; filename="red-check2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 550
x-amz-id-2: MetvkdKyn8hey/HN0x04X+aepKYAVjTBjZMeUmIIHIt1qUavHrBRgBF+BSrjuO6N5CcWidNZ+Y8=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 11 Mar 2020 21:00:06 GMT
server: cloudflare
etag: "fc70d343d03cc60cb4652262bf4cf21e"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 7b6546ab8c673655-FRA
expires: Tue, 11 Apr 2023 19:26:07 GMT

GET
H3 200 Montserrat-regular.woff2
cdn.gundrymd.com/fonts/Montserrat-regular/ 10 KB
10 KB 222ms
208ms Font
binary/octet-stream 2606:4700::6812:2c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gundrymd.com/fonts/Montserrat-regular/Montserrat-regular.woff2
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/main.css?ver=41120237
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:2c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6d5f3361200b9841322bf424d7d49b1e7d81ad6ed193b81787b9915f867755b

Request headers

Referer: https://www2.gundrymd.com/
Origin: https://www2.gundrymd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:07 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: KHVM9X8D1WJRH7ZS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9768
x-amz-id-2: fByvvnlC7PSVOKcQUZCoyesq6wxZ/oYMooHTmGoqivpvJ2XfyNU12PP/YSzecb/A1qGTK0sDLYPNNmVcfH9bGQ==
last-modified: Thu, 23 Jan 2020 01:31:31 GMT
server: cloudflare
etag: "8f489cac3eeca3f0e416620f3f5a92bf"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 7b6546abac222bf5-FRA
expires: Tue, 11 Apr 2023 19:26:07 GMT

POST
H2 204 unrenderedCreative
gundrymd.attn.tv/ 0
0 144ms
143ms Fetch 104.18.37.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gundrymd.attn.tv/unrenderedCreative?v=4.17.6&r=&id=bb4fd5dd735a4c43a590fe155ae064d3&pv=1&l=https%3A%2F%2Fwww2.gundrymd.com%2Fos210331a_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-email-magazine-biocomplete3-advertorial%26utm_campaign_id%3D7013w000001vIl6AAE%26utm_source%3Demail%26sessionid%3D514341940131%26uid%3Demail_bc3_210407_dos_qqq%26dsid%3Da0v3w00000LpvDhAAJ%26step%3D1&w=1600&h=1200&ss_ref=ORGANIC&m=marketing&m=live-sms
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/polyfills.js?ver=41120237
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www2.gundrymd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Apr 2023 18:26:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 19
cf-ray: 7b6546abbc6335eb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 visitor.php Show response
app.leadsrx.com/ 95 B
518 B 184ms
183ms XHR
text/html 54.214.43.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.leadsrx.com/visitor.php?acctTag=mlxlwo43754&tz=0&ref=&u=https%3A%2F%2Fwww2.gundrymd.com%2Fos210331a_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-email-magazine-biocomplete3-advertorial%26utm_campaign_id%3D7013w000001vIl6AAE%26utm_source%3Demail%26sessionid%3D514341940131%26uid%3Demail_bc3_210407_dos_qqq%26dsid%3Da0v3w00000LpvDhAAJ%26step%3D1&t=Gut%20Cleanse%20Protocol&lc=null&anon=0&vin=null

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/polyfills.js?ver=41120237

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.214.43.55 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-214-43-55.us-west-2.compute.amazonaws.com

Software

nginx/1.20.1 / PHP/5.6.40

Resource Hash

72f3e8432cfc1742de4f0761e9b2097b0d73b9e9e1469516b69d39bf40a60d08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www2.gundrymd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 11 Apr 2023 18:26:07 GMT
x-content-type-options: nosniff
server: nginx/1.20.1
x-powered-by: PHP/5.6.40
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www2.gundrymd.com
access-control-allow-credentials: true

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7DD2 15 KB
6 KB 99ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www2.gundrymd.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=34370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www2.gundrymd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 18:26:06 GMT
server: Kestrel
server-processing-duration-in-ticks: 359677
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7DD2
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=gundrymd.com&sn=ChromeSyncframe&so=0&topUrl=www2.gundrymd.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=i-eHHHxDbFNBN2h5VVdBOEZUMVg5VjJzVGJROXA5OHdxOVkzOFFXYnQ4YXBlYmxiU2FlWUtsL2Z3RXB5aGgxb3dpQU5tTEVMV05vdXBqV0w5SFFyeHpNNm9xektESFovUm90MTVOaDVPSU5RS3h2OGJOdDFCeUs0RHNvaV...

430 B
652 B

193ms
16ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=i-eHHHxDbFNBN2h5VVdBOEZUMVg5VjJzVGJROXA5OHdxOVkzOFFXYnQ4YXBlYmxiU2FlWUtsL2Z3RXB5aGgxb3dpQU5tTEVMV05vdXBqV0w5SFFyeHpNNm9xektESFovUm90MTVOaDVPSU5RS3h2OGJOdDFCeUs0RHNvaVNwb3JUb3ZsbDMxejQ2ZHFIOFpWelBzRUlOOERBQ09KSjE4WEtndGNOZVU1Z3huSHMzYVlneDRBaFora282WWpIQzQzOGNPV294dnlWZG1vRElXNHpnejFwU1hIcUxIL0o0d05EQWQ4YmJpVVhpVUlpcXAzdEt6WFB6cFJkZVpobzJJVHJBTitDeHRvZmpnQ1BlUFRBVVB4TWw2dk5wQT09fA&cppv=2

Requested by

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8e697f7737addb6edc9c81940c778f6fe691a65257e791a86d484021d1e940f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1789125
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=i-eHHHxDbFNBN2h5VVdBOEZUMVg5VjJzVGJROXA5OHdxOVkzOFFXYnQ4YXBlYmxiU2FlWUtsL2Z3RXB5aGgxb3dpQU5tTEVMV05vdXBqV0w5SFFyeHpNNm9xektESFovUm90MTVOaDVPSU5RS3h2OGJOdDFCeUs0RHNvaVNwb3JUb3ZsbDMxejQ2ZHFIOFpWelBzRUlOOERBQ09KSjE4WEtndGNOZVU1Z3huSHMzYVlneDRBaFora282WWpIQzQzOGNPV294dnlWZG1vRElXNHpnejFwU1hIcUxIL0o0d05EQWQ4YmJpVVhpVUlpcXAzdEt6WFB6cFJkZVpobzJJVHJBTitDeHRvZmpnQ1BlUFRBVVB4TWw2dk5wQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 350537
content-length: 0
expires: 0

GET
H2 200 params Show response
shop.pe/widget/main/init/ 260 B
756 B 121ms
120ms Script
text/javascript 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/widget/main/init/params?siteid=61b7632473efc371cfbbfdf9&product=Gut%20Cleanse%20Protocol&product_url=https%3A%2F%2Fwww2.gundrymd.com%2Fos210331a_ap&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww2.gundrymd.com%2Fos210331a_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-email-magazine-biocomplete3-advertorial%26utm_campaign_id%3D7013w000001vIl6AAE%26utm_source%3Demail%26sessionid%3D514341940131%26uid%3Demail_bc3_210407_dos_qqq%26dsid%3Da0v3w00000LpvDhAAJ%26step%3D1&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&rand=69715&cookie=&referer=

Requested by

Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4b562b9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

81f780b577913df90d1aac66a2c2255f5040af20f561e484b28531add33785e8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:07 GMT
content-security-policy: frame-ancestors none;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version: 47
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
etag: W/"b51380f1bee7805b744481725672843144a657ed"
x-frame-options: deny
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
content-type: text/javascript
access-control-allow-origin: https://my.addshoppers.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken

GET
H3 200 params Show response
shop.pe/widget/main/init/ 1 KB
774 B 143ms
143ms Script
text/javascript 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/widget/main/init/params?siteid=61b7632473efc371cfbbfdf9&product=Gut%20Cleanse%20Protocol&product_url=https%3A%2F%2Fwww2.gundrymd.com%2Fos210331a_ap&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww2.gundrymd.com%2Fos210331a_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-email-magazine-biocomplete3-advertorial%26utm_campaign_id%3D7013w000001vIl6AAE%26utm_source%3Demail%26sessionid%3D514341940131%26uid%3Demail_bc3_210407_dos_qqq%26dsid%3Da0v3w00000LpvDhAAJ%26step%3D1&callback=AddShoppersWidget.load_widget&rand=76124&cookie=2%7C1%3A0%7C10%3A1681237567%7C15%3Aaddshoppers.com%7C44%3AOTMzYjlmNTE2MzIwNDliMTg1ZDlmOWExN2Y0MTNmOWQ%3D%7C275f6977e7ae19caf00c2dcc5aeeca8edc1c5fba0d31acadf2fdef0584d30dbd&referer=

Requested by

Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4b562b9

Protocol

Security

QUIC, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

aedc4d7dab5cb932730096701b19bde4304ffefe577b4cdd38d8bde163c48ff8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:07 GMT
content-security-policy: frame-ancestors none;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version: 47
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
etag: W/"66728b9e7bfa6555a9ca23680c13b2415137afe6"
x-frame-options: deny
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
content-type: text/javascript
access-control-allow-origin: https://my.addshoppers.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=34370&v=5.15.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvp%26p%3Dundefined%26tms%3Dcustom-guide&p3=e%3Dvp%26p%3Dundefined%26tm...
https://widget.us.criteo.com/event?a=34370&v=5.15.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvp%26p%3Dundefined%26tms%3Dcustom-guide&p3=e%3Dvp%26p%3Dundefined%26tm...

8 KB
4 KB

308ms
107ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=34370&v=5.15.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvp%26p%3Dundefined%26tms%3Dcustom-guide&p3=e%3Dvp%26p%3Dundefined%26tms%3Dcustom-guide&p4=e%3Ddis&adce=1&bundle=Lcu2rV9GMGtKWmJndFRGbW5LTTlWaW5EVDRCYjhGS1VaV1VYaUM1cXZjcVdwdUJrJTJCdmZFQ2lYSGg2ekNhM0ZNJTJCdGxkSmN5MmhaZ0F4dVNTVVU5azZqaUlGeUxwSVVFJTJGcnBqbVM4cUwwRVgyRmxVVmd3dCUyRllDTmhtSmhRM1BKamNFN1hwQXRqQSUyQnFuaVBtSXJFeTA5MzRzdTBRJTNEJTNE&tld=gundrymd.com&dy=1&fu=https%253A%252F%252Fwww2.gundrymd.com%252Fos210331a_ap%253Fbusiness_unit%253Da00f400000dk8tnaab%2526utm_campaign%253Dgmd-email-magazine-biocomplete3-advertorial%2526utm_campaign_id%253D7013w000001vIl6AAE%2526utm_source%253Demail%2526sessionid%253D514341940131%2526uid%253Demail_bc3_210407_dos_qqq%2526dsid%253Da0v3w00000LpvDhAAJ%2526step%253D1&ceid=c9a16829-d77e-4ad1-bb54-ec5dece5a8de&dtycbr=55369

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b9bda4097950a8eac80026d23dd1a9f6585660fa8747c3687ccd7ec71ed760c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 15109700
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=34370&v=5.15.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvp%26p%3Dundefined%26tms%3Dcustom-guide&p3=e%3Dvp%26p%3Dundefined%26tms%3Dcustom-guide&p4=e%3Ddis&adce=1&bundle=Lcu2rV9GMGtKWmJndFRGbW5LTTlWaW5EVDRCYjhGS1VaV1VYaUM1cXZjcVdwdUJrJTJCdmZFQ2lYSGg2ekNhM0ZNJTJCdGxkSmN5MmhaZ0F4dVNTVVU5azZqaUlGeUxwSVVFJTJGcnBqbVM4cUwwRVgyRmxVVmd3dCUyRllDTmhtSmhRM1BKamNFN1hwQXRqQSUyQnFuaVBtSXJFeTA5MzRzdTBRJTNEJTNE&tld=gundrymd.com&dy=1&fu=https%253A%252F%252Fwww2.gundrymd.com%252Fos210331a_ap%253Fbusiness_unit%253Da00f400000dk8tnaab%2526utm_campaign%253Dgmd-email-magazine-biocomplete3-advertorial%2526utm_campaign_id%253D7013w000001vIl6AAE%2526utm_source%253Demail%2526sessionid%253D514341940131%2526uid%253Demail_bc3_210407_dos_qqq%2526dsid%253Da0v3w00000LpvDhAAJ%2526step%253D1&ceid=c9a16829-d77e-4ad1-bb54-ec5dece5a8de&dtycbr=55369
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4280157
timing-allow-origin: *
content-length: 0
expires: 0

GET
H/1.1 200
OK A.js Show response
addshoppers.s3.amazonaws.com/61b7632473efc371cfbbfdf9/61b76db078f2f27efd9c4b80/ 18 KB
5 KB 347ms
112ms Script
application/javascript 52.217.174.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://addshoppers.s3.amazonaws.com/61b7632473efc371cfbbfdf9/61b76db078f2f27efd9c4b80/A.js?_t=1680074158
Requested by: Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4b562b9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.174.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 260c5a368710d497eb06f5c0d0130ab6cb5e6ea7e67e9c5b558a2a1e2227a088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 18:26:09 GMT
Content-Encoding: gzip
x-amz-version-id: 2gO7MyZMfyL0YO2pK1S191OoGcxemAms
Last-Modified: Wed, 29 Mar 2023 07:15:59 GMT
Server: AmazonS3
x-amz-request-id: T78DBE5C21GEPEW6
ETag: "11520958b3da26d0c78e3635e7a39647"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Content-Length: 4113
x-amz-id-2: 2v5LKvwnuKBrwYAqLjiuJJyF3b/1Nt7KoReqLZIGRUgVbQZgfTTCEKuyhfjOT8DJD3SvC3S+qFc=

GET
H/1.1 200
OK c300986e77c94b13bd246c7dc0851b05.js Show response
addshoppers.s3.amazonaws.com/customize/61b7632473efc371cfbbfdf9/ 2 KB
1 KB 337ms
111ms Script
application/javascript 52.217.174.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://addshoppers.s3.amazonaws.com/customize/61b7632473efc371cfbbfdf9/c300986e77c94b13bd246c7dc0851b05.js?_t=1660224772
Requested by: Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4b562b9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.174.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5b5f7e3e12837c3fe89684993a860b763a6fb833489a8353fa3b93efe1b23bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 18:26:09 GMT
Content-Encoding: gzip
x-amz-version-id: vsJCmi.0Z.Z2AYJMOnh1UbDh9vNjMcSQ
Last-Modified: Thu, 11 Aug 2022 13:32:53 GMT
Server: AmazonS3
x-amz-request-id: T780MMWQ0FY2GPR6
ETag: "3804ef6102c04d695a7250fe518e3df7"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Content-Length: 787
x-amz-id-2: wVJhaUueK3SH+TrEttZCHo0t6CE+OWUSkbFT0/hILdA97OZEAQlmPWobfyQvtqVUwwL3w8uOe30=

GET
H2 200 input.js Show response
shopper.shop.pe/ 26 KB
9 KB 232ms
15ms Script
application/javascript 35.190.54.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper.shop.pe/input.js
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.54.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bc1f719ad8a9fb36c5f164463ae53ad79a27e84143b027da42c6ee08021ff399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:23:37 GMT
content-encoding: gzip
age: 7351
x-guploader-uploadid: ADPycdt8EWp9T7tI-0BkDQU8S3TlXPQwcbNc6w7AbnPT9CyIhf4g8R9aJojamtE69ssOJ2IER9GTwyr1_8vcZLXLtqRK_A
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8877
last-modified: Wed, 15 Feb 2023 16:33:08 GMT
server: UploadServer
etag: "56be6173b5d0bbc5689acd2e4dc40cf2"
vary: Accept-Encoding
x-goog-generation: 1676478788444714
x-goog-hash: crc32c=cHI6Vg==, md5=Vr5hc7XQu8Voms0uTcQM8g==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
x-goog-stored-content-length: 8877
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Tue, 11 Apr 2023 20:23:37 GMT

GET
H2 200 status Show response
app.shop.pe/app/datapartners/ 34 B
510 B 177ms
123ms XHR
application/json 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.shop.pe/app/datapartners/status?usersite_id=61b7632473efc371cfbbfdf9

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/polyfills.js?ver=41120237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: nginx
etag: W/"0467ba22658b680d6de72dc567071b5bc495547f"
x-frame-options: deny
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 iframe Show response
nytrng.com/ Frame 08E1 416 B
508 B 477ms
154ms Document
text/html 99.83.128.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=933b9f51632049b185d9f9a17f413f9d
Requested by: Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4b562b9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.128.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a954c1fc80b8251dc.awsglobalaccelerator.com
Software: gunicorn /
Resource Hash: 120e263cc6c1e886e9e123f8d2de65f79d43b6e6093159c2e17660588cc08838

Request headers

Referer: https://www2.gundrymd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 416
content-type: text/html; charset=utf-8
date: Tue, 11 Apr 2023 18:26:08 GMT
server: gunicorn

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 93E4
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-jhRaQPaS-vveZeuMjdbpzlCpnHZ1fLTf0IAh0w&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-jhRaQPaS-vveZeuMjdbpzlCpnHZ1fLTf0IAh0w&expires=30

43 B
345 B

9ms
9ms

Image
image/gif

3.122.65.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-jhRaQPaS-vveZeuMjdbpzlCpnHZ1fLTf0IAh0w&expires=30
Protocol: H2
Server: 3.122.65.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-65-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-jhRaQPaS-vveZeuMjdbpzlCpnHZ1fLTf0IAh0w&expires=30
date: Tue, 11 Apr 2023 18:26:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 93E4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-q3IRevaS-vveZeuMjdbpzlCpnHb90rh3xva09Q&google_cm&google_hm=ay1xM0lSZXZhUy12dmVaZXVNamRicHpsQ3BuSGI5MHJoM...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-q3IRevaS-vveZeuMjdbpzlCpnHb90rh3xva09Q&google_cm=&google_hm=ay1xM0lSZXZhUy12dmVaZXVNamRicHpsQ3BuSGI5MHJ...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-q3IRevaS-vveZeuMjdbpzlCpnHb90rh3xva09Q&google_gid=CAESEOsQqamWor6Su_gUPqzNBpQ&google_cver=1&google_ula=913071,0

43 B
369 B

87ms
18ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-q3IRevaS-vveZeuMjdbpzlCpnHb90rh3xva09Q&google_gid=CAESEOsQqamWor6Su_gUPqzNBpQ&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 658804
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-q3IRevaS-vveZeuMjdbpzlCpnHb90rh3xva09Q&google_gid=CAESEOsQqamWor6Su_gUPqzNBpQ&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 93E4
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3698594724096122541

43 B
371 B

211ms
17ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3698594724096122541

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1076066
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 11 Apr 2023 18:26:08 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.152; 185.213.155.152; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2050db74-e7db-4ad4-a99a-9f00f5d035e1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3698594724096122541
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 93E4
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-QHuNB_aS-vveZeuMjdbpzlCpnHakZFJgKIZZpQ
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QHuNB_aS-vveZeuMjdbpzlCpnHakZFJgKIZZpQ

43 B
1 KB

54ms
54ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QHuNB_aS-vveZeuMjdbpzlCpnHakZFJgKIZZpQ

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 18:26:08 GMT
AN-X-Request-Uuid: f10e3cef-4e4d-4f29-9b65-952e055ebc73
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.152; 185.213.155.152; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 18:26:08 GMT
AN-X-Request-Uuid: 07477975-5dd0-4046-8217-d742329358fb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QHuNB_aS-vveZeuMjdbpzlCpnHakZFJgKIZZpQ
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.152; 185.213.155.152; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 93E4 61 B
802 B 131ms
104ms Image
image/gif 88.221.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-6N8onfaS-vveZeuMjdbpzlCpnHZj1kYfF0qDMg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 18:26:08 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Tue, 11 Apr 2023 18:26:08 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 93E4 0
239 B 56ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-fAhXpvaS-vveZeuMjdbpzlCpnHZhgUKi9E45OQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 93E4 0
360 B 54ms
9ms Image
text/plain 52.58.179.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-L2vTQfaS-vveZeuMjdbpzlCpnHZ3Vg4U5E57uQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.179.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-179-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:08 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 93E4 43 B
163 B 289ms
18ms Image
image/gif 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-5mg9WPaS-vveZeuMjdbpzlCpnHZlvZan-auLzg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:07 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 93E4 0
99 B 103ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-rCSdBPaS-vveZeuMjdbpzlCpnHaq78DVF_XpGQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:08 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13464

GET
H2 200 um
criteo-sync.teads.tv/ Frame 93E4 23 B
172 B 122ms
38ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-8ET3kvaS-vveZeuMjdbpzlCpnHYp9qeC2gW_0g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Tue, 11 Apr 2023 18:26:08 GMT
pragma: no-cache
date: Tue, 11 Apr 2023 18:26:08 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 93E4 37 B
140 B 40ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-0vfC3PaS-vveZeuMjdbpzlCpnHZpIpwXLJuGew&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 93E4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-NAESmvaS-vveZeuMjdbpzlCpnHZhVZkDRuEZ7A
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-NAESmvaS-vveZeuMjdbpzlCpnHZhVZkDRuEZ7A&verify=true

0
121 B

11ms
11ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-NAESmvaS-vveZeuMjdbpzlCpnHZhVZkDRuEZ7A&verify=true

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:08 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-NAESmvaS-vveZeuMjdbpzlCpnHZhVZkDRuEZ7A&verify=true
date: Tue, 11 Apr 2023 18:26:08 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 93E4 43 B
163 B 187ms
20ms Image
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-eF5KfPaS-vveZeuMjdbpzlCpnHbULeByexFoGQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:08 GMT
last-modified: Wed, 11 Oct 2017 13:40:08 GMT
server: nginx
accept-ranges: bytes
etag: "59de1f38-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 93E4 49 B
235 B 176ms
19ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-zUu-ffaS-vveZeuMjdbpzlCpnHZmVkqMbbMXgg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:08 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 93E4
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DQ1c9vaS-vveZeuMjdbpzlCpnHZqGazmWy-KyA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DQ1c9vaS-vveZeuMjdbpzlCpnHZqGazmWy-KyA&C=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DQ1c9vaS-vveZeuMjdbpzlCpnHZqGazmWy-KyA&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 18:26:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 18:26:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-DQ1c9vaS-vveZeuMjdbpzlCpnHZqGazmWy-KyA&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 93E4
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=o5oDBBzkJqD4u2PytqkqrEY7kkWM22wl
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=o5oDBBzkJqD4u2PytqkqrEY7kkWM22wl

42 B
942 B

36ms
35ms

Image
image/gif

63.33.154.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=o5oDBBzkJqD4u2PytqkqrEY7kkWM22wl

Protocol

HTTP/1.1

Server

63.33.154.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-154-254.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-0dc39c7af.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 2KgOOTbBQNM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v046-097c7f918.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: BTzp2S+jTDQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=o5oDBBzkJqD4u2PytqkqrEY7kkWM22wl
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 93E4 43 B
1 KB 144ms
10ms Image
image/gif 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-BauU4PaS-vveZeuMjdbpzlCpnHahOVZ8fVMApQ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 11 Apr 2023 18:26:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 93E4
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-CxJhs_aS-vveZeuMjdbpzlCpnHZ7KljHPZ4yNA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-CxJhs_aS-vveZeuMjdbpzlCpnHZ7KljHPZ4yNA

43 B
449 B

30ms
30ms

Image
image/gif

52.19.94.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-CxJhs_aS-vveZeuMjdbpzlCpnHZ7KljHPZ4yNA
Protocol: H2
Server: 52.19.94.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-94-146.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 11 Apr 2023 18:26:08 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-CxJhs_aS-vveZeuMjdbpzlCpnHZ7KljHPZ4yNA
access-control-allow-origin: *
date: Tue, 11 Apr 2023 18:26:08 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 93E4 42 B
274 B 136ms
24ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-isc3wvaS-vveZeuMjdbpzlCpnHZ6eR5ZRrDxJQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:08 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 93E4 0
884 B 104ms
8ms Image
text/html 18.197.183.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-oTBX8faS-vveZeuMjdbpzlCpnHZqW2zjEV-1MA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.183.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-183-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:08 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 93E4 0
145 B 411ms
94ms Image
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-nnwXZ_aS-vveZeuMjdbpzlCpnHbEpdkuk26Afw&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 18:26:08 GMT
Cache-Control: no-cache
X-TraceId: 7e5a6d8c63f664410e91eec3ac95eece
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 93E4 42 B
581 B 57ms
16ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-jZNtKfaS-vveZeuMjdbpzlCpnHYN1xoVcNKPuQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 11 Apr 2023 18:26:08 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 93E4 43 B
406 B 364ms
105ms Image
image/gif 2600:1f18:612b:4216:9abd:bdd2:b3e3:4fec
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-lSIgd_aS-vveZeuMjdbpzlCpnHYsiuVUIdg69Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:9abd:bdd2:b3e3:4fec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 11 Apr 2023 18:26:08 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 93E4 43 B
153 B 92ms
27ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-XZhwefaS-vveZeuMjdbpzlCpnHZqA_GCAKbjdg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 11 Apr 2023 18:26:08 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 93E4 0
400 B 113ms
72ms Image
text/plain 2.18.128.46
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-sRWtZvaS-vveZeuMjdbpzlCpnHalcptC7eOSnQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.128.46 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-128-46.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 18:26:08 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 10 Apr 2023 18:26:08 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 93E4 0
38 B 151ms
29ms Image
text/plain 54.155.81.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-mRFXzvaS-vveZeuMjdbpzlCpnHZYGf_8rB40uw&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.81.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-81-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:08 GMT
content-length: 0

HEAD
H3 200 consent Show response
shop.pe/query/datareg/ 0
25 B 134ms
117ms XHR
text/html 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/query/datareg/consent

Requested by

Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/polyfills.js?ver=41120237

Protocol

Security

QUIC, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:08 GMT
content-security-policy: frame-ancestors none;
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version: 47
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
x-frame-options: deny
access-control-allow-methods: HEAD, GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Data-Regulation-Gdpr-Enforced
access-control-allow-headers: X-Requested-With, Content-Type, Data-Regulation-Gdpr-Enforced

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 93E4
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pLQXIU-r9wlRO2eLiZC5cNgV_FVsiU2b

0
337 B

28ms
28ms

Image
text/plain

52.50.253.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pLQXIU-r9wlRO2eLiZC5cNgV_FVsiU2b
Protocol: H2
Server: 52.50.253.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-253-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: beacon-n004-dub-prod.krxd.net
date: Tue, 11 Apr 2023 18:26:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1681237568
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pLQXIU-r9wlRO2eLiZC5cNgV_FVsiU2b
date: Tue, 11 Apr 2023 18:26:07 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 741740
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 93E4
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=3UQOc8T_VJ3GDiihLMBCkj0VqdDZVQxW

35 B
268 B

380ms
120ms

Image
image/gif

3.132.49.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=3UQOc8T_VJ3GDiihLMBCkj0VqdDZVQxW
Protocol: H2
Server: 3.132.49.211 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-49-211.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:08 GMT
x-bt-requestid: 54180df0-d896-11ed-b258-0000ac1702e8
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=3UQOc8T_VJ3GDiihLMBCkj0VqdDZVQxW
date: Tue, 11 Apr 2023 18:26:07 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 942649
content-length: 0

GET
H2 200 pl.2.2.min.js Show response
cdn.nytrng.com/ Frame 08E1 0
327 B 51ms
8ms Script
text/plain 18.66.97.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nytrng.com/pl.2.2.min.js
Requested by: Host: nytrng.com
URL: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=933b9f51632049b185d9f9a17f413f9d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nytrng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 08 Apr 2023 01:14:23 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jul 2019 16:57:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 818429
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/plain
accept-ranges: bytes
content-length: 0
x-amz-cf-id: BMWV5W02NgJG23fJhdI5B1n8_7vvQrFoGsjGSlXCc2zwgERvBfmybQ==

GET
H2 200 cscript.js Show response
stat.youniverssl.com/js/ 9 KB
3 KB 210ms
145ms Script
application/javascript 2606:4700::6812:1b75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stat.youniverssl.com/js/cscript.js?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b078999f1e87fb1a80a941371723dc584673d28de33c3d69a8d98688f4dbdea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:10 GMT
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 28 Feb 2022 18:51:11 GMT
server: cloudflare
vary: accept-encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 7b6546bc2c54bb8c-FRA
expires: 0

GET
H2 200 fp.min.js Show response
stat.youniverssl.com/js/ 31 KB
13 KB 133ms
133ms Script
application/javascript 2606:4700::6812:1b75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stat.youniverssl.com/js/fp.min.js

Requested by

Host: stat.youniverssl.com
URL: https://stat.youniverssl.com/js/cscript.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:26:10 GMT
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 28 Feb 2022 18:51:11 GMT
server: cloudflare
vary: accept-encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 7b6546bd0e1fbb8c-FRA
expires: 0

GET
H3 200 stat Show response
stat.youniverssl.com/ 3 KB
1 KB 142ms
142ms Script
application/javascript 2606:4700::6812:1b75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stat.youniverssl.com/stat?callback=siteStatHandler&consume=%7B%22affParameters%22%3A%7B%22utmSource%22%3A%22email%22%2C%22utmMedium%22%3Anull%2C%22utmCampaign%22%3A%22gmd-email-magazine-biocomplete3-advertorial%22%2C%22utmCampaignId%22%3A%227013w000001vIl6AAE%22%2C%22utmContent%22%3Anull%2C%22utmTerm%22%3Anull%2C%22subId1%22%3Anull%2C%22subId2%22%3Anull%2C%22subId3%22%3Anull%2C%22subId4%22%3Anull%7D%2C%22sessionid%22%3A%22514341940131%22%2C%22url%22%3A%22https%3A%2F%2Fwww2.gundrymd.com%2Fos210331a_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-email-magazine-biocomplete3-advertorial%26utm_campaign_id%3D7013w000001vIl6AAE%26utm_source%3Demail%26sessionid%3D514341940131%26uid%3Demail_bc3_210407_dos_qqq%26dsid%3Da0v3w00000LpvDhAAJ%26step%3D1%22%2C%22alternaiGuestId%22%3A%5B%5D%2C%22external_id%22%3A%5B%5D%7D&id=48fe691eb47949483b332a897f4f36bb&url=https%3A%2F%2Fwww2.gundrymd.com%2Fos210331a_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-email-magazine-biocomplete3-advertorial%26utm_campaign_id%3D7013w000001vIl6AAE%26utm_source%3Demail%26sessionid%3D514341940131%26uid%3Demail_bc3_210407_dos_qqq%26dsid%3Da0v3w00000LpvDhAAJ%26step%3D1&sessionid=514341940131

Requested by

Host: stat.youniverssl.com
URL: https://stat.youniverssl.com/js/cscript.js?v=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1b75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bce809663917ec77b66afdd3ffbbb955dd29234c67983290bf296b1ce19b703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:10 GMT
via: 1.1 spaces-router (e46a9e002bdb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: accept-encoding
x-frame-options: DENY
content-type: application/javascript;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 7b6546be697bbbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: 0

GET
H3 200 pixel.png Show response
shopper.shop.pe/ 609 B
638 B 33ms
15ms XHR
image/png 35.190.54.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper.shop.pe/pixel.png?data=eyJhY3RpdmVfY2FydCI6dHJ1ZSwiY3VzdG9tX3ZhbHVlcyI6eyJhc19uZXR3b3JrIjp0cnVlfSwiaWRzaG9wcGVyIjoiNjFiNzYzMjQ3M2VmYzM3MWNmYmJmZGY5Iiwic2Vzc2lvbl9pZCI6IjkzM2I5ZjUxNjMyMDQ5YjE4NWQ5ZjlhMTdmNDEzZjlkIiwiZGF0YXJlZ19nZHByX2NvbnNlbnRlZCI6ZmFsc2V9
Requested by: Host: www2.gundrymd.com
URL: https://www2.gundrymd.com/build/polyfills.js?ver=41120237
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.54.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:20:32 GMT
age: 339
x-guploader-uploadid: ADPycdvg64Me40_RP7STzZX4EC_QV2OomV4IEwp1qW29ROviibmKJU4vvXw5AwSRUQ6kxnni2-nu8VyCHvc-U1T12cie9w
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 609
last-modified: Wed, 20 Sep 2017 16:12:07 GMT
server: UploadServer
etag: "6802175f61adc40617e8ba87a30aa6bd"
x-goog-generation: 1505923927946539
x-goog-hash: crc32c=Yf0PfA==, md5=aAIXX2GtxAYX6LqHowqmvQ==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 609
accept-ranges: bytes
content-type: image/png
expires: Tue, 11 Apr 2023 19:20:32 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 115ms
36ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www2.gundrymd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:38 GMT
x-content-type-options: nosniff
age: 28473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:38 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5MM7TKXSPX&gtm=45je34a0&_p=343998780&cid=990742926.1681237565&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1681237566&sct=1&seg=0&dl=https%3A%2F%2Fwww2.gundrymd.com%2Fos210331a_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-email-magazine-biocomplete3-advertorial%26utm_campaign_id%3D7013w000001vIl6AAE%26utm_source%3Demail%26sessionid%3D514341940131%26uid%3Demail_bc3_210407_dos_qqq%26dsid%3Da0v3w00000LpvDhAAJ%26step%3D1&dt=Gundry%20MD&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5MM7TKXSPX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.gundrymd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:26:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www2.gundrymd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www2.gundrymd.com
URL: https://www2.gundrymd.com/proxy/funnel/stats/save

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www2.gundrymd.com/	1969-12-31 23:59:59	Name: _csrf Value: g7WGTAgoYJvaxLGdZwFMwLt_
.gundrymd.com/	1970-01-20 13:10:13	Name: _gcl_au Value: 1.1.1687789191.1681237565
www2.gundrymd.com/	1970-01-20 19:46:13	Name: alternaiGuestId Value: 71296daa-dd44-4f64-8b09-f415052902ca,www2.gundrymd.com,,blob:https:
.krxd.net/	1970-01-20 15:19:49	Name: _kuid_ Value: PfVMTofF
.www2.gundrymd.com/	1970-01-20 20:36:37	Name: _ga Value: GA1.3.990742926.1681237565
.www2.gundrymd.com/	1970-01-20 11:02:03	Name: _gid Value: GA1.3.847186238.1681237565
.www2.gundrymd.com/	1970-01-20 11:00:37	Name: _gat_UA-80924995-1 Value: 1
.gundrymd.com/	1970-01-20 11:00:39	Name: __cf_bm Value: 9E3hp.WQ1DxCNT5OAZlR5JOLQtiOXNI6A8YRwGt9WY0-1681237565-0-AZEjF5HnFsp9LIzYJW7pKNOT47LHKWTOfeP7H+yhv9fj03sW1GurtkD+E63pLdVNV2rt1HKdMl/CR/lh8Mz6lk50/qHg8JSx2RaT9f4Ew5o+xuga7OFyKacpcpcO5UtSVGUS+l7gLH9y7kOKVQWu+hxlwCVM74weZ+ox/2Bhw7tg
www2.gundrymd.com/	1970-01-20 11:10:42	Name: GAID Value: 7fc0c7e5-bfcf-218b-1da5-5eab9d16ad1a
www2.gundrymd.com/	1970-01-20 11:20:37	Name: connect.sid Value: s%3AS3tKq_RqmbiadGoS4QYrhuWxWq5Mwp7C.T8diofwLgHMrnZFUSNHF2y6JTR8n%2FhQbaRkwymwQsGQ
.krxd.net/	1970-01-20 11:03:30	Name: e_NqKvCG4b^company_id\|4772303201 Value: 1681237566
.gundrymd.com/	1970-01-20 20:36:37	Name: _ga Value: GA1.1.990742926.1681237565
.gundrymd.com/	1970-01-20 20:36:37	Name: _ga_5MM7TKXSPX Value: GS1.1.1681237566.1.0.1681237566.60.0.0
www2.gundrymd.com/	1970-01-20 20:36:37	Name: __attentive_id Value: bb4fd5dd735a4c43a590fe155ae064d3
www2.gundrymd.com/	1970-01-20 20:36:37	Name: _attn_ Value: eyJ1Ijoie1wiY29cIjoxNjgxMjM3NTY2NDIwLFwidW9cIjoxNjgxMjM3NTY2NDIwLFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcImJiNGZkNWRkNzM1YTRjNDNhNTkwZmUxNTVhZTA2NGQzXCJ9In0=
www2.gundrymd.com/	1970-01-20 20:36:37	Name: __attentive_cco Value: 1681237566421
www2.gundrymd.com/	1969-12-31 23:59:59	Name: __attentive_utm_param_campaign Value: gmd-email-magazine-biocomplete3-advertorial
www2.gundrymd.com/	1969-12-31 23:59:59	Name: __attentive_utm_param_source Value: email
www2.gundrymd.com/	1970-01-20 11:00:39	Name: __attentive_pv Value: 1
www2.gundrymd.com/	1970-01-20 11:00:39	Name: __attentive_ss_referrer Value: ORGANIC
www2.gundrymd.com/	1970-01-20 11:02:03	Name: __attentive_dv Value: 1
www2.gundrymd.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 0qJ9TOoA-UpTObD22rGEzEBe9_pRMPWTB_FY
.criteo.com/	1970-01-20 20:22:13	Name: uid Value: 3843e6b0-c378-4f9b-b07c-97f3146e97fb
.leadsrx.com/	1970-01-20 19:46:13	Name: _lab_lastTouch Value: direct
.gundrymd.com/	1970-01-20 19:46:13	Name: _lab Value: null
shop.pe/	1970-01-20 20:36:37	Name: addshoppers Value: "2\|1:0\|10:1681237567\|11:addshoppers\|44:OTMzYjlmNTE2MzIwNDliMTg1ZDlmOWExN2Y0MTNmOWQ=\|d0e038949b0b8da3536164b427bea1955a820e6e11dbf77daf3473c373e5cf37"
www2.gundrymd.com/	1970-01-20 20:36:37	Name: addshoppers.com Value: 2%7C1%3A0%7C10%3A1681237567%7C15%3Aaddshoppers.com%7C44%3AOTMzYjlmNTE2MzIwNDliMTg1ZDlmOWExN2Y0MTNmOWQ%3D%7C275f6977e7ae19caf00c2dcc5aeeca8edc1c5fba0d31acadf2fdef0584d30dbd
.gundrymd.com/	1970-01-20 20:30:01	Name: cto_bundle Value: Lcu2rV9GMGtKWmJndFRGbW5LTTlWaW5EVDRCYjhGS1VaV1VYaUM1cXZjcVdwdUJrJTJCdmZFQ2lYSGg2ekNhM0ZNJTJCdGxkSmN5MmhaZ0F4dVNTVVU5azZqaUlGeUxwSVVFJTJGcnBqbVM4cUwwRVgyRmxVVmd3dCUyRllDTmhtSmhRM1BKamNFN1hwQXRqQSUyQnFuaVBtSXJFeTA5MzRzdTBRJTNEJTNE
.bidswitch.net/	1970-01-20 19:46:13	Name: tuuid Value: fff3dddb-4ac6-4885-ac1c-52e2d16f663d
.bidswitch.net/	1970-01-20 19:46:13	Name: c Value: 1681237568
.bidswitch.net/	1970-01-20 19:46:13	Name: tuuid_lu Value: 1681237568
match.sharethrough.com/	1970-01-20 11:10:42	Name: AWSALBCORS Value: ebqOHCLNVKgP9o1voCNzSAIVCvRneOq01pbAE8K2SONNZbbENcmzGUZ9GHj/wSB8oZAGEi1+rSPocXaTFUMf78PpXjW8/6shaBxdoXY5I8Xjloic1gErtRoFtPau
.adnxs.com/	1970-01-20 13:10:13	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2H`bJ:!F[!@wnfH1YdP.dEXlSkbWi?@r@^X/A^9@lJ^mB6dXFT$T<Go):b2SiM3Rp-BF'+(90d0zj.l`AwI3%nugO%v4VB%np0W+_Fc>
.adnxs.com/	1970-01-20 13:10:13	Name: uuid2 Value: 4067865747298386568
.media.net/	1970-01-20 19:46:13	Name: visitor-id Value: 3242391688396010000V10
.media.net/	1970-01-20 11:43:49	Name: data-c-ts Value: 1681237568
.media.net/	1970-01-20 11:43:49	Name: data-c Value: k-6N8onfaS-vveZeuMjdbpzlCpnHZj1kYfF0qDMg~~3
.demdex.net/	1970-01-20 15:19:49	Name: demdex Value: 68852339320411446803970666955563822307
.yahoo.com/	1970-01-20 19:46:35	Name: A3 Value: d=AQABBECmNWQCEMM27t_zEmk6AALpj96zWMoFEgEBAQH3NmQ_ZAAAAAAA_eMAAA&S=AQAAAngKU1GPc4xJoXcvPLqyThQ
.analytics.yahoo.com/	1970-01-20 19:46:13	Name: IDSYNC Value: 18zh~2b16
.dpm.demdex.net/	1970-01-20 15:19:49	Name: dpm Value: 68852339320411446803970666955563822307
.doubleclick.net/	1970-01-20 20:22:13	Name: IDE Value: AHWqTUmqFAHg2ewthB3pq4azP9bsevTFZ5H_zDnEaep908gZvOYsjFigzmSLSniQyBM
.id5-sync.com/	1970-01-20 11:00:37	Name: cf Value:
.id5-sync.com/	1970-01-20 11:00:37	Name: cip Value:
.id5-sync.com/	1970-01-20 11:00:37	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:00:37	Name: car Value:
.id5-sync.com/	1970-01-20 11:00:37	Name: gdpr Value:
.id5-sync.com/	1970-01-20 11:00:37	Name: callback Value:
.casalemedia.com/	1970-01-20 19:46:13	Name: CMID Value: ZDWmQMDKA6pHeXSEbpGBqAAA
.casalemedia.com/	1970-01-20 13:10:13	Name: CMPS Value: 2230
.casalemedia.com/	1970-01-20 13:10:13	Name: CMPRO Value: 2230
exchange.mediavine.com/	1970-01-20 11:20:47	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2253ed5470-d896-11ed-a8f1-5faabdecb7fa%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:20:47	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2253ed5470-d896-11ed-a8f1-5faabdecb7fa%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:20:47	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2253ed5470-d896-11ed-a8f1-5faabdecb7fa%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:20:47	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2253ed5470-d896-11ed-a8f1-5faabdecb7fa%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:20:47	Name: criteo Value: %7B%22id%22%3A%22k-oTBX8faS-vveZeuMjdbpzlCpnHZqW2zjEV-1MA%22%2C%22version%22%3A%22criteo%22%7D
.360yield.com/	1970-01-20 13:10:13	Name: tuuid Value: 315e4ccd-978d-4f4f-b9fa-8985b94469f1
.360yield.com/	1970-01-20 13:10:13	Name: tuuid_lu Value: 1681237568
.360yield.com/	1970-01-20 13:10:13	Name: um Value: !38,LvyiYxXMR0Svw3wk.Zz.Z5PxdqPI8Oq0xMU5Vy7s5I1qsfJK4cuNXtKKoKZb-DBfz2Xuv2AQ,1689013568
.360yield.com/	1970-01-20 13:10:13	Name: umeh Value: !38,0,1743445568,-1
.pubmatic.com/	1970-01-20 11:43:49	Name: KRTBCOOKIE_97 Value: 3385-uid:k-jZNtKfaS-vveZeuMjdbpzlCpnHYN1xoVcNKPuQ&KRTB&23144-uid:k-jZNtKfaS-vveZeuMjdbpzlCpnHYN1xoVcNKPuQ&KRTB&23286-uid:k-jZNtKfaS-vveZeuMjdbpzlCpnHYN1xoVcNKPuQ&KRTB&23287-uid:k-jZNtKfaS-vveZeuMjdbpzlCpnHYN1xoVcNKPuQ
.pubmatic.com/	1970-01-20 11:43:49	Name: PugT Value: 1681237568
.tremorhub.com/	1970-01-20 19:46:34	Name: tvid Value: 14f429a89d05415e9630b153aed91a70
.tremorhub.com/	1970-01-20 11:43:49	Name: tv_UICR Value: k-lSIgd_aS-vveZeuMjdbpzlCpnHYsiuVUIdg69Q

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
addshoppers.s3.amazonaws.com
app.leadsrx.com
app.shop.pe
beacon.krxd.net
cdn.attn.tv
cdn.gundrymd.com
cdn.nytrng.com
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d3rr3d0n31t48m.cloudfront.net
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
events.attentivemobile.com
exchange.mediavine.com
fightleakygut.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
gundrymd.attn.tv
ib.adnxs.com
id5-sync.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
nytrng.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
secure.adnxs.com
shop.pe
shopper.shop.pe
simage2.pubmatic.com
sslwidget.criteo.com
stat.youniverssl.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.upsellit.com
www2.gundrymd.com
x.bidswitch.net
www2.gundrymd.com
104.111.217.42
104.18.37.231
13.248.245.213
141.226.228.48
162.19.138.119
172.217.23.98
172.64.144.208
178.250.1.11
178.250.1.9
178.250.7.11
18.197.183.248
18.66.122.52
18.66.97.76
185.255.84.152
185.64.190.80
185.80.39.216
185.86.138.152
185.89.210.82
185.89.211.84
2.18.128.46
2001:4860:4802:34::36
2600:1f18:612b:4216:9abd:bdd2:b3e3:4fec
2600:9000:21f3:d600:1c:9484:cec0:93a1
2606:4700:3032::6815:2990
2606:4700::6812:1b75
2606:4700::6812:2c1
2606:4700::6812:3c1
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c07::9b
2a02:2638:3::c
2a02:2638:d::10
3.122.65.10
3.132.49.211
3.75.62.37
34.117.157.22
34.117.39.58
35.190.54.17
35.227.244.1
37.157.4.23
52.19.94.146
52.217.174.169
52.50.253.161
52.58.179.181
54.155.81.193
54.214.43.55
63.33.154.254
69.173.144.165
70.42.32.63
74.119.119.150
85.215.5.31
88.221.168.23
99.83.128.14
0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170
0be5ae816cdb8a53ac29dad2d1fe14d88b22429d3991ee56b06afa0051b2d1b7
0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
120e263cc6c1e886e9e123f8d2de65f79d43b6e6093159c2e17660588cc08838
1d5cb9e4d99fccd74b9013691c88a04c41cec517eddde2c2985be8aa2dcf6f8b
237862a2fcb4a1cb316733cbdb5100ac65ce88cf56cf67ea163f542b5fe816b7
260c5a368710d497eb06f5c0d0130ab6cb5e6ea7e67e9c5b558a2a1e2227a088
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29f8b5e76198a5cf0d4ae4012f89fca455ecebe7fc4fc7b8b4bc73ea5b064ed9
2bce809663917ec77b66afdd3ffbbb955dd29234c67983290bf296b1ce19b703
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bbd2741e532fd7a14d845c3dec3137d96ff6726101762e31b2cadefe187096
394867e02ba0cd9a4779459a8e933387b0bb9e2a7ad14f2ee63aca19d2da3c7c
39bf9095b84c4ce49ce9138d196838649f73a891b8c7fdc798c1e44a13def43d
481f9c82fdf1edadf769daa32b26dac35c052864cf602c7d48fb045d30ae4eb2
4a2914b51918db5968e25efb198b1b94e9be28dd3356751255544954e8f29df7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
500106b3726d2de95d4aabe2539023db34bb562ea126baaf943c7188ee6cc599
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557d8fb3f9da3c9b70b3c237e2ece069a280469d935671f6d66a336f333d9c8b
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ab431b25bc022e066b75d1153f0d13be5f7a8708d57f689db14adc636bf0073
5b5f7e3e12837c3fe89684993a860b763a6fb833489a8353fa3b93efe1b23bbf
5ffc634f87750ebf219e3c416baf993af883981a03cd340c19aa362b81102aca
64c1439951306a2c7e0ac25a7c3a83616c5cf5a0b1b62dc04e0b4b7ca0ff9195
6b5116bd2cb4809c6634b99a9b1ea0a0aeda596a94817682a0e4811e35eccc58
72f3e8432cfc1742de4f0761e9b2097b0d73b9e9e1469516b69d39bf40a60d08
75bc09906e5e97f2b427bffcaa560f73772ea0fe387507d1423abdc15915cc7f
7e63d431b85ce83e2bb4b21a6c629774ee7e35bddaed03d2769c906a21435d14
81f780b577913df90d1aac66a2c2255f5040af20f561e484b28531add33785e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8970068c0ba0df2ba2996a0f33ae87f66c2c938b57d33bab4fcc1509b0112f0b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d597f0c52d0263c81aa62e674219ccc9b05d4e9c1b7e534c75560f59cf0f8b0
8e697f7737addb6edc9c81940c778f6fe691a65257e791a86d484021d1e940f5
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
9c19db965c27b08acf4b7f56802f21f1635691dbaf8bfdd0fcc79610c0197a06
9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a911d7ec96edb167bb0e244f1ffc3724fe94592a1a23e587a53925ae8c5c6363
a937099ba970d226b1685debdd89e67a0988aee19add0aa182a0b8b33a4dd49e
a9c98801b167fa934f69d9c755f5b76dbf11d3ddd0970abd6eff16baf8285adf
ae157e8ff75d368d1de8c7445b4055357fd195be400cf2ff1c412561c8686e65
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aedc4d7dab5cb932730096701b19bde4304ffefe577b4cdd38d8bde163c48ff8
b078999f1e87fb1a80a941371723dc584673d28de33c3d69a8d98688f4dbdea1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1
b9bda4097950a8eac80026d23dd1a9f6585660fa8747c3687ccd7ec71ed760c0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc1f719ad8a9fb36c5f164463ae53ad79a27e84143b027da42c6ee08021ff399
bd5ff3eb67b8c86e485b83d240d9c25749d1a820e85f7137b78bdf8d3bb9bd33
cb58a07b80c8e145f1463201fb57d0faaba65642f05e5d277bfa467c16fb09fd
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
ced828274fbe5f7845745497072193c07068f2fe8b03c4a647defcfd2def4c97
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1b667a8f71f8baeee181d61de4615e16ea8de691d471bb121f5b9988ef03cc1
d609c83a62594f53440e427446263a44ba4a31c2fe4b39953b12f26cf0e29e4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f191036d844a4cac18f4c1f77b33b2e1d2318b1360b7674e431313bd94cac9
f6d5f3361200b9841322bf424d7d49b1e7d81ad6ed193b81787b9915f867755b
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
ff9de73b7a09cb0423bb961843c2c76a15f04897ccb418adb6710c18bf7f9a95

www2.gundrymd.com Open in urlscan Pro 2606:4700::6812:3c1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

87 %HTTPS

28 %IPv6

45 Domains

58 Subdomains

54 IPs

10 Countries

4146 kBTransfer

46156 kBSize

64 Cookies

0 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www2.gundrymd.com Open in urlscan Pro
2606:4700::6812:3c1 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

87 %
HTTPS

28 %
IPv6

45
Domains

58
Subdomains

54
IPs

10
Countries

4146 kB
Transfer

46156 kB
Size

64
Cookies

104 HTTP transactions
0 data transactions