medterracbd.com Open in urlscan Pro
2606:4700:10::6816:40cf Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mautic.purecbd.solutions/r/609b7d1056f7d711fb014b873?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czoxNDoiY2FtcGFpZ24uZXZlbnQiO...
Effective URL:
https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffer...
Submission: On August 12 via manual (August 12th 2020, 2:12:27 am UTC) from US

Summary HTTP 132 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 33 IPs in 8 countries across 26 domains to perform 132 HTTP transactions. The main IP is 2606:4700:10::6816:40cf, located in United States and belongs to CLOUDFLARENET, US. The main domain is medterracbd.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2020. Valid for: a year.

This is the only time medterracbd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.186.221.75 54.186.221.75	16509 (AMAZON-02) (AMAZON-02)
1 1	63.33.92.231 63.33.92.231	16509 (AMAZON-02) (AMAZON-02)
1 71	2606:4700:10:... 2606:4700:10::6816:40cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE)
1	34.120.253.250 34.120.253.250	15169 (GOOGLE) (GOOGLE)
2	13.226.155.9 13.226.155.9	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:f600:15:decf:f580:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1 2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 4	2606:4700:20:... 2606:4700:20::681a:66b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.226.155.20 13.226.155.20	16509 (AMAZON-02) (AMAZON-02)
1	13.226.146.155 13.226.146.155	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:14ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1 2	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
7	161.71.1.38 161.71.1.38	14340 (SALESFORCE) (SALESFORCE)
2 2	2600:1901:0:2... 2600:1901:0:2470::	15169 (GOOGLE) (GOOGLE)
2	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
2 2	172.217.23.166 172.217.23.166	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:46ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.86.194 35.190.86.194	15169 (GOOGLE) (GOOGLE)
2	35.201.125.182 35.201.125.182	15169 (GOOGLE) (GOOGLE)
1	35.227.229.34 35.227.229.34	15169 (GOOGLE) (GOOGLE)
3	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:d209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.47.17 130.211.47.17	15169 (GOOGLE) (GOOGLE)
1	99.81.228.121 99.81.228.121	16509 (AMAZON-02) (AMAZON-02)
1	52.208.110.129 52.208.110.129	16509 (AMAZON-02) (AMAZON-02)
1	107.170.203.103 107.170.203.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	13.110.36.212 13.110.36.212	14340 (SALESFORCE) (SALESFORCE)
4	2a03:2880:f21... 2a03:2880:f212:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	13.110.32.212 13.110.32.212	14340 (SALESFORCE) (SALESFORCE)
132	33

1 54.186.221.75 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-221-75.us-west-2.compute.amazonaws.com

mautic.purecbd.solutions	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.92.231 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-92-231.eu-west-1.compute.amazonaws.com

track.revoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 2606:4700:10::6816:40cf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medterracbd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (United States)

ASN15169 (GOOGLE, US)

tag.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.155.9 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-9.dus51.r.cloudfront.net

pixel.locker2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:f600:15:decf:f580:21 (United States)

ASN16509 (AMAZON-02, US)

d38xvr37kwwhcm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:66b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

apps.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.155.20 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-20.dus51.r.cloudfront.net

db.revoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.146.155 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-146-155.dus51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:14ef (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.11 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 161.71.1.38 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ncg0-lhr3.um4-lo2.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:2470:: (United States) 2 redirects

ASN15169 (GOOGLE, US)

fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:46ab (United States)

ASN13335 (CLOUDFLARENET, US)

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.86.194 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 194.86.190.35.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.125.182 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 182.125.201.35.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.229.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 34.229.227.35.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d209 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.47.17 (Mountain View, United States)

ASN15169 (GOOGLE, US)

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.228.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.110.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.170.203.103 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

api.instacloud.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.110.36.212 (United States)

ASN14340 (SALESFORCE, US)

d.la4-c2-ph2.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f212:c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-lga3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.110.32.212 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl2-ncg0-iad3.la4-c2-ia2.salesforceliveagent.com

d.la4-c2-ia2.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	medterracbd.com 1 redirects medterracbd.com	3 MB
11	klaviyo.com static.klaviyo.com fast.a.klaviyo.com	181 KB
8	fullstory.com 2 redirects fullstory.com edge.fullstory.com rs.fullstory.com	118 KB
7	force.com service.force.com	32 KB
4	cdninstagram.com scontent-lga3-1.cdninstagram.com	76 KB
4	elfsight.com 1 redirects apps.elfsight.com static.elfsight.com	89 KB
4	bounceexchange.com tag.bounceexchange.com assets.bounceexchange.com api.bounceexchange.com	131 KB
3	salesforceliveagent.com d.la4-c2-ph2.salesforceliveagent.com d.la4-c2-ia2.salesforceliveagent.com	2 KB
3	cdnbasket.net data.cdnbasket.net page.cdnbasket.net view.cdnbasket.net	1 KB
3	doubleclick.net 3 redirects stats.g.doubleclick.net ad.doubleclick.net	1 KB
3	revoffers.com 1 redirects track.revoffers.com db.revoffers.com	4 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	pingdom.net rum-static.pingdom.net rum-collector-2.pingdom.net	3 KB
2	adsrvr.org js.adsrvr.org insight.adsrvr.org	2 KB
2	google.de www.google.de adservice.google.de	876 B
2	google.com 2 redirects www.google.com adservice.google.com	1 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	yimg.com s.yimg.com	7 KB
2	locker2.com pixel.locker2.com	824 B
2	googletagmanager.com www.googletagmanager.com	70 KB
1	instacloud.io api.instacloud.io	27 KB
1	cdnwidget.com ids.cdnwidget.com	174 B
1	cloudflare.com www.cloudflare.com	564 B
1	yahoo.com sp.analytics.yahoo.com	857 B
1	cloudfront.net d38xvr37kwwhcm.cloudfront.net	15 KB
1	purecbd.solutions 1 redirects mautic.purecbd.solutions	1 KB
132	26

	Domain	Requested by
71	medterracbd.com	1 redirects medterracbd.com
8	static.klaviyo.com	medterracbd.com static.klaviyo.com
7	service.force.com	medterracbd.com service.force.com
4	scontent-lga3-1.cdninstagram.com
4	rs.fullstory.com	edge.fullstory.com
3	fast.a.klaviyo.com	static.klaviyo.com
2	d.la4-c2-ph2.salesforceliveagent.com	service.force.com
2	assets.bounceexchange.com	tag.bounceexchange.com assets.bounceexchange.com
2	ad.doubleclick.net	2 redirects
2	edge.fullstory.com	medterracbd.com
2	fullstory.com	2 redirects
2	secure.adnxs.com	1 redirects medterracbd.com
2	db.revoffers.com	medterracbd.com db.revoffers.com
2	static.elfsight.com	medterracbd.com static.elfsight.com
2	apps.elfsight.com	1 redirects static.elfsight.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	s.yimg.com	medterracbd.com s.yimg.com
2	pixel.locker2.com	medterracbd.com
2	www.googletagmanager.com	medterracbd.com www.googletagmanager.com
1	d.la4-c2-ia2.salesforceliveagent.com	service.force.com
1	api.instacloud.io	static.elfsight.com
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	insight.adsrvr.org	js.adsrvr.org
1	ids.cdnwidget.com	assets.bounceexchange.com
1	www.cloudflare.com	d38xvr37kwwhcm.cloudfront.net
1	api.bounceexchange.com	assets.bounceexchange.com
1	view.cdnbasket.net	assets.bounceexchange.com
1	page.cdnbasket.net	assets.bounceexchange.com
1	data.cdnbasket.net	assets.bounceexchange.com
1	adservice.google.de	medterracbd.com
1	adservice.google.com	1 redirects
1	rum-static.pingdom.net	medterracbd.com
1	js.adsrvr.org	medterracbd.com
1	sp.analytics.yahoo.com	s.yimg.com
1	www.google.de	medterracbd.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	d38xvr37kwwhcm.cloudfront.net	medterracbd.com
1	tag.bounceexchange.com	medterracbd.com
1	track.revoffers.com	1 redirects
1	mautic.purecbd.solutions	1 redirects
132	41

This site contains links to these domains. Also see Links.

Domain
medterracbd.eu
medterracbd.co.uk
medterracbd.es
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
medterracbd.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
tag.bounceexchange.com Let's Encrypt Authority X3	`2020-06-02` - `2020-08-31`	3 months	crt.sh
www.locker2.com Amazon	`2019-11-04` - `2020-12-04`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-06` - `2020-09-20`	a month	crt.sh
www.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-03-04` - `2020-08-31`	6 months	crt.sh
elfsight.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
*.revoffers.com Amazon	`2020-01-01` - `2021-02-01`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.pingdom.net DigiCert SHA2 High Assurance Server CA	`2019-11-08` - `2021-01-19`	a year	crt.sh
static.klaviyo.com Let's Encrypt Authority X3	`2020-08-01` - `2020-10-30`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.um4.force.com DigiCert SHA2 Secure Server CA	`2020-05-11` - `2021-04-28`	a year	crt.sh
edge.fullstory.com GTS CA 1D2	`2020-07-01` - `2020-09-29`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.fullstory.com Let's Encrypt Authority X3	`2020-08-01` - `2020-10-30`	3 months	crt.sh
bounceexchange.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
*.cdnbasket.net Go Daddy Secure Certificate Authority - G2	`2019-07-29` - `2020-09-27`	a year	crt.sh
api.bounceexchange.com GTS CA 1D2	`2020-07-01` - `2020-09-29`	3 months	crt.sh
fast.a.klaviyo.com Let's Encrypt Authority X3	`2020-08-01` - `2020-10-30`	3 months	crt.sh
cloudflare.com DigiCert ECC Extended Validation Server CA	`2018-10-30` - `2020-11-03`	2 years	crt.sh
ids.cdnwidget.com GTS CA 1D2	`2020-08-09` - `2020-11-07`	3 months	crt.sh
api.instacloud.io Let's Encrypt Authority X3	`2020-06-12` - `2020-09-10`	3 months	crt.sh
la4-c2-ph2.salesforceliveagent.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-12-13`	2 years	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2020-07-09` - `2020-10-07`	3 months	crt.sh
la4-c2-ia2.salesforceliveagent.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-12-13`	2 years	crt.sh

This page contains 5 frames:

Primary Page: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
Frame ID: FB6D01F82851A960020D7A95E0756B73
Requests: 130 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame15.min.html
Frame ID: 0231A45D7BE3DFE1DD7F2FA946F17A22
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 5AE5608D88791C191CEAB262C1280B7C
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=8sb1yhy&ref=https%3A%2F%2Fmedterracbd.com%2F%3Fclx%3D9979320%26r%3D%26affid%3D5382%26subid1%3D1022e0a59a184fb9e0160762d149e8%26subid2%3D5175%26utm_source%3DRevOffers%26offer_id%3D88%26publisher_id%3D5175%26transaction_id%3D1022e0a59a184fb9e0160762d149e8%26disablebx%3D1&upid=76a8ja3&upv=1.1.0
Frame ID: 910D3D045CD84AF07BBF951F82B49343
Requests: 1 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
Frame ID: C1CC21327AC71BCD5D62A8295EC8657F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mautic.purecbd.solutions/r/609b7d1056f7d711fb014b873?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czoxNDoiY... HTTP 302
https://track.revoffers.com/aff_c?offer_id=88&aff_id=5175 HTTP 302
https://medterracbd.com/traffic?affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_sou... HTTP 302
https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175... Page URL

Detected technologies

Bounce Exchange (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

script /^https?:\/\/tag\.bounceexchange\.com\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

132
Requests

100 %
HTTPS

41 %
IPv6

26
Domains

41
Subdomains

33
IPs

8
Countries

3400 kB
Transfer

6095 kB
Size

4
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://medterracbd.eu/
Title: EU

Search URL Search Domain Scan URL

URL: https://medterracbd.co.uk/
Title: UK

Search URL Search Domain Scan URL

URL: https://medterracbd.es/
Title: ES

Search URL Search Domain Scan URL

URL: https://twitter.com/medterracbd
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MedterraCBD/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/medterracbd/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCusFSQiUvTCMh-rGIjZXJFQ
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CDwWaZAF97Q/
Title: 115 1 No mountain too high, no valley too low, no river too wide- conqueror anything in your path with the power of Vitamin C +CBD + Elderberry + Echinacea No mountain too high, no valley too low, no river too wide- conqueror anything in your path with the power of Vitamin C +CBD + Elderberry + Echinacea

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CDulsJgFsOC/
Title: 269 9 The greatest wealth is your health. How have you been taking care of yourself during these times? The greatest wealth is your health. How have you been taking care of yourself during these times?

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CDrWqubFXHv/
Title: 175 1 The daily pleasure of hydrated skin, and never chapped lips. CBD + Manuka honey helps to ensure dry, irritated skin is a thing of the past. The daily pleasure of hydrated skin, and never chapped lips. CBD + Manuka honey helps to ensure dry, irritated skin is a thing of the past.

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CDo5T4HFxQF/
Title: 146 6 Gearing up for a long ride this weekend? Don't let aches and pains slow you down. Medterra's pain cream is specially formulated with Arnica, Menthol, and CBD to quickly provide soothing relief. Gearing up for a long ride this weekend? Don't let aches and pains slow you down. Medterra's pain cream is specially formulated with Arnica, Menthol, and CBD to quickly provide soothing relief.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mautic.purecbd.solutions/r/609b7d1056f7d711fb014b873?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czoxNDoiY2FtcGFpZ24uZXZlbnQiO2k6MTtpOjUwNTt9czo1OiJlbWFpbCI7aTozNjtzOjQ6InN0YXQiO3M6MjI6IjVmMzMwODEwNjU2OWI2Mjg2NzkxMzkiO3M6NDoibGVhZCI7aToxNDc2MTE7czo3OiJjaGFubmVsIjthOjE6e3M6NToiZW1haWwiO2k6MzY7fX0%3D& HTTP 302
https://track.revoffers.com/aff_c?offer_id=88&aff_id=5175 HTTP 302
https://medterracbd.com/traffic?affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8 HTTP 302
https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=466428017&t=pageview&_s=1&dl=https%3A%2F%2Fmedterracbd.com%2F%3Fclx%3D9979320%26r%3D%26affid%3D5382%26subid1%3D1022e0a59a184fb9e0160762d149e8%26subid2%3D5175%26utm_source%3DRevOffers%26offer_id%3D88%26publisher_id%3D5175%26transaction_id%3D1022e0a59a184fb9e0160762d149e8%26disablebx%3D1&ul=en-us&de=UTF-8&dt=Medterra%20-%20Our%20CBD.%20Your%20Health%20%7C%20Buy%20CBD%20Oil%20%7C%2099%25%20Pure%20CBD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=577531476&gjid=998952196&cid=810722224.1597198330&tid=UA-99097531-2&_gid=322772673.1597198330&_r=1&gtm=2ou871&z=346867230 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-99097531-2&cid=810722224.1597198330&jid=577531476&_gid=322772673.1597198330&gjid=998952196&_v=j83&z=346867230 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-99097531-2&cid=810722224.1597198330&jid=577531476&_v=j83&z=346867230 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-99097531-2&cid=810722224.1597198330&jid=577531476&_v=j83&z=346867230&slf_rd=1&random=2784867436

Request Chain 42

https://apps.elfsight.com/p/platform.js HTTP 301
https://static.elfsight.com/platform/platform.js

Request Chain 55

https://secure.adnxs.com/seg?add=22012297&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22012297%26t%3D2

Request Chain 59

https://fullstory.com/s/fs.js HTTP 301
https://edge.fullstory.com/s/fs.js

Request Chain 62

https://ad.doubleclick.net/ddm/activity/src=10050053;type=counter;cat=medte0;u1=https://medterracbd.com/;u2=;u3=;u4=;u6=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2238983237889.01 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10050053;dc_pre=CMXGl7nLlOsCFc_pmgodAMoNTw;type=counter;cat=medte0;u1=https://medterracbd.com/;u2=;u3=;u4=;u6=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2238983237889.01 HTTP 302
https://adservice.google.com/ddm/fls/p/src=10050053;dc_pre=CMXGl7nLlOsCFc_pmgodAMoNTw;type=counter;cat=medte0;u1=https://medterracbd.com/;u2=;u3=;u4=;u6=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2238983237889.01;~oref=https://medterracbd.com/%3Fclx%3D9979320%26r%3D%26affid%3D5382%26subid1%3D1022e0a59a184fb9e0160762d149e8%26subid2%3D5175%26offer_id%3D88%26publisher_id%3D5175%26transaction_id%3D1022e0a59a184fb9e0160762d149e8%26disablebx%3D1 HTTP 302
https://adservice.google.de/ddm/fls/p/src=10050053;dc_pre=CMXGl7nLlOsCFc_pmgodAMoNTw;type=counter;cat=medte0;u1=https://medterracbd.com/;u2=;u3=;u4=;u6=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2238983237889.01;~oref=https://medterracbd.com/%3Fclx%3D9979320%26r%3D%26affid%3D5382%26subid1%3D1022e0a59a184fb9e0160762d149e8%26subid2%3D5175%26offer_id%3D88%26publisher_id%3D5175%26transaction_id%3D1022e0a59a184fb9e0160762d149e8%26disablebx%3D1

Request Chain 91

https://fullstory.com/s/fs.js HTTP 301
https://edge.fullstory.com/s/fs.js

132 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
medterracbd.com/
Redirect Chain

https://mautic.purecbd.solutions/r/609b7d1056f7d711fb014b873?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czoxNDoiY2FtcGFpZ24uZXZlbnQiO2k6MTtpOjUwNTt9czo1OiJlbWFpbCI7aTozNjtzOjQ6InN0YXQiO3M6MjI6IjVmMzMwO...
https://track.revoffers.com/aff_c?offer_id=88&aff_id=5175
https://medterracbd.com/traffic?affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8
https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8...

104 KB
26 KB

505ms
504ms

Document
text/html

2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9b8b931c2f95a5d6c569971b6bf5e8a9d57fc2ec1e876e3884ef0b645353cc77

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

:method: GET
:authority: medterracbd.com
:scheme: https
:path: /?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d000c9aa987bca1b3f6991dc8e0bd49a71597198329; ASPSESSIONIDAEBCCADA=AIJKBJDBOHNKOCPHMLIJDIKI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 12 Aug 2020 02:12:10 GMT
content-type: text/html
cache-control: private
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
x-frame-options: sameorigin
cf-cache-status: DYNAMIC
cf-request-id: 0482097f970000d6e50dacb200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c16ab78f82cd6e5-FRA
content-encoding: gzip

Redirect headers

status: 302
date: Wed, 12 Aug 2020 02:12:09 GMT
content-type: text/html
set-cookie: __cfduid=d000c9aa987bca1b3f6991dc8e0bd49a71597198329; expires=Fri, 11-Sep-20 02:12:09 GMT; path=/; domain=.medterracbd.com; HttpOnly; SameSite=Lax ASPSESSIONIDAEBCCADA=AIJKBJDBOHNKOCPHMLIJDIKI; secure; path=/
cache-control: private
location: /?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
x-frame-options: sameorigin
cf-cache-status: DYNAMIC
cf-request-id: 0482097d4a0000d6e50dabe200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c16ab754b71d6e5-FRA

GET
H2 200 home.css
medterracbd.com/assets/css/ 475 KB
54 KB 21ms
20ms Stylesheet
text/css 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/css/home.css

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

34ce49db75953a9698769b32c0058833e0d006433889d15764f720154099495e

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 21796
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820981940000d6e50dae0200000001
last-modified: Wed, 05 Aug 2020 14:36:46 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"89bda8d8356bd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab7c2bc6d6e5-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-99097531-2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c381e7ab59d0353b3510322fa99a95ca3b009863b8481f7f60b4c565ce2f26da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35686
x-xss-protection: 0
last-modified: Wed, 12 Aug 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Aug 2020 02:12:10 GMT

GET
H2 200 icon-cart.svg
medterracbd.com/assets/img/ 2 KB
838 B 20ms
20ms Image
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/icon-cart.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d30e7012b5eea996e5fae49486f171f7a9101f08f06183ff9ad99bd8f44778fe

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23287
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820981b10000d6e50dae1200000001
last-modified: Tue, 28 Jan 2020 02:22:01 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"fb549fb981d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab7c4bfad6e5-FRA

GET
H2 200 products-category-topicals.png
medterracbd.com/assets/img/products/ 48 KB
48 KB 16ms
12ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/products/products-category-topicals.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f35d4cd556e1dd3adee2e5a53d700b5e5e5637bafe43b38a043e2147f634627a

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="products-category-topicals.webp"
content-length: 49056
cf-request-id: 04820981c60000d6e50dae2200000001
last-modified: Fri, 12 Jun 2020 15:51:57 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "d4d6867d140d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=54910
accept-ranges: bytes
cf-ray: 5c16ab7c7c15d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 product-immune-boost.png
medterracbd.com/assets/img/products/ 96 KB
97 KB 27ms
23ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/products/product-immune-boost.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4509f303365b1d68b2d934756178a94f19be52d5dfcf3e32f7078ca3771a1d9b

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="product-immune-boost.webp"
content-length: 98774
cf-request-id: 04820981c60000d6e50dae3200000001
last-modified: Tue, 19 May 2020 21:49:11 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "ad2ebe54272ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=151073
accept-ranges: bytes
cf-ray: 5c16ab7c7c17d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 tinctures-all-broad-spectrum.png
medterracbd.com/assets/img/products/ 119 KB
119 KB 22ms
18ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/products/tinctures-all-broad-spectrum.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3dcb80f0b44c8b2ab03cc08b063e1f8b86c8f388f002dbcd4989960fc3f30055

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="tinctures-all-broad-spectrum.webp"
content-length: 121426
cf-request-id: 04820981c60000d6e50dae4200000001
last-modified: Thu, 21 May 2020 13:26:10 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "b1c51a64732fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=306374
accept-ranges: bytes
cf-ray: 5c16ab7c7c18d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 products-category-cbd.png
medterracbd.com/assets/img/products/ 76 KB
77 KB 20ms
17ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/products/products-category-cbd.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

54f755748521ee6043f0a877ce5dd5838b24511ac44a108967c97ea543de5c2a

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="products-category-cbd.webp"
content-length: 78078
cf-request-id: 04820981c60000d6e50dae5200000001
last-modified: Thu, 21 May 2020 13:26:09 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "da2d863732fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=240008
accept-ranges: bytes
cf-ray: 5c16ab7c7c19d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 products-category-gummies.png
medterracbd.com/assets/img/products/ 37 KB
38 KB 14ms
11ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/products/products-category-gummies.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

274eba0b3af25e87372447875881877526881be766c0368aa73793592d47ac57

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="products-category-gummies.webp"
content-length: 38348
cf-request-id: 04820981c60000d6e50dae6200000001
last-modified: Wed, 01 Apr 2020 04:18:20 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "e3bfca93dc7d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=41619
accept-ranges: bytes
cf-ray: 5c16ab7c7c1ad6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 products-category-wellness.png
medterracbd.com/assets/img/products/ 46 KB
47 KB 20ms
17ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/products/products-category-wellness.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e8f327b57620c846c692fa961a7a98c951ab982139fc48152bd9d2b6a864f645

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="products-category-wellness.webp"
content-length: 47536
cf-request-id: 04820981c60000d6e50dae7200000001
last-modified: Fri, 17 Apr 2020 18:44:10 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "6ddcb2ee814d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=51215
accept-ranges: bytes
cf-ray: 5c16ab7c7c1cd6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 i.js Show response
tag.bounceexchange.com/3908/ 14 KB
4 KB 173ms
132ms Script
text/plain 34.120.253.250
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.bounceexchange.com/3908/i.js
Requested by: Host: medterracbd.com
URL: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: fasthttp /
Resource Hash: e9f96f38a54ce0f2fcf89e0c2b27ed60d2d12bfaaa03f2c1e5975e48c1dbf736

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: gzip
server: fasthttp
age: 0
etag: 33b764047c4ca9
content-type: text/plain; charset=utf-8
status: 200
cache-control: public, max-age=60
x-region: us-central1
timing-allow-origin: *
alt-svc: clear
content-length: 4130
via: 1.1 google

GET
H2 200 FmJwpjpo4v6p2hNty.png
pixel.locker2.com/image/ 68 B
417 B 139ms
38ms Image
image/png 13.226.155.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.locker2.com/image/FmJwpjpo4v6p2hNty.png?cb=1597198330305
Requested by: Host: medterracbd.com
URL: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-9.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 19:12:40 GMT
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
last-modified: Fri, 13 Mar 2020 19:06:24 GMT
server: AmazonS3
age: 197971
etag: "e679fbd466a2d656f194a5da4fa083cd"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 68
x-amz-cf-id: yGSjzfxC4nj9BiNL5VJLVPYr6EcgFR68L04JdW0VhiIbQjoQppXrTQ==

GET
H2 200 grin-sdk.js Show response
d38xvr37kwwhcm.cloudfront.net/js/ 44 KB
15 KB 50ms
11ms Script
application/javascript 2600:9000:2182:f600:15:decf:f580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38xvr37kwwhcm.cloudfront.net/js/grin-sdk.js
Requested by: Host: medterracbd.com
URL: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:f600:15:decf:f580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7eccadc4f7eb2edc79bd5a6da2ee9e6ede27d95f993aa90855268cc5178649f0

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 12:50:14 GMT
content-encoding: gzip
last-modified: Thu, 11 Jun 2020 23:30:13 GMT
server: AmazonS3
age: 48117
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: k8J-jKFGChjqiM1vhLPFkKtKmr-qvRT1C8gU_CvlkG7GDJbD8EQFkA==
via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 51ms
17ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

88cf2c9a4c4bcef2aa64fb6ea0f337f78e9a7dc61d87993441369fa5cb429d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 01:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1807
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
x-amz-request-id: 3BF4E6B6CA8DF845
x-amz-id-2: RjczDGvcrYLL6dCIgWKG7S1wa0jYY6MikGKn+U615mZ9xHndaQx83FfLxh2r0KRC3fBVHByeUYA=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 16 Sep 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 11 Aug 2020 09:21:22 GMT
server: ATS
etag: "4af30fdfb3f25202fae672877237b12e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: v0T4VwTcSKojm0k.rRPUA2jezlg4p0ZC
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 Gotham-Black.woff2
medterracbd.com/assets/fonts/ 19 KB
19 KB 14ms
13ms Font
application/font-woff2 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/fonts/Gotham-Black.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9a2dff1f5f489215aece13dd0ba4dc293139a54206cd66cdd41f58d4758f0e4d

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://medterracbd.com/assets/css/home.css
Origin: https://medterracbd.com

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-length: 19484
cf-request-id: 04820981ca0000d6e50dae8200000001
last-modified: Tue, 28 Jan 2020 02:21:43 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "d561b9ae81d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5c16ab7c7c25d6e5-FRA

GET
H2 200 BwSurco-Regular.woff2
medterracbd.com/assets/fonts/ 35 KB
36 KB 20ms
19ms Font
application/font-woff2 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/fonts/BwSurco-Regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a283dc4d55bc6b2d5219b839a6b86d5f2f177dcae9276df69a0c99bf1ce8c719

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://medterracbd.com/assets/css/home.css
Origin: https://medterracbd.com

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-length: 36292
cf-request-id: 04820981cb0000d6e50dae9200000001
last-modified: Tue, 28 Jan 2020 02:21:43 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "bb87a1ae81d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5c16ab7c7c26d6e5-FRA

GET
H2 200 BwSurco-Bold.woff2
medterracbd.com/assets/fonts/ 36 KB
36 KB 19ms
18ms Font
application/font-woff2 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/fonts/BwSurco-Bold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

62684fe09ad46d148a402d8b9d4e0849a5020ccb39cafaf3ac08c24b73bdcdea

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://medterracbd.com/assets/css/home.css
Origin: https://medterracbd.com

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-length: 36720
cf-request-id: 04820981cb0000d6e50daea200000001
last-modified: Tue, 28 Jan 2020 02:21:43 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "a3ae84ae81d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5c16ab7c7c27d6e5-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-99097531-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3390
date: Wed, 12 Aug 2020 01:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Wed, 12 Aug 2020 03:15:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9847290&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-99097531-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35e513686d2085229337dfcaf31358dfb769c5b70349a084ef75021132c1bb62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35670
x-xss-protection: 0
last-modified: Wed, 12 Aug 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Aug 2020 02:12:10 GMT

GET
H2 200 10114731.json Show response
s.yimg.com/wi/config/ 2 B
495 B 151ms
119ms XHR
application/json 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10114731.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: A17450F79C26CB0F
x-amz-id-2: d+ab0H6UPMbZT4Y5dJND6jGb8VZV5rqpL39/xRuNw1xhsIkYO8h+OyI3Ea92J8vY0RkORMc6pJA=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=466428017&t=pageview&_s=1&dl=https%3A%2F%2Fmedterracbd.com%2F%3Fclx%3D9979320%26r%3D%26affid%3D5382%26subid1%3D1022e0a59a184fb9e0160762d149e8...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-99097531-2&cid=810722224.1597198330&jid=577531476&_gid=322772673.1597198330&gjid=998952196&_v=j83&z=346867230
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-99097531-2&cid=810722224.1597198330&jid=577531476&_v=j83&z=346867230
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-99097531-2&cid=810722224.1597198330&jid=577531476&_v=j83&z=346867230&slf_rd=1&random=2784867436

42 B
106 B

17ms
17ms

Image
image/gif

2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-99097531-2&cid=810722224.1597198330&jid=577531476&_v=j83&z=346867230&slf_rd=1&random=2784867436

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-99097531-2&cid=810722224.1597198330&jid=577531476&_v=j83&z=346867230&slf_rd=1&random=2784867436
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flag-us.png
medterracbd.com/assets/img/ 108 B
327 B 14ms
10ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/flag-us.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e975b2057320cdad76b1a2edbc639622f6f551ee01f91408182422f2e401a234

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="flag-us.webp"
content-length: 108
cf-request-id: 04820982880000d6e50daf8200000001
last-modified: Tue, 18 Feb 2020 17:03:03 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "ae283f487de6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=1862
accept-ranges: bytes
cf-ray: 5c16ab7dad76d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 flag-eu.png
medterracbd.com/assets/img/ 464 B
727 B 16ms
13ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/flag-eu.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9692541342f0ac243821215beab6cdd504e3348404b874d534d6a76a3149b6b4

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="flag-eu.webp"
content-length: 464
cf-request-id: 04820982880000d6e50daf9200000001
last-modified: Tue, 18 Feb 2020 17:03:03 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "a2b329487de6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=774
accept-ranges: bytes
cf-ray: 5c16ab7dad78d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 flag-uk.png
medterracbd.com/assets/img/ 1 KB
1 KB 14ms
12ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/flag-uk.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

422c45843a04e9a2cfe7986e66526533da72151cd96984fe834ad3762cdbf05d

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="flag-uk.webp"
content-length: 1154
cf-request-id: 04820982880000d6e50dafa200000001
last-modified: Tue, 18 Feb 2020 17:03:03 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "d43c33487de6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=2674
accept-ranges: bytes
cf-ray: 5c16ab7dad79d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 flag-es.png
medterracbd.com/assets/img/ 552 B
707 B 14ms
11ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/flag-es.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

122d22f1afee8389e9606ae12bd4a9c47877dfb30b190e0882dcab64a7b3cfa7

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="flag-es.webp"
content-length: 552
cf-request-id: 04820982880000d6e50dafb200000001
last-modified: Tue, 18 Feb 2020 17:03:03 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "45661b487de6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=569
accept-ranges: bytes
cf-ray: 5c16ab7dad7bd6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 flag-in.png
medterracbd.com/assets/img/ 290 B
467 B 14ms
12ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/flag-in.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

94418a72b29d3925bfe359619e4a812fe0503fd7c44431f90ffc46052b50e522

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="flag-in.webp"
content-length: 290
cf-request-id: 04820982890000d6e50dafc200000001
last-modified: Wed, 24 Jun 2020 19:45:13 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "d99355fa5f4ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=1193
accept-ranges: bytes
cf-ray: 5c16ab7dad7cd6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 products-left-lockin.png
medterracbd.com/assets/img/banners/ 136 KB
136 KB 17ms
15ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/banners/products-left-lockin.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2914163b37f2b0786a0ce2dd8c4f6a7ebb1909dd89788641e0ef8591223f19ae

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="products-left-lockin.webp"
content-length: 139380
cf-request-id: 04820982890000d6e50dafd200000001
last-modified: Wed, 05 Aug 2020 14:36:48 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "d0c599d9356bd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=214038
accept-ranges: bytes
cf-ray: 5c16ab7dad7dd6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 lock-in-text-left.png
medterracbd.com/assets/img/banners/ 9 KB
9 KB 16ms
14ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/banners/lock-in-text-left.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3afecf35586d959fcdc2e6e74b228119f478dd2c0c5218f54e30cfc991943919

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 21796
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="lock-in-text-left.webp"
content-length: 8734
cf-request-id: 04820982890000d6e50dafe200000001
last-modified: Wed, 05 Aug 2020 14:36:47 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "77b443d9356bd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=20407
accept-ranges: bytes
cf-ray: 5c16ab7dad80d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 checkmark_purple.png
medterracbd.com/assets/img/banners/ 250 B
481 B 16ms
14ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/banners/checkmark_purple.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b1a6618545dd413dfa8641bc3c6c971c79c3fd4ba06f714e613824092204baaf

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="checkmark_purple.webp"
content-length: 250
cf-request-id: 04820982890000d6e50daff200000001
last-modified: Wed, 05 Aug 2020 04:55:59 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "a116db6e46ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=692
accept-ranges: bytes
cf-ray: 5c16ab7dad81d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 email-decode.min.js Show response
medterracbd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 9ms
8ms Script
application/javascript 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 05 Aug 2020 10:00:12 GMT
server: cloudflare
etag: W/"5f2a832c-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5c16ab7dad75d6e5-FRA
cf-request-id: 04820982880000d6e50daf7200000001
expires: Fri, 14 Aug 2020 02:12:10 GMT

GET
H2 200 about-us-home.png
medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/ 379 KB
379 KB 26ms
25ms Image
image/png 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/about-us-home.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c64bc5842c528a5328f2f9f99aef3526e7f3dca8665e8bb3ccc553ec8f94230b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 387632
cf-request-id: 04820982890000d6e50db00200000001
last-modified: Thu, 21 May 2020 13:25:57 GMT
server: cloudflare
etag: "cfrRiczfjNFVd44GjEkA9fkg:43ce9e5c732fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: cf-int-resize, x-forwarded-proto, Accept-Encoding
content-type: image/png
cache-control: max-age=691200
cf-resized: internal=ok/e t=1.330 v=2020.8.1
accept-ranges: bytes
cf-ray: 5c16ab7dad82d6e5-FRA

GET
DATA 200
OK truncated
/ 277 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09dda99a7a47da217aa15c9010563a672854696376a050ccfe0bcd14ac85898f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 ATCArquette-Bold.woff2
medterracbd.com/assets/fonts/ 18 KB
19 KB 13ms
12ms Font
application/font-woff2 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/fonts/ATCArquette-Bold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

901676e14a08412c46378639c83ebfcd79e47493871ded2e1935362b315bf8d7

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://medterracbd.com/assets/css/home.css
Origin: https://medterracbd.com

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-length: 18816
cf-request-id: 048209828d0000d6e50db01200000001
last-modified: Wed, 01 Apr 2020 04:03:34 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "d131be83da7d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5c16ab7dad8bd6e5-FRA

GET
H2 200 BwSurco-Black.woff2
medterracbd.com/assets/fonts/ 35 KB
35 KB 13ms
13ms Font
application/font-woff2 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/fonts/BwSurco-Black.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2247249bfd8591e232e845dc0f048fba952adb0482e79e07d13135f04a98f998

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://medterracbd.com/assets/css/home.css
Origin: https://medterracbd.com

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 13727
x-powered-by: ASP.NET
status: 200
content-length: 35896
cf-request-id: 048209828d0000d6e50db02200000001
last-modified: Tue, 28 Jan 2020 02:21:43 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "1ab165ae81d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5c16ab7dad8cd6e5-FRA

GET
H2 200 texture-bg-about-us.png
medterracbd.com/assets/img/ 8 KB
9 KB 515ms
514ms Image
image/png 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/texture-bg-about-us.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e2a087223a9ecb783a975e9cc8bd1456a2a81e53973f67c8eebea5287b12c181

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/assets/css/home.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
cf-cache-status: EXPIRED
x-powered-by: ASP.NET
status: 200
content-length: 8621
cf-request-id: 04820982af0000d6e50db05200000001
last-modified: Tue, 28 Jan 2020 02:22:18 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "1d6b0c381d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5c16ab7dedecd6e5-FRA

GET
H2 200 products-home-bg.jpg
medterracbd.com/assets/img/ 127 KB
127 KB 774ms
774ms Image
image/jpeg 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/products-home-bg.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b2767f1177ebc12209e40382d7be09c94e93f73ddc74c3370277c5c2b8f77913

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/assets/css/home.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
cf-cache-status: EXPIRED
x-powered-by: ASP.NET
status: 200
content-length: 129594
cf-request-id: 04820982b20000d6e50db06200000001
last-modified: Tue, 28 Jan 2020 02:22:15 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "9f299fc181d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5c16ab7dedf5d6e5-FRA

GET
H2 200 texture-bg-testimonials.png
medterracbd.com/assets/img/ 13 KB
14 KB 15ms
15ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/texture-bg-testimonials.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6ac6ecb5f26e0953f551059ebc72636703e1c1680bce4d1942394348f7a2415d

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/assets/css/home.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 21795
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="texture-bg-testimonials.webp"
content-length: 13728
cf-request-id: 04820982b20000d6e50db07200000001
last-modified: Tue, 28 Jan 2020 02:22:18 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "c473cdc381d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=16418
accept-ranges: bytes
cf-ray: 5c16ab7dedf6d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK sp.pl Show response
sp.analytics.yahoo.com/ 0
857 B 146ms
49ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2012%20Aug%202020%2002%3A12%3A10%20GMT&n=-2d&b=Medterra%20-%20Our%20CBD.%20Your%20Health%20%7C%20Buy%20CBD%20Oil%20%7C%2099%25%20Pure%20CBD&.yp=10114731&f=https%3A%2F%2Fmedterracbd.com%2F%3Fclx%3D9979320%26r%3D%26affid%3D5382%26subid1%3D1022e0a59a184fb9e0160762d149e8%26subid2%3D5175%26utm_source%3DRevOffers%26offer_id%3D88%26publisher_id%3D5175%26transaction_id%3D1022e0a59a184fb9e0160762d149e8%26disablebx%3D1&enc=UTF-8&tagmgr=gtm

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 02:12:10 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 12 Aug 2020 02:12:10 GMT

GET
H2 200 advisory-bg.png
medterracbd.com/assets/img/ 140 KB
140 KB 19ms
12ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/advisory-bg.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

1504c98200fc05eb7a36a41ff6d452a88dc9c7ece3b34eb9c75aedcb9b08d495

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 21796
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="advisory-bg.webp"
content-length: 143008
cf-request-id: 04820983030000d6e50db0a200000001
last-modified: Thu, 21 May 2020 13:25:57 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "43ce9e5c732fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=233260
accept-ranges: bytes
cf-ray: 5c16ab7e6e73d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 icon-angle-left.svg
medterracbd.com/assets/img/ 445 B
423 B 23ms
16ms Image
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/icon-angle-left.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bf0b32df4be99bbc695c3acdfe3a42978076495a8f568443734bbdd4f82c143e

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 21796
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820983030000d6e50db0b200000001
last-modified: Tue, 28 Jan 2020 02:22:01 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"70f25eb981d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab7e6e74d6e5-FRA

GET
H2 200 icon-angle-right.svg
medterracbd.com/assets/img/ 447 B
494 B 18ms
11ms Image
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/icon-angle-right.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

194eca316cb806bb52f8e342e7d2abfc7090294a8ad3f646d7592574ea70534e

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 21796
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820983030000d6e50db0c200000001
last-modified: Tue, 28 Jan 2020 02:22:01 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"511a66b981d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab7e6e75d6e5-FRA

GET
H2 200 icon-up.svg
medterracbd.com/assets/img/ 853 B
669 B 19ms
12ms Image
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/icon-up.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

52d75a810549cec837c2476eb8c9f393ad29383b8d17ce90a5c143bca016215e

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820983030000d6e50db0d200000001
last-modified: Tue, 28 Jan 2020 02:22:05 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"37a58fbb81d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab7e6e76d6e5-FRA

GET
H2 200 product-home-bottom.png
medterracbd.com/assets/img/ 100 KB
100 KB 23ms
16ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/product-home-bottom.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

5817c21283051e5ffdbda9384b2725ff8c5a0bfc43d66b18bfaf140969c507a8

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 21796
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="product-home-bottom.webp"
content-length: 102462
cf-request-id: 04820983030000d6e50db0e200000001
last-modified: Tue, 28 Jan 2020 02:22:14 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "4a452ac181d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=106977
accept-ranges: bytes
cf-ray: 5c16ab7e6e77d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2

200

platform.js Show response
static.elfsight.com/platform/
Redirect Chain

https://apps.elfsight.com/p/platform.js
https://static.elfsight.com/platform/platform.js

46 KB
15 KB

33ms
19ms

Script
application/javascript

2606:4700:20::681a:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/platform/platform.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:66b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e72ad302f1a6695fd18142d75e36e4af409b61e71343a855fbb732fde7274b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 2697
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: tx000000000000015962a94-005f32b8cb-bd9722-sfo2a
cf-request-id: 048209834200001f4d22bf1200000001
last-modified: Tue, 11 Aug 2020 07:58:12 GMT
server: cloudflare
etag: W/"c6a9142c7bb57af96198752a81f14a2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
cf-ray: 5c16ab7ede801f4d-FRA

Redirect headers

date: Wed, 12 Aug 2020 02:12:10 GMT
server: cloudflare
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://static.elfsight.com/platform/platform.js
cache-control: max-age=3600
strict-transport-security: max-age=0
cf-ray: 5c16ab7e9e291f4d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 048209831a00001f4d22bee200000001
expires: Wed, 12 Aug 2020 03:12:10 GMT

GET
H2 200 hemp-authority.png
medterracbd.com/assets/img/ 3 KB
3 KB 25ms
19ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/hemp-authority.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

068ede3ed6afbc80fdce29338161d0f7388ad000831ba1ccd3f23a4a0035b7b0

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="hemp-authority.webp"
content-length: 3328
cf-request-id: 04820983030000d6e50db0f200000001
last-modified: Tue, 28 Jan 2020 02:22:00 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "2a3a9b881d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=4617
accept-ranges: bytes
cf-ray: 5c16ab7e6e78d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 icon-mastercard.png
medterracbd.com/assets/img/ 850 B
1 KB 16ms
10ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/icon-mastercard.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b0eb52d278fd98dad941df7235face340e698e01a540b6692cbb4338be0d5dd2

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="icon-mastercard.webp"
content-length: 850
cf-request-id: 04820983030000d6e50db10200000001
last-modified: Tue, 28 Jan 2020 02:22:03 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "7154bbba81d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=1109
accept-ranges: bytes
cf-ray: 5c16ab7e6e79d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 icon-visa.png
medterracbd.com/assets/img/ 512 B
672 B 19ms
13ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/icon-visa.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

63e665bb76c4d50f7acc657482c92b6d65489e9bd7a89ec2a4e8192486fdfef8

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="icon-visa.webp"
content-length: 512
cf-request-id: 04820983030000d6e50db11200000001
last-modified: Tue, 28 Jan 2020 02:22:05 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "7aa4cdbb81d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=739
accept-ranges: bytes
cf-ray: 5c16ab7e6e7ad6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 icon-discover.png
medterracbd.com/assets/img/ 494 B
676 B 18ms
12ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/icon-discover.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d213aa6f89c67b2392d9ef7cdb9f68a518552a3f8816bb9474eb21e871d5d59d

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="icon-discover.webp"
content-length: 494
cf-request-id: 04820983030000d6e50db12200000001
last-modified: Tue, 28 Jan 2020 02:22:02 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "90d8f2b981d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=689
accept-ranges: bytes
cf-ray: 5c16ab7e6e7cd6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 icon-amex.png
medterracbd.com/assets/img/ 426 B
614 B 20ms
15ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/icon-amex.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2ea632bc0756a94e6526a50ca39552b4ca9434475d12620ba2f42a47cd8fd221

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="icon-amex.webp"
content-length: 426
cf-request-id: 04820983030000d6e50db13200000001
last-modified: Tue, 28 Jan 2020 02:22:01 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "12a450b981d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=634
accept-ranges: bytes
cf-ray: 5c16ab7e6e7dd6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 icon-lobby.svg
medterracbd.com/assets/img/ 1 KB
486 B 20ms
15ms Image
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/icon-lobby.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f9275855d9ae4c0a8c5331532d8af9476dc02f1e19f5cf4f71b2a2ccea14a027

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820983030000d6e50db14200000001
last-modified: Tue, 28 Jan 2020 02:22:03 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"d76990ba81d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab7e6e7ed6e5-FRA

GET
H2 200 icon-phone.svg
medterracbd.com/assets/img/ 659 B
557 B 18ms
13ms Image
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/icon-phone.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e0117aad9bed3888498ac20e69fe89ad5984f238da7d8bc561e4fe6aff413600

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820983030000d6e50db15200000001
last-modified: Tue, 28 Jan 2020 02:22:04 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"d0db2bb81d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab7e6e7fd6e5-FRA

GET
H2 200 _track.js Show response
db.revoffers.com/ 4 KB
2 KB 167ms
41ms Script
application/javascript 13.226.155.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://db.revoffers.com/_track.js
Requested by: Host: medterracbd.com
URL: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.20 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-20.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 573da9ed2ea1a22bf29ddf01590cb88c132ca545f3e9de502f470b9f9965bcc0

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 15:50:05 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 18:35:20 GMT
server: AmazonS3
age: 37326
etag: W/"d11c1e380ca9eb3864001ef40393410c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: _jsMEhfJvqX3ZcROdehXbx5j3leG2Q.p
status: 200
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: -6ULkNPzkSoAElBTNjoc61Y21sDtXOKQ1V_4vvlAhUrrfT6uhssZwQ==
via: 1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)

GET
H2 200 FmJwpjpo4v6p2hNty.png
pixel.locker2.com/image/ 68 B
407 B 42ms
38ms Image
image/png 13.226.155.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.locker2.com/image/FmJwpjpo4v6p2hNty.png
Requested by: Host: medterracbd.com
URL: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-9.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 19:12:40 GMT
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
last-modified: Fri, 13 Mar 2020 19:06:24 GMT
server: AmazonS3
age: 197971
etag: "e679fbd466a2d656f194a5da4fa083cd"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 68
x-amz-cf-id: mEjhzwVVKktgYP4NTxnbfCdxh7T4vSWl01g8l1lfmfa0YmYWJc2PPA==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 164ms
37ms Script
application/x-javascript 13.226.146.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: medterracbd.com
URL: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.146.155 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-155.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 11 Aug 2020 13:51:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jan 2020 19:16:48 GMT
Server: AmazonS3
Age: 44457
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: NBpcoOMwYjcmx3vo0TmPpnoniu5e7Nyj4psQweywUEePY37NpK8r0w==

GET
H2 200 pa-5e9cf34011c070000800092c.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 148ms
122ms Script
application/javascript 2606:4700:10::6814:14ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5e9cf34011c070000800092c.js
Requested by: Host: medterracbd.com
URL: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:14ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002a865da40d933ca8ecf7a282f2124fce44856bb2c3cc2e323a6a12d3017fd5

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 13 May 2020 13:49:07 GMT
server: cloudflare
status: 200
etag: W/"5ebbfad3-1889"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 5c16ab7e888605f9-FRA
cf-request-id: 0482098319000005f9ba313200000001
expires: Wed, 12 Aug 2020 02:17:10 GMT

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 36 KB
11 KB 541ms
488ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=HSutKw
Requested by: Host: medterracbd.com
URL: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3db73066101527e14d9b017db8bfb2ed63877f0e6e3acc55328e9f27f8fb5792

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 4WTqkbpuaekYuAGi.hOBL1gEUpayN8Ys
content-encoding: gzip
etag: "e00cd476cfb17d02ff99196f12b35045"
age: 0
x-cache: MISS
status: 200
content-length: 10981
x-amz-id-2: edjNMavgTVKDFcIOX+1KfxK2Ng9cZ6ExXhkyJl02o/gMtu+1ViuCGwolzTBjfTQYNN0364cmiJc=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 11 Aug 2020 20:01:36 GMT
server: AmazonS3
date: Wed, 12 Aug 2020 02:12:11 GMT
vary: Accept-Encoding
x-amz-request-id: B6571EAAC5D1496D
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes
content-type: application/x-javascript
x-cache-hits: 0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=22012297&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22012297%26t%3D2

43 B
1 KB

38ms
37ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22012297%26t%3D2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Aug 2020 02:12:10 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.72:80
AN-X-Request-Uuid: d02eca97-7146-4192-8559-1567465d05f5
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 Aug 2020 02:12:10 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.56:80
AN-X-Request-Uuid: fe96d37e-af64-484c-9bf4-664d87b86364
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22012297%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ 32 KB
10 KB 189ms
37ms Script
application/x-javascript 161.71.1.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

671743307e1b1a0e7977f0584785502d07b87c15e694c82883ae3f519abeed3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 11 Aug 2020 22:04:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-B3-TraceId: cad827bf1fc10a6b
Age: 14871
Content-Length: 8858
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 30 Apr 2020 16:55:40 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-B3-SpanId: cad827bf1fc10a6b
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
X-B3-Sampled: 0
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Wed, 12 Aug 2020 22:04:19 GMT

GET
H2 200 framework-functions-minified.js Show response
medterracbd.com/assets/js/m/ 456 KB
139 KB 19ms
16ms Script
application/javascript 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/js/m/framework-functions-minified.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bbea7bb25b667945a6046b0985da43f1ae856fd2bd461e9a891f0f6609fe4d0a

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 21796
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820983030000d6e50db09200000001
last-modified: Thu, 02 Jul 2020 21:43:09 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"a585ec7b950d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab7e6e72d6e5-FRA

GET
H2 200 home.js Show response
medterracbd.com/assets/js/m/ 4 KB
2 KB 17ms
14ms Script
application/javascript 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/js/m/home.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f098ac0e1d537f2b32c1d4ad28bdb2e1cc99638ea06d4d456f292cd23bdc89cc

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 21796
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820983030000d6e50db16200000001
last-modified: Tue, 30 Jun 2020 19:29:34 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"5186dec8144fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab7e6e80d6e5-FRA

GET
H2

200

fs.js Show response
edge.fullstory.com/s/
Redirect Chain

https://fullstory.com/s/fs.js
https://edge.fullstory.com/s/fs.js

194 KB
58 KB

59ms
19ms

Script
application/javascript

35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: medterracbd.com
URL: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 004c25401356741a14f4f8072d40a82a390cb7817f9dc6aa0fd6aa9f6af2e883

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:09:31 GMT
content-encoding: gzip
age: 159
x-guploader-uploadid: AAANsUkLNWqH3Cv1Qe_yiwVGyNLesnWMIpoWhWnTCHqjBW33z6e_S8bXLLI5bUnJWgxYTdM9Zcfy8oNwuHQFkr44XKTtfXRUdw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 59132
last-modified: Mon, 20 Jul 2020 13:45:06 GMT
server: UploadServer
etag: "5b707bb292e63f1c6e4c92c0a9429e40"
x-goog-hash: crc32c=7OPr5w==, md5=W3B7spLmPxxuTJLAqUKeQA==
x-goog-generation: 1595252706198059
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=600,no-transform
x-goog-stored-content-length: 59132
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 12 Aug 2020 02:19:31 GMT

Redirect headers

date: Mon, 13 Jul 2020 23:45:04 GMT
via: 1.1 google
age: 2514426
status: 301
location: https://edge.fullstory.com/s/fs.js
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 textures-top-right.png
medterracbd.com/assets/img/ 13 KB
13 KB 471ms
471ms Image
image/png 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/textures-top-right.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

57a20f7215e57658489a161cef273e2778b82ae1594dd7935133156500957c86

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/assets/css/home.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
cf-cache-status: EXPIRED
x-powered-by: ASP.NET
status: 200
content-length: 13176
cf-request-id: 048209830b0000d6e50db17200000001
last-modified: Tue, 28 Jan 2020 02:22:19 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "31e61c481d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5c16ab7e7e8bd6e5-FRA

GET
H2 200 shadow-top.png
medterracbd.com/assets/img/ 88 B
272 B 12ms
12ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/shadow-top.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

1abf6e7646203786c999996703d6ed56ad61ce40a34f692745213feac11f4f99

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/assets/css/home.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23285
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="shadow-top.webp"
content-length: 88
cf-request-id: 048209830b0000d6e50db18200000001
last-modified: Tue, 28 Jan 2020 02:22:16 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "c26f84c281d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=150
accept-ranges: bytes
cf-ray: 5c16ab7e7e8dd6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2

200

%3Fclx%3D9979320%26r%3D%26affid%3D5382%26subid1%3D1022e0a59a184fb9e0160762d149e8%26subid2%3D5175%26offer_id%3D88%26publisher_id%3D5175%26transaction_id%3D1022e0a59a184fb9e0160762d149e8%26disablebx%3D1
adservice.google.de/ddm/fls/p/src=10050053;dc_pre=CMXGl7nLlOsCFc_pmgodAMoNTw;type=counter;cat=medte0;u1=https://medterracbd.com/;u2=;u3=;u4=;u6=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;t...
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=10050053;type=counter;cat=medte0;u1=https://medterracbd.com/;u2=;u3=;u4=;u6=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2238983237...
https://ad.doubleclick.net/ddm/activity/src=10050053;dc_pre=CMXGl7nLlOsCFc_pmgodAMoNTw;type=counter;cat=medte0;u1=https://medterracbd.com/;u2=;u3=;u4=;u6=;dc_lat=;dc_rdid=;tag_for_child_directed_tr...
https://adservice.google.com/ddm/fls/p/src=10050053;dc_pre=CMXGl7nLlOsCFc_pmgodAMoNTw;type=counter;cat=medte0;u1=https://medterracbd.com/;u2=;u3=;u4=;u6=;dc_lat=;dc_rdid=;tag_for_child_directed_tre...
https://adservice.google.de/ddm/fls/p/src=10050053;dc_pre=CMXGl7nLlOsCFc_pmgodAMoNTw;type=counter;cat=medte0;u1=https://medterracbd.com/;u2=;u3=;u4=;u6=;dc_lat=;dc_rdid=;tag_for_child_directed_trea...

42 B
770 B

67ms
43ms

Image
image/gif

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/src=10050053;dc_pre=CMXGl7nLlOsCFc_pmgodAMoNTw;type=counter;cat=medte0;u1=https://medterracbd.com/;u2=;u3=;u4=;u6=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2238983237889.01;~oref=https://medterracbd.com/%3Fclx%3D9979320%26r%3D%26affid%3D5382%26subid1%3D1022e0a59a184fb9e0160762d149e8%26subid2%3D5175%26offer_id%3D88%26publisher_id%3D5175%26transaction_id%3D1022e0a59a184fb9e0160762d149e8%26disablebx%3D1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 02:12:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Aug 2020 02:12:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://adservice.google.de/ddm/fls/p/src=10050053;dc_pre=CMXGl7nLlOsCFc_pmgodAMoNTw;type=counter;cat=medte0;u1=https://medterracbd.com/;u2=;u3=;u4=;u6=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2238983237889.01;~oref=https://medterracbd.com/%3Fclx%3D9979320%26r%3D%26affid%3D5382%26subid1%3D1022e0a59a184fb9e0160762d149e8%26subid2%3D5175%26offer_id%3D88%26publisher_id%3D5175%26transaction_id%3D1022e0a59a184fb9e0160762d149e8%26disablebx%3D1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 863 B
618 B 359ms
321ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: f5b2ff36f5d49d816e21a5fcbbe24389b63709ee1ad1310a8fda28a7af22e51e

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://medterracbd.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 460
via: 1.1 google

GET
H/1.1 200
OK common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 2 KB
2 KB 37ms
37ms Script
application/x-javascript 161.71.1.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

9a1101cb67eab5cb68b9aa61b99b5c85e809bd9fe831415371a2d2026efa9448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 11 Aug 2020 23:54:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-B3-TraceId: 577c7fa3a578fa5d
Age: 8249
Content-Length: 832
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sat, 22 Feb 2020 01:39:44 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-B3-SpanId: 577c7fa3a578fa5d
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
X-B3-Sampled: 0
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Wed, 12 Aug 2020 23:54:41 GMT

GET
H2 200 alana.jpg
medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/athletes/ 61 KB
61 KB 24ms
21ms Image
image/jpeg 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/athletes/alana.jpg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7606f8869bfc5f2208e5f277475818c42798c91e12f47c00558953de9f0e4765

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 62604
cf-request-id: 048209840d0000d6e50db22200000001
last-modified: Tue, 28 Jan 2020 02:24:23 GMT
server: cloudflare
etag: "cfe-9e3usqzwWjuPsOXOlpNw:23541ee82d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: cf-int-resize, x-forwarded-proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
cf-resized: internal=ok/e t=0.866 v=2020.8.1
accept-ranges: bytes
cf-ray: 5c16ab801848d6e5-FRA

GET
H2 200 chris.jpg
medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/athletes/ 49 KB
49 KB 20ms
17ms Image
image/jpeg 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/athletes/chris.jpg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e935d04531241874700aa25f80e26b19e2e4df44705342aac6ff7c8c4358e738

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 50016
cf-request-id: 048209840d0000d6e50db23200000001
last-modified: Tue, 28 Jan 2020 02:24:23 GMT
server: cloudflare
etag: "cfJr3V2z6z-dV7JVV_SjTMvA:97a44e82d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: cf-int-resize, x-forwarded-proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
cf-resized: internal=ok/e t=0.943 v=2020.8.1
accept-ranges: bytes
cf-ray: 5c16ab801849d6e5-FRA

GET
H2 200 justin.jpg
medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/athletes/ 36 KB
36 KB 23ms
20ms Image
image/jpeg 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/athletes/justin.jpg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45fd3174c45f1d456cab3dd3a8b163b434a0ceb0c97bf170c09750d0499583ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 36783
cf-request-id: 048209840d0000d6e50db24200000001
last-modified: Tue, 28 Jan 2020 02:24:24 GMT
server: cloudflare
etag: "cfWSBCSDW_4tYEgWz6ZNdFvQ:e21661e82d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: cf-int-resize, x-forwarded-proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
cf-resized: internal=ok/h t=0.042 v=2020.8.1
accept-ranges: bytes
cf-ray: 5c16ab80184ad6e5-FRA

GET
H2 200 billy.jpg
medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/athletes/ 72 KB
73 KB 21ms
18ms Image
image/jpeg 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/athletes/billy.jpg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b394238d6baf43878a826856903696e9c20a2ecb5266bb4495801c346e80c2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 74204
cf-request-id: 048209840d0000d6e50db25200000001
last-modified: Tue, 28 Jan 2020 02:24:23 GMT
server: cloudflare
etag: "cf8843iS1VYCdO1nHw_YB2dg:58b83fe82d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: cf-int-resize, x-forwarded-proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
cf-resized: internal=ok/e t=1.276 v=2020.8.1
accept-ranges: bytes
cf-ray: 5c16ab80184bd6e5-FRA

GET
H2 200 lucas.jpg
medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/athletes/ 38 KB
38 KB 19ms
16ms Image
image/jpeg 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/athletes/lucas.jpg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9766209be8bc1d2e3a022ed943ef1a019ce795cdf7965b4399406c4068c53ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 38964
cf-request-id: 048209840d0000d6e50db26200000001
last-modified: Tue, 28 Jan 2020 02:24:24 GMT
server: cloudflare
etag: "cfEkWtkzfcJufp_bfl4AO4ug:e6398ce82d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: cf-int-resize, x-forwarded-proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
cf-resized: internal=ok/e t=1.025 v=2020.8.1
accept-ranges: bytes
cf-ray: 5c16ab80184cd6e5-FRA

GET
H2 200 koa.jpg
medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/athletes/ 84 KB
84 KB 21ms
19ms Image
image/jpeg 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/athletes/koa.jpg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13d0ac66141d439ddb6dbc5e2acca1cf6d3a3437ef0440a2ef4c0b397f8d6383

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 85963
cf-request-id: 048209840d0000d6e50db27200000001
last-modified: Tue, 28 Jan 2020 02:24:24 GMT
server: cloudflare
etag: "cfp3Veb92DvpQLhTcfQFG0Uw:939b6fe82d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: cf-int-resize, x-forwarded-proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
cf-resized: internal=ok/e t=1.268 v=2020.8.1
accept-ranges: bytes
cf-ray: 5c16ab80184dd6e5-FRA

GET
H2 200 jeanette.jpg
medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/advisory/ 39 KB
39 KB 18ms
17ms Image
image/jpeg 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/advisory/jeanette.jpg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70ee16e00ffddb9759541f937a948bb52b9dff9515fc4e403baeca0eff69b06b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 40086
cf-request-id: 048209842e0000d6e50db28200000001
last-modified: Tue, 28 Jan 2020 02:23:50 GMT
server: cloudflare
etag: "cfXBeZg43xMp1zLX6zLjcH3w:555c29fa81d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: cf-int-resize, x-forwarded-proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
cf-resized: internal=ok/e t=0.612 v=2020.8.1
accept-ranges: bytes
cf-ray: 5c16ab80487cd6e5-FRA

GET
H2 200 matthew.jpg
medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/advisory/ 44 KB
45 KB 19ms
18ms Image
image/jpeg 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/advisory/matthew.jpg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe41cf87dd0ef28d7f52a0b97e04376b540e642612ab8ce0b197f71954e328b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 45460
cf-request-id: 048209842f0000d6e50db29200000001
last-modified: Thu, 30 Jan 2020 16:30:21 GMT
server: cloudflare
etag: "cfMvd_RYNj-6R0JebqR6a0xQ:d7c0cc908ad7d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: cf-int-resize, x-forwarded-proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
cf-resized: internal=ok/h t=0.045 v=2020.8.1
accept-ranges: bytes
cf-ray: 5c16ab80487dd6e5-FRA

GET
H2 200 mayank.jpg
medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/advisory/ 67 KB
68 KB 16ms
15ms Image
image/jpeg 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/advisory/mayank.jpg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8b62d35b546add682eda9119437f81b821a9ca9b8f0cf61a88a367596116669

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 69067
cf-request-id: 048209842f0000d6e50db2a200000001
last-modified: Thu, 30 Jan 2020 16:30:21 GMT
server: cloudflare
etag: "cfUNV1CKBGn-BZHk04_LLeVA:6efae6908ad7d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: cf-int-resize, x-forwarded-proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
cf-resized: internal=ok/e t=0.804 v=2020.8.1
accept-ranges: bytes
cf-ray: 5c16ab80487ed6e5-FRA

GET
H2 200 laura.jpg
medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/advisory/ 68 KB
69 KB 19ms
19ms Image
image/jpeg 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/advisory/laura.jpg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194307f3ce1e2a14ec88a4d5ba8e0eb15df79f79738ea2ccf5d0eff039ed4179

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 70024
cf-request-id: 048209842f0000d6e50db2b200000001
last-modified: Mon, 10 Aug 2020 19:46:00 GMT
server: cloudflare
etag: "cfqHVnOHQnfIutIMyQvau1iw:cc14e8df4e6fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: cf-int-resize, x-forwarded-proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
cf-resized: internal=ok/e t=1.180 v=2020.8.1
accept-ranges: bytes
cf-ray: 5c16ab80487fd6e5-FRA

GET
H2 200 lisa.jpg
medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/advisory/ 68 KB
68 KB 16ms
15ms Image
image/jpeg 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/advisory/lisa.jpg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fef27c7c64e55ae498d2649e2735ae1d7389cab937873bbd9e49002ed860f7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 69648
cf-request-id: 048209842f0000d6e50db2c200000001
last-modified: Thu, 30 Jan 2020 16:30:21 GMT
server: cloudflare
etag: "cfiAhj_oM9pvXgHdTXS-GZnQ:e660ca908ad7d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: cf-int-resize, x-forwarded-proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
cf-resized: internal=ok/m t=0.947 v=2020.8.1
accept-ranges: bytes
cf-ray: 5c16ab804880d6e5-FRA

GET
H2 200 cbd-good-morning.png
medterracbd.com/assets/img/products/ 39 KB
40 KB 11ms
10ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/products/cbd-good-morning.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

543eb460fcdb35043d3fe0b06399dc41c5d7c8c5a2c5c57fd11471503c0200e2

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 1194
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="cbd-good-morning.webp"
content-length: 40312
cf-request-id: 048209843c0000d6e50db2e200000001
last-modified: Tue, 28 Jan 2020 02:25:04 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "37e3a62682d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=43037
accept-ranges: bytes
cf-ray: 5c16ab8068a7d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 cbd-gel-capsules-25mg.png
medterracbd.com/assets/img/products/ 40 KB
40 KB 12ms
11ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/products/cbd-gel-capsules-25mg.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e019e0183f590b75be835899e7e22397f146f347567da0faf4ef51523eaa8d92

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
cf-cache-status: HIT
age: 23286
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="cbd-gel-capsules-25mg.webp"
content-length: 40776
cf-request-id: 048209843c0000d6e50db2f200000001
last-modified: Tue, 28 Jan 2020 02:25:03 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "e79b1c2682d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=43192
accept-ranges: bytes
cf-ray: 5c16ab8068a8d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 front.jpg
medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/articles/ 58 KB
58 KB 17ms
16ms Image
image/jpeg 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/articles/front.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

986f3b4734864b914498f7d04e00869b2eaa0cda7b2e2e0b608370b4e67779fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 59009
cf-request-id: 048209843c0000d6e50db30200000001
last-modified: Mon, 15 Jun 2020 23:23:10 GMT
server: cloudflare
etag: "cfAAo9gXzbL7DXHM5qSMK-eA:304153ef6b43d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: cf-int-resize, x-forwarded-proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
cf-resized: internal=ok/e t=0.847 v=2020.8.1
accept-ranges: bytes
cf-ray: 5c16ab8068a9d6e5-FRA

GET
H2 200 specs.jpg
medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/articles/ 65 KB
65 KB 19ms
18ms Image
image/jpeg 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/cdn-cgi/image/width=,quality=/assets/img/articles/specs.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc960fd5e27b2b5015f8945d833f0bed74eb0609355aab2fbcad2b4f4d5926ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
content-length: 66272
cf-request-id: 048209843c0000d6e50db31200000001
last-modified: Thu, 28 May 2020 16:49:02 GMT
server: cloudflare
etag: "cfB8R9tFlzLYhlnyxpa0ZNOg:925684e4f35d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: cf-int-resize, x-forwarded-proto, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=691200
cf-resized: internal=ok/e t=0.937 v=2020.8.1
accept-ranges: bytes
cf-ray: 5c16ab8068abd6e5-FRA

GET
H2 200 ijs_all_modules_cjs_min_6861f3268dab3abedd6c1f75b14f3504.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 516 KB
126 KB 32ms
14ms Script
text/javascript 2606:4700:10::6816:46ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6861f3268dab3abedd6c1f75b14f3504.js
Requested by: Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/3908/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:46ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3cb447c600ef2a7b34c70ae394deccc463885e48f97baa4c4d9146cd5480eaa

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 106258
x-guploader-uploadid: AAANsUmoURkJEFlBfMk3JlChhntCmrCt1yI9vfWZ7fSdA7v9VKURaqi8D2bzCvdtWonAGTNVGRkwZXjO1eXJTAyYi_Q
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 128470
cf-request-id: 048209844e00001756c4931200000001
last-modified: Mon, 10 Aug 2020 20:41:03 GMT
server: cloudflare
etag: "b801870a39cb223ced87d2ba8025a0a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=JI46ug==, md5=uAGHCjnLIjzth9K6gCWgqQ==
x-goog-generation: 1597092063730959
access-control-allow-origin: *
content-type: text/javascript
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 128470
accept-ranges: bytes
cf-ray: 5c16ab80795b1756-FRA
expires: Tue, 10 Aug 2021 20:41:12 GMT

POST
H2 204 _tr
db.revoffers.com/v2/ 0
319 B 320ms
317ms Other
text/plain 13.226.155.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://db.revoffers.com/v2/_tr
Requested by: Host: db.revoffers.com
URL: https://db.revoffers.com/_track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.20 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-20.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
via: 1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 204
cache-control: no-store, no-cache
x-amz-cf-id: AiBC1lYIa62KYeF_r2eS4z1vxOcK3-h_-dEKq0JRNGUNkLEwXrvpPQ==
x-success: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
apps.elfsight.com/p/boot/ 2 KB
1 KB 230ms
229ms XHR
application/json 2606:4700:20::681a:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.elfsight.com/p/boot/?w=5abefcdb-1ac0-4faa-acfd-737ff84f3b7b

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/platform/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:66b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49c4b5faebecf0e8c41dfbe3ba5ac10d59b3802d588fb44801a717848196412b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
status: 200
access-control-max-age: 86400
strict-transport-security: max-age=0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 048209845100001f4d22800200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://medterracbd.com
x-xss-protection: 1; mode=block
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 5c16ab80888f1f4d-FRA
access-control-allow-headers: DNT, Referer, Content-Type, Set-Cookie, x-csrf-token, x-socket-id

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 8 KB
5 KB 37ms
36ms Stylesheet
text/css 161.71.1.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

82a26ed404b9b3f3996b757cdff693b2007f77256d9c5375e3419d71bf7a300d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 11 Aug 2020 23:43:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-B3-TraceId: f50e5ead068064b2
Age: 8897
Content-Length: 3934
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 30 Apr 2020 16:55:40 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=86400
X-B3-SpanId: f50e5ead068064b2
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
X-B3-Sampled: 0
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Wed, 12 Aug 2020 23:43:54 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 22 KB
8 KB 75ms
37ms Script
application/x-javascript 161.71.1.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

9dd2970e79d8764b7867c51ce1841fc4960a0a7c109470dbe02e5707a70b41e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 11 Aug 2020 23:43:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-B3-TraceId: 7de5a5e3486efd2a
Age: 8897
Content-Length: 6770
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 30 Apr 2020 16:55:40 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-B3-SpanId: 7de5a5e3486efd2a
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
X-B3-Sampled: 0
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Wed, 12 Aug 2020 23:43:54 GMT

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 100 B
425 B 598ms
232ms XHR
application/json 35.190.86.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6861f3268dab3abedd6c1f75b14f3504.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.86.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.86.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 6da26d6e5db7fdbe8f53b26d19d8512ce2921411100de97e056cdaea8602b846

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Aug 2020 02:12:11 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 57 B
382 B 491ms
126ms XHR
application/json 35.201.125.182
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6861f3268dab3abedd6c1f75b14f3504.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.125.182 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 182.125.201.35.bc.googleusercontent.com
Software: /
Resource Hash: 3721f0a502c500405ebbeb54266519b7e36718745b85e93b9725459bebad762c

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Aug 2020 02:12:11 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 100 B
425 B 491ms
234ms XHR
application/json 35.201.125.182
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6861f3268dab3abedd6c1f75b14f3504.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.125.182 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 182.125.201.35.bc.googleusercontent.com
Software: /
Resource Hash: 7acd997b8282c92fea971b5bc0ae4baf34b874ae0cb9e2ff3d95c88291240225

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Aug 2020 02:12:11 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H2 200 local_storage_frame15.min.html
assets.bounceexchange.com/assets/bounce/ Frame 0231 0
0 12ms
11ms Document
text/html 2606:4700:10::6816:46ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame15.min.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6861f3268dab3abedd6c1f75b14f3504.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:46ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: assets.bounceexchange.com
:scheme: https
:path: /assets/bounce/local_storage_frame15.min.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1

Response headers

status: 200
date: Wed, 12 Aug 2020 02:12:11 GMT
content-type: text/html
set-cookie: __cfduid=d3c64b2ba005dceb576f28dc1d587022c1597198331; expires=Fri, 11-Sep-20 02:12:11 GMT; path=/; domain=.bounceexchange.com; HttpOnly; SameSite=Lax
x-guploader-uploadid: AAANsUmULQ9v1Ze5x4MmZmlZBrZZd1FBsfFIzho1r1QRTSiOVXBm_aAQo_8_l-pZE4TjDnLO6EONtD0kEuukzmbC9m2Vc5uczw
expires: Thu, 12 Aug 2021 01:33:45 GMT
last-modified: Tue, 04 Feb 2020 01:30:01 GMT
x-goog-generation: 1580779801190315
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1084
x-goog-hash: crc32c=+XVPJw== md5=pFDBHqtx21P9aslGrvSXrw==
x-goog-storage-class: MULTI_REGIONAL
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 2306
cache-control: public, max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 04820984c300001756c4939200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c16ab813a4b1756-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 bundle Show response
rs.fullstory.com/rec/ 29 B
91 B 458ms
422ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=DDQA7&UserId=4942313088172032&SessionId=4741672886026240&PageId=4593680123772928&Seq=1&PageStart=1597198330982&PrevBundleTime=0&LastActivity=488&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 0b23c9f821007c1b8eb4f898bc4a656bddd39571d5490cf51996f980df32fc3b

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://medterracbd.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 29

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 36 B
211 B 96ms
53ms Script
text/html 35.227.229.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?tojQ=function&cts=1597198331298&tzo=-120&website_id=3908&resolution=1600x1200&referrer=&calling_url=https%3A%2F%2Fmedterracbd.com%2F%3Fclx%3D9979320%26r%3D%26affid%3D5382%26subid1%3D1022e0a59a184fb9e0160762d149e8%26subid2%3D5175%26utm_source%3DRevOffers%26offer_id%3D88%26publisher_id%3D5175%26transaction_id%3D1022e0a59a184fb9e0160762d149e8%26disablebx%3D1&visit_cookie=%7B%22lp%22%3A%22https%253A%252F%252Fmedterracbd.com%252F%253Fclx%253D9979320%2526r%253D%2526affid%253D5382%2526subid1%253D1022e0a59a184fb9e0160762d149e8%2526subid2%253D5175%2526utm_source%253DRevOffers%2526offer_id%253D88%2526publisher_id%253D5175%2526transaction_id%253D1022e0a59a184fb9e0160762d149e8%2526disablebx%253D1%22%2C%22r%22%3A%22%22%2C%22ex%22%3A1597200131073%7D&cookie=%7B%22v%22%3A%7B%22logged_in%22%3Afalse%2C%22ever_logged_in%22%3Afalse%2C%22submitted_onsite%22%3Afalse%2C%22item_id_product%22%3Afalse%2C%22cart_set%22%3Afalse%7D%7D&vars[logged_in]=false&vars[ever_logged_in]=false&vars[cart_qty]=0&vars[cart_value]=0&vars[prod_price]=false&vars[prod_name]=false&vars[in_stock]=false&vars[submitted_onsite]=false&vars[item_id_product]=false&vars[cart_set]=false&vars[cookie_bar_present]=true&vdef[logged_in]=false&cookie_too_large=false&bp=0&etp=[%22cart%22,%22category%22,%22checkout%22,%22home%22,%22product%22]&pts=home&compliance_flag=
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6861f3268dab3abedd6c1f75b14f3504.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.229.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.229.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status: 200
content-type: text/html; charset=UTF-8
alt-svc: clear
via: 1.1 google

GET
H2

200

fs.js Show response
edge.fullstory.com/s/ Frame 5AE5
Redirect Chain

https://fullstory.com/s/fs.js
https://edge.fullstory.com/s/fs.js

194 KB
58 KB

57ms
19ms

Script
application/javascript

35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: medterracbd.com
URL: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 004c25401356741a14f4f8072d40a82a390cb7817f9dc6aa0fd6aa9f6af2e883

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:06:07 GMT
content-encoding: gzip
age: 364
x-guploader-uploadid: AAANsUl6Xj4Co5VoRvVdEVMy4PEXyJaC43gfpIuuJdA4TlygKevXoOelTMatx-FDNAUBlRHPu4Xq7uUXuQco8ppxNCc
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 59132
last-modified: Mon, 20 Jul 2020 13:45:06 GMT
server: UploadServer
etag: "5b707bb292e63f1c6e4c92c0a9429e40"
x-goog-hash: crc32c=7OPr5w==, md5=W3B7spLmPxxuTJLAqUKeQA==
x-goog-generation: 1595252706198059
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=600,no-transform
x-goog-stored-content-length: 59132
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 12 Aug 2020 02:16:07 GMT

Redirect headers

date: Mon, 13 Jul 2020 23:45:04 GMT
via: 1.1 google
age: 2514427
status: 301
location: https://edge.fullstory.com/s/fs.js
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 instagram-feed.js Show response
static.elfsight.com/apps/instashow/release/0889c0b2-bec1-4bc1-96ee-ef4c1cc8706a/app/ 344 KB
72 KB 26ms
26ms Script
application/javascript 2606:4700:20::681a:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/instashow/release/0889c0b2-bec1-4bc1-96ee-ef4c1cc8706a/app/instagram-feed.js

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/platform/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:66b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc630071cc23ab17087da8d662759c3ce113ae6898cb78e14500fb5c3a6fd0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 38701
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: tx000000000000045a3802e-005f32b8ce-9709f2-sfo2a
cf-request-id: 04820985af00001f4d22812200000001
last-modified: Fri, 07 Aug 2020 11:08:30 GMT
server: cloudflare
etag: W/"3b628294dd921f26f26d05226f64166d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 5c16ab82bb0b1f4d-FRA

GET
H2 200 klaviyo_analytics.js Show response
fast.a.klaviyo.com/media/js/analytics/ 18 KB
6 KB 74ms
23ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/media/js/analytics/klaviyo_analytics.js?v=5

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=HSutKw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

39725edc891faeb797afb14f131a24a12862d887c2b39f58e43094a8491789a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 38636
x-cache: HIT
status: 200
x-cache-hits: 9748
content-length: 6008
x-served-by: cache-fra19174-FRA
last-modified: Tue, 26 May 2020 22:13:08 GMT
server: nginx
etag: W/"5ecd9474-48b3"
strict-transport-security: max-age=900
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=86400, public
accept-ranges: bytes
expires: Wed, 05 Aug 2020 15:28:11 GMT

GET
H2 200 modules Show response
fast.a.klaviyo.com/onsite/api/v2/ 53 B
393 B 75ms
24ms XHR
application/json 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/onsite/api/v2/modules?company_id=HSutKw

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=HSutKw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

64e7dfcc1780721fbc6ed47a4abe4c5b63824ac30476d1d86c875ca34902191c

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
age: 2804724
x-cache: HIT
status: 200
access-control-max-age: 86400
strict-transport-security: max-age=900
content-length: 73
via: 1.1 varnish
x-served-by: cache-fra19177-FRA
access-control-allow-origin: *
server: nginx
vary: Accept-Encoding, Cookie
access-control-allow-methods: GET
content-type: application/json
x-upstream: Sync-Api, Sync-Api
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1

GET
H2 200 trace Show response
www.cloudflare.com/cdn-cgi/ 280 B
564 B 101ms
8ms XHR
text/plain 2606:4700::6811:d209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cloudflare.com/cdn-cgi/trace

Requested by

Host: d38xvr37kwwhcm.cloudfront.net
URL: https://d38xvr37kwwhcm.cloudfront.net/js/grin-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab701672077855ab116586a29efbd3637935feafc6e5a600bbf322a496a5c412

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
server: cloudflare
status: 200
x-frame-options: SAMEORIGIN
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 5c16ab83de8ddffb-FRA
cf-request-id: 04820986640000dffb49885200000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 icon-cart.svg Show response
medterracbd.com/assets/img/ 2 KB
951 B 17ms
17ms XHR
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/img/icon-cart.svg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d30e7012b5eea996e5fae49486f171f7a9101f08f06183ff9ad99bd8f44778fe

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23288
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820986750000d6e50db45200000001
last-modified: Tue, 28 Jan 2020 02:22:01 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"fb549fb981d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab83ed11d6e5-FRA

GET
H2 200 icon-angle-left.svg Show response
medterracbd.com/assets/img/ 445 B
411 B 17ms
17ms XHR
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/img/icon-angle-left.svg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bf0b32df4be99bbc695c3acdfe3a42978076495a8f568443734bbdd4f82c143e

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 21797
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820986760000d6e50db46200000001
last-modified: Tue, 28 Jan 2020 02:22:01 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"70f25eb981d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab83fd12d6e5-FRA

GET
H2 200 icon-angle-right.svg Show response
medterracbd.com/assets/img/ 447 B
407 B 18ms
17ms XHR
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/img/icon-angle-right.svg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

194eca316cb806bb52f8e342e7d2abfc7090294a8ad3f646d7592574ea70534e

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 21797
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820986760000d6e50db47200000001
last-modified: Tue, 28 Jan 2020 02:22:01 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"511a66b981d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab83fd15d6e5-FRA

GET
H2 200 icon-angle-left.svg Show response
medterracbd.com/assets/img/ 445 B
397 B 27ms
27ms XHR
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/img/icon-angle-left.svg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bf0b32df4be99bbc695c3acdfe3a42978076495a8f568443734bbdd4f82c143e

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 21797
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820986770000d6e50db48200000001
last-modified: Tue, 28 Jan 2020 02:22:01 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"70f25eb981d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab83fd18d6e5-FRA

GET
H2 200 icon-angle-right.svg Show response
medterracbd.com/assets/img/ 447 B
389 B 18ms
18ms XHR
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/img/icon-angle-right.svg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

194eca316cb806bb52f8e342e7d2abfc7090294a8ad3f646d7592574ea70534e

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 21797
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820986770000d6e50db49200000001
last-modified: Tue, 28 Jan 2020 02:22:01 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"511a66b981d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab83fd1ad6e5-FRA

GET
H2 200 icon-up.svg Show response
medterracbd.com/assets/img/ 853 B
612 B 17ms
17ms XHR
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/img/icon-up.svg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

52d75a810549cec837c2476eb8c9f393ad29383b8d17ce90a5c143bca016215e

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23287
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820986770000d6e50db4a200000001
last-modified: Tue, 28 Jan 2020 02:22:05 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"37a58fbb81d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab83fd1cd6e5-FRA

GET
H2 200 icon-up.svg Show response
medterracbd.com/assets/img/ 853 B
612 B 18ms
18ms XHR
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/img/icon-up.svg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

52d75a810549cec837c2476eb8c9f393ad29383b8d17ce90a5c143bca016215e

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23287
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820986780000d6e50db4b200000001
last-modified: Tue, 28 Jan 2020 02:22:05 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"37a58fbb81d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab83fd1dd6e5-FRA

GET
H2 200 icon-up.svg Show response
medterracbd.com/assets/img/ 853 B
653 B 15ms
15ms XHR
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/img/icon-up.svg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

52d75a810549cec837c2476eb8c9f393ad29383b8d17ce90a5c143bca016215e

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23287
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820986780000d6e50db4c200000001
last-modified: Tue, 28 Jan 2020 02:22:05 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"37a58fbb81d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab83fd1fd6e5-FRA

GET
H2 200 icon-lobby.svg Show response
medterracbd.com/assets/img/ 1 KB
550 B 15ms
14ms XHR
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/img/icon-lobby.svg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f9275855d9ae4c0a8c5331532d8af9476dc02f1e19f5cf4f71b2a2ccea14a027

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23287
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820986790000d6e50db4d200000001
last-modified: Tue, 28 Jan 2020 02:22:03 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"d76990ba81d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab83fd20d6e5-FRA

GET
H2 200 icon-phone.svg Show response
medterracbd.com/assets/img/ 659 B
638 B 16ms
16ms XHR
image/svg+xml 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medterracbd.com/assets/img/icon-phone.svg

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e0117aad9bed3888498ac20e69fe89ad5984f238da7d8bc561e4fe6aff413600

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23287
x-powered-by: ASP.NET
status: 200
cf-request-id: 04820986790000d6e50db4e200000001
last-modified: Tue, 28 Jan 2020 02:22:04 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"d0db2bb81d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 5c16ab83fd21d6e5-FRA

GET
H2 200 0.13ff0afc09e71888302e.css
static.klaviyo.com/onsite/js/ 65 KB
6 KB 26ms
11ms Stylesheet
text/css 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/0.13ff0afc09e71888302e.css
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=HSutKw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 753fc607002d0a5af67f0d1664a63afc3c132ec976ed84eab493bfff6058fd72

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: IZurD1JawFNIz9trJFsX898C.Kr4B9BB
content-encoding: gzip
etag: "ef71f5f639551b2a833e2eaa015dbc39"
age: 22178
x-cache: HIT
status: 200
content-length: 5458
x-amz-id-2: M06KC+TYbdIvHoNwToVMNnvc+PT2IxC/xBX17099FqNb8fsqDQjXB1+Ljo7pUKzQkVnUZJjxy0U=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 11 Aug 2020 20:01:36 GMT
server: AmazonS3
date: Wed, 12 Aug 2020 02:12:11 GMT
vary: Accept-Encoding
x-amz-request-id: AAE54794D46AAE27
via: 1.1 varnish
cache-control: max-age=2592000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 4015

GET
H2 200 styles.1757ddef7c8731c410e2.js Show response
static.klaviyo.com/onsite/js/ 239 B
343 B 73ms
56ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/styles.1757ddef7c8731c410e2.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=HSutKw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9349aea6b6ccec6e3ef0c775c744c929c6fc15abb1ca7c48c09491acef4d0426

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 3K9uY9F4kcyCYZzK.KG0zdtpmlK.ALlU
content-encoding: gzip
etag: "fc38aa5ed45ee8f25b273bc547116b23"
age: 22178
x-cache: HIT
status: 200
content-length: 163
x-amz-id-2: FFTDWYZidTD7kHcy5DmAYf8oz/1lbIbxozsCvpyxgzTOCGogPI2QGhc4eyG33DD086Vsjcgyk1I=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 11 Aug 2020 20:01:35 GMT
server: AmazonS3
date: Wed, 12 Aug 2020 02:12:11 GMT
vary: Accept-Encoding
x-amz-request-id: FQ5P0H4T7RBNDT4T
via: 1.1 varnish
cache-control: max-age=2592000
accept-ranges: bytes
content-type: application/x-javascript
x-cache-hits: 3566

GET
H2 200 sentry.5ae9269795f89fbb9935.js Show response
static.klaviyo.com/onsite/js/ 40 KB
14 KB 68ms
52ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sentry.5ae9269795f89fbb9935.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=HSutKw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2872a9bd31e233367b31cd921d3fd52fa9436cbe8e7481e924338656479500c4

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: kBQc8e.1aM7zdCwUnwHkxLFxni2fY.Wv
content-encoding: gzip
etag: "8cedf45c882e59a3b00e881dcbb87b17"
age: 22178
x-cache: HIT
status: 200
content-length: 13798
x-amz-id-2: hvVDA8Yd81r4C6PejsZXjvk5WMHSjKJGhZsirC/GWn5aqOnIxtZ2dOldajAbpBQU2leASP3bHEI=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 11 Aug 2020 20:01:35 GMT
server: AmazonS3
date: Wed, 12 Aug 2020 02:12:11 GMT
vary: Accept-Encoding
x-amz-request-id: 053EA9E17F36984E
via: 1.1 varnish
cache-control: max-age=2592000
accept-ranges: bytes
content-type: application/x-javascript
x-cache-hits: 3495

GET
H2 200 vendors~signupForms.c0b206ccd4779ee306e2.js Show response
static.klaviyo.com/onsite/js/ 189 KB
55 KB 64ms
48ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signupForms.c0b206ccd4779ee306e2.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=HSutKw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c55ce94b5a2bd7213de7aeb580b5025cb7b939bde8e9432f51d7ce637a24b3b3

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: .3KA7zpfWSc04gWtnVdf12uxqx3khZ.A
content-encoding: gzip
etag: "d0540c599428738c7dad42dec3ce7177"
age: 22178
x-cache: HIT
status: 200
content-length: 56430
x-amz-id-2: wZWPzKs1a/0XVZ8TMYwLhUz3HBky2zdNadyYlOKgnC9WzNKLfy3fR3YNZRuP7AwW7WxmylwIH1Y=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 11 Aug 2020 20:01:36 GMT
server: AmazonS3
date: Wed, 12 Aug 2020 02:12:11 GMT
vary: Accept-Encoding
x-amz-request-id: 53BB205D831EACDA
via: 1.1 varnish
cache-control: max-age=2592000
accept-ranges: bytes
content-type: application/x-javascript
x-cache-hits: 3571

GET
H2 200 signupForms.d3910d9a9abe43f98b37.js Show response
static.klaviyo.com/onsite/js/ 155 KB
34 KB 80ms
64ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signupForms.d3910d9a9abe43f98b37.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=HSutKw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdac3b85f49125712a78e60c45d90f33ebe7f1f75c11fba5e7c0c4b17c0d56f4

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 9Viwb5dCzuSh3T2M.wNW.jUh8rJ3b4P1
content-encoding: gzip
etag: "4e46aa941ca95e9abdff6bd967031527"
age: 22178
x-cache: HIT
status: 200
content-length: 35082
x-amz-id-2: eEgDJi2cRY/zD9Hc171HcNpvWnyp73ydNZUa2UHgoxM377Ylp5TrdTUaBs6ClIiW39F4pUOC0XM=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 11 Aug 2020 20:01:35 GMT
server: AmazonS3
date: Wed, 12 Aug 2020 02:12:11 GMT
vary: Accept-Encoding
x-amz-request-id: DE99C5A55055601F
via: 1.1 varnish
cache-control: max-age=2592000
accept-ranges: bytes
content-type: application/x-javascript
x-cache-hits: 3592

GET
H2 200 vendors~View.fce4b1e23c3bfcb71d6e.js Show response
static.klaviyo.com/onsite/js/ 127 KB
35 KB 39ms
24ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~View.fce4b1e23c3bfcb71d6e.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=HSutKw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5566125ef3eb207248a369bf90239cdf4ea022ec3e9e15e451c6ffb6be1b9338

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: p4ohGR_5GyekQt3KRlOP4b3AHmpg3NHI
content-encoding: gzip
etag: "9074725e7eed6b172ca2ad393ebc0ffe"
age: 22178
x-cache: HIT
status: 200
content-length: 35143
x-amz-id-2: hRUjLXn4AtsK4a7XqlV0qnURKoEibll4YLvPKlexRh2tfF2D6HSxeshdjdU7IX8HNiwEiLjgyt8=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 11 Aug 2020 20:01:36 GMT
server: AmazonS3
date: Wed, 12 Aug 2020 02:12:11 GMT
vary: Accept-Encoding
x-amz-request-id: 9CB3E4F400428DB2
via: 1.1 varnish
cache-control: max-age=2592000
accept-ranges: bytes
content-type: application/x-javascript
x-cache-hits: 3439

GET
H2 200 View.22afc05180205a627712.js Show response
static.klaviyo.com/onsite/js/ 87 KB
17 KB 39ms
24ms Script
application/x-javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/View.22afc05180205a627712.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=HSutKw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f735dd97980146cf849f9c3c96ed5609053a02502d563e85aca94146ebb7490

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: gRbkFSOFavKNmEvaaKx3CliIQLhOw_8n
content-encoding: gzip
etag: "9ad02d85c437c38a620730d54b0a08bb"
age: 22178
x-cache: HIT
status: 200
content-length: 17699
x-amz-id-2: qzuzFzH0AhJZcj00mjWw73cY4reoYIme2wLW5FMN2GPvm16R45ltRkoN6zGYUUZIP/bJXF2/FZ0=
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 11 Aug 2020 20:01:35 GMT
server: AmazonS3
date: Wed, 12 Aug 2020 02:12:11 GMT
vary: Accept-Encoding
x-amz-request-id: 00C7BAF74B26B8CF
via: 1.1 varnish
cache-control: max-age=2592000
accept-ranges: bytes
content-type: application/x-javascript
x-cache-hits: 3409

GET
H2 200 c Show response
ids.cdnwidget.com/ 37 B
174 B 169ms
130ms XHR
application/json 130.211.47.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=141c0839b3d92531d81f538ef005993d&SCH1=d612cd9ce9aa269b79458f68db14f3fd&GCS1=011190190&GCS2=YjIwNzRjYzgtZGZhMS00MTRiLWFmNzAtZGY0Y2UzYmY2N2I2LmxvY2FsLDNiZGVkNjQxLWYzMWUtNDY0YS04OTAwLTlhZjQzZDBkZGU1Ni5sb2NhbA==&pe=false&wsid=3908&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A3908%2C%22loadID%22%3A%22G9F7lfEPVoD5r3w%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A13%2C%22IDStageStart%22%3A14%2C%22netComplete%22%3A377%2C%22obsReq1%22%3A558%2C%22obsReq2%22%3A559%2C%22obsReq0%22%3A658%2C%22IDStagePrefire%22%3A659%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A2%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_6861f3268dab3abedd6c1f75b14f3504.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.47.17 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 33207c82efa045da3fbae51ad279020135b038e8a581fa89b34dd9faada6fb62

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 12 Aug 2020 02:12:11 GMT
via: 1.1 google
access-control-allow-credentials: true
access-control-allow-origin: https://medterracbd.com
alt-svc: clear
content-type: application/json

GET
H2 200 up
insight.adsrvr.org/track/ Frame 910D 0
0 269ms
172ms Document
text/html 99.81.228.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=8sb1yhy&ref=https%3A%2F%2Fmedterracbd.com%2F%3Fclx%3D9979320%26r%3D%26affid%3D5382%26subid1%3D1022e0a59a184fb9e0160762d149e8%26subid2%3D5175%26utm_source%3DRevOffers%26offer_id%3D88%26publisher_id%3D5175%26transaction_id%3D1022e0a59a184fb9e0160762d149e8%26disablebx%3D1&upid=76a8ja3&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.228.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=8sb1yhy&ref=https%3A%2F%2Fmedterracbd.com%2F%3Fclx%3D9979320%26r%3D%26affid%3D5382%26subid1%3D1022e0a59a184fb9e0160762d149e8%26subid2%3D5175%26utm_source%3DRevOffers%26offer_id%3D88%26publisher_id%3D5175%26transaction_id%3D1022e0a59a184fb9e0160762d149e8%26disablebx%3D1&upid=76a8ja3&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1

Response headers

status: 200
date: Wed, 12 Aug 2020 02:12:12 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK Cookie set esw.html
service.force.com/embeddedservice/5.0/ Frame C1CC 0
0 40ms
40ms Document
text/html 161.71.1.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: service.force.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1

Response headers

Date: Wed, 12 Aug 2020 02:12:11 GMT
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
X-B3-TraceId: e69588c62fc5aec2
X-B3-SpanId: e69588c62fc5aec2
X-B3-Sampled: 0
Cache-Control: public,max-age=86400
Set-Cookie: BrowserId=O4oPrtxBEeqtxf80LVmluA; domain=.force.com; path=/; expires=Thu, 12-Aug-2021 02:12:11 GMT; Max-Age=31536000 BrowserId_sec=O4oPrtxBEeqtxf80LVmluA; domain=.force.com; path=/; expires=Thu, 12-Aug-2021 02:12:11 GMT; Max-Age=31536000; secure; SameSite=None
Expires: Thu, 13 Aug 2020 02:12:11 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H2 200 full-forms Show response
fast.a.klaviyo.com/forms/api/v3/ 10 KB
2 KB 25ms
20ms XHR
application/json 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/forms/api/v3/full-forms?company_id=HSutKw

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=HSutKw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

72249ab78808516933bab2453d24b3f8970d25e3c29c74053d2b8deea1a75757

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:11 GMT
content-encoding: gzip
age: 2804723
x-cache: HIT
status: 200
access-control-max-age: 86400
strict-transport-security: max-age=900
content-length: 1449
via: 1.1 varnish
x-served-by: cache-fra19177-FRA
access-control-allow-origin: *
allow: OPTIONS, GET
server: nginx
vary: Accept-Encoding, Cookie
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
x-upstream: Sync-Api, Sync-Api
cache-control: max-age=10
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 199ms
50ms XHR
text/plain 52.208.110.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5e9cf34011c070000800092c&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=1626&cE=1626&dLE=1626&dLS=1626&fS=1626&hS=-1&rE=-1&rS=-1&reS=1626&resS=2131&resE=2494&uEE=-1&uES=-1&dL=2133&dI=2725&dCLES=2815&dCLEE=2819&dC=3633&lES=3633&lEE=3655&s=nt&title=Medterra%20-%20Our%20CBD.%20Your%20Health%20%7C%20Buy%20CBD%20Oil%20%7C%2099%25%20Pure%20CBD&path=https%3A%2F%2Fmedterracbd.com%2F&ref=&sId=7m50n5cv&sST=1597198331&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5e9cf34011c070000800092c.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.110.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 12 Aug 2020 02:12:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK / Show response
api.instacloud.io/ 161 KB
27 KB 805ms
383ms Fetch
application/json 107.170.203.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://api.instacloud.io/?count=50&path=%2Fv1%2Fusers%2Fmedterracbd%2Fmedia%2Frecent%2F

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/apps/instashow/release/0889c0b2-bec1-4bc1-96ee-ef4c1cc8706a/app/instagram-feed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

107.170.203.103 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

2e08898b0bdaf4b7ba9070e5b64217e60a40c97acf86f5e7096de991f6b3e4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 02:12:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Server: nginx/1.15.5
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-TT: 3
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Instacloud-Host

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la4-c2-ph2.salesforceliveagent.com/chat/rest/EmbeddedService/ 292 B
649 B 926ms
160ms Script
text/javascript 13.110.36.212
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c2-ph2.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D3i000000obEQ&EmbeddedServiceConfig.configName=Production_Chat_Queue_Group&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.36.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

981e520b1919ad03b35139108582fbc24c538b064b2adf533f0074d736387a6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK invite.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 18 KB
5 KB 37ms
37ms Script
application/x-javascript 161.71.1.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

e71b66602af067bcc801d263cf7e64d3fdfe86b70ad64d9c1868808966009807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 11 Aug 2020 23:17:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-B3-TraceId: 32030f4a0bd788cd
Age: 10496
Content-Length: 4412
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 30 Apr 2020 16:55:40 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-B3-SpanId: 32030f4a0bd788cd
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
X-B3-Sampled: 0
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Wed, 12 Aug 2020 23:17:15 GMT

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://service.force.com/
Origin: https://medterracbd.com

Response headers

Content-Type: application/octet-stream

GET
H/1.1 200
OK Settings.jsonp Show response
d.la4-c2-ph2.salesforceliveagent.com/chat/rest/Visitor/ 166 B
558 B 825ms
160ms Script
text/javascript 13.110.36.212
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c2-ph2.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5733i0000004rVG]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5723i0000004qY9&org_id=00D3i000000obEQ&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.36.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

Software

Resource Hash

2ea81582bbd199396ad44873ad9efe8390c4383cdb485f6f6a6c61f949108caf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK inert.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 8 KB
3 KB 42ms
41ms Script
application/x-javascript 161.71.1.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl3-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

ac20136402e1daf9eb019c6b2d21f58dd940c9ba59d42ae2e2ab235021327cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 11 Aug 2020 23:43:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-B3-TraceId: b4e11e2c2d1aabff
Age: 8897
Content-Length: 2484
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 07 Jul 2020 23:02:14 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-B3-SpanId: b4e11e2c2d1aabff
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
X-B3-Sampled: 0
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Wed, 12 Aug 2020 23:43:55 GMT

GET
H2 200 117305319_3306011629624997_7337382940857322137_n.jpg
scontent-lga3-1.cdninstagram.com/v/t51.2885-15/e15/c180.0.719.719a/s320x320/ 17 KB
17 KB 248ms
83ms Image
image/jpeg 2a03:2880:f212:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lga3-1.cdninstagram.com/v/t51.2885-15/e15/c180.0.719.719a/s320x320/117305319_3306011629624997_7337382940857322137_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=105&_nc_ohc=hDwftZjLPWoAX9Lrr-V&oh=555264e55aa5651b6e7857a4b2b8a2c8&oe=5F5DDADD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4f4e16ddedcee86d6ce3f41ac1d7231d447995d4400802781b508248c82b6ac8

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 984177949
date: Wed, 12 Aug 2020 02:12:12 GMT
x-fb-trip-id: 1904183273
last-modified: Tue, 11 Aug 2020 16:19:02 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3027043827
x-fb-config-version-olb-prod: 884
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 17052

GET
H2 200 117318026_112576473752035_57831048637106178_n.jpg
scontent-lga3-1.cdninstagram.com/v/t51.2885-15/e15/c0.107.1080.1080a/s320x320/ 9 KB
9 KB 247ms
83ms Image
image/jpeg 2a03:2880:f212:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lga3-1.cdninstagram.com/v/t51.2885-15/e15/c0.107.1080.1080a/s320x320/117318026_112576473752035_57831048637106178_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=107&_nc_ohc=PMoTwLSwDLgAX-mBkc1&oh=7476fc2bbd370a18cd6513f17d429df5&oe=5F5E4C24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c835ea2e48e7a3b061b79557e7b6fde1584340ad1ef501485376b89f249eacfb

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 4192266855
date: Wed, 12 Aug 2020 02:12:12 GMT
x-fb-trip-id: 1904183273
last-modified: Mon, 10 Aug 2020 23:54:03 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2016405561
x-fb-config-version-olb-prod: 884
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 9322

GET
H2 200 117234181_361721411486312_189075214651780681_n.jpg
scontent-lga3-1.cdninstagram.com/v/t51.2885-15/e15/c180.0.719.719a/s320x320/ 26 KB
26 KB 246ms
84ms Image
image/jpeg 2a03:2880:f212:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lga3-1.cdninstagram.com/v/t51.2885-15/e15/c180.0.719.719a/s320x320/117234181_361721411486312_189075214651780681_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=108&_nc_ohc=0V69GYgxPGgAX8phO73&oh=dddfd200d2bb1f54beba04502b02b173&oe=5F5C881C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3797288f163a3486c0221218b609e4e2a4e68d640a34d18df77b18d61b8b1e67

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 1862829543
date: Wed, 12 Aug 2020 02:12:12 GMT
x-fb-trip-id: 1904183273
last-modified: Sun, 09 Aug 2020 17:45:04 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3018517556
x-fb-config-version-olb-prod: ef334037589f4de6ad9eb263dc5cda88
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 26568

GET
H2 200 117149638_1046500012413668_1359492048885123496_n.jpg
scontent-lga3-1.cdninstagram.com/v/t51.2885-15/e15/c180.0.719.719a/s320x320/ 24 KB
24 KB 245ms
83ms Image
image/jpeg 2a03:2880:f212:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lga3-1.cdninstagram.com/v/t51.2885-15/e15/c180.0.719.719a/s320x320/117149638_1046500012413668_1359492048885123496_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=108&_nc_ohc=1HR5XCZVH44AX-stqvA&oh=a277dc95bcbf5ca9ad8554879ac1bce6&oe=5F5BF3A4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 00bdf5225938e98fe0c0bd36a6b563f36b8a8c46ec0edf4eb8a1898878c889d0

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 3269651314
date: Wed, 12 Aug 2020 02:12:12 GMT
x-fb-trip-id: 1904183273
last-modified: Sat, 08 Aug 2020 18:50:03 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-needle-checksum: 4030726112
x-fb-config-version-olb-prod: 884
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24733

GET
H/1.1 200
OK Availability.jsonp Show response
d.la4-c2-ia2.salesforceliveagent.com/chat/rest/Visitor/ 142 B
542 B 717ms
109ms Script
text/javascript 13.110.32.212
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c2-ia2.salesforceliveagent.com/chat/rest/Visitor/Availability.jsonp?sid=undefined&r=858&Availability.prefix=Visitor&Availability.ids=[5733i0000004rVG]&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5723i0000004qY9&org_id=00D3i000000obEQ&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.32.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-iad3.la4-c2-ia2.salesforceliveagent.com

Software

Resource Hash

19e26f39aaf68f46488ca329a21eb1fa37d83683c2ae613c78c56176e7272acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

POST
H2 200 bundle Show response
rs.fullstory.com/rec/ 29 B
88 B 455ms
454ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=DDQA7&UserId=4942313088172032&SessionId=4741672886026240&PageId=4593680123772928&Seq=2&PageStart=1597198330982&PrevBundleTime=1597198331600&LastActivity=4807&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 2c40601eab2b9edc0dfa01c5ebf6014a0e1c37b42d41ffe7bcd73ee2b07688e1

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 Aug 2020 02:12:16 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://medterracbd.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 29

GET
H2 200 cbd-rapid-cooling-cream-750mg.png
medterracbd.com/assets/img/products/ 24 KB
24 KB 12ms
11ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/products/cbd-rapid-cooling-cream-750mg.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

07f25f0099a7b34761876efc6b1cf3bc93ce6a59a0504a65fbe0ebc43e8a02d1

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:16 GMT
cf-cache-status: HIT
age: 21794
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="cbd-rapid-cooling-cream-750mg.webp"
content-length: 24164
cf-request-id: 0482099b9f0000d6e50d845200000001
last-modified: Tue, 28 Jan 2020 02:25:07 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "4ad21a2882d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=27881
accept-ranges: bytes
cf-ray: 5c16aba5cd02d6e5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 cbd-rapid-cooling-cream-750mg.png
medterracbd.com/assets/img/products/ 24 KB
24 KB 13ms
13ms Image
image/webp 2606:4700:10::6816:40cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://medterracbd.com/assets/img/products/cbd-rapid-cooling-cream-750mg.png

Requested by

Host: medterracbd.com
URL: https://medterracbd.com/assets/js/m/framework-functions-minified.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:40cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

07f25f0099a7b34761876efc6b1cf3bc93ce6a59a0504a65fbe0ebc43e8a02d1

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 02:12:17 GMT
cf-cache-status: HIT
age: 21795
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="cbd-rapid-cooling-cream-750mg.webp"
content-length: 24164
cf-request-id: 0482099c1a0000d6e50d849200000001
last-modified: Tue, 28 Jan 2020 02:25:07 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "4ad21a2882d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=691200
cf-polished: origFmt=png, origSize=27881
accept-ranges: bytes
cf-ray: 5c16aba69df8d6e5-FRA
cf-bgj: imgq:100,h2pri

POST
H2 200 bundle Show response
rs.fullstory.com/rec/ 29 B
88 B 144ms
144ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=DDQA7&UserId=4942313088172032&SessionId=4741672886026240&PageId=4593680123772928&Seq=3&PageStart=1597198330982&PrevBundleTime=1597198336681&LastActivity=9807&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: c15a89c2aeb9c759fa6cdfeec758922c5aca8a8922fcd15ff89b3d2b2dd762d3

Request headers

Referer: https://medterracbd.com/?clx=9979320&r=&affid=5382&subid1=1022e0a59a184fb9e0160762d149e8&subid2=5175&utm_source=RevOffers&offer_id=88&publisher_id=5175&transaction_id=1022e0a59a184fb9e0160762d149e8&disablebx=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 Aug 2020 02:12:21 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://medterracbd.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 29

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.force.com/	1970-01-19 20:25:34	Name: BrowserId_sec Value: O4oPrtxBEeqtxf80LVmluA
.force.com/	1970-01-19 20:25:34	Name: BrowserId Value: O4oPrtxBEeqtxf80LVmluA
medterracbd.com/	1970-01-20 05:11:10	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE1OTcxOTgzMzIsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vbWVkdGVycmFjYmQuY29tLz9jbHg9OTk3OTMyMCZyPSZhZmZpZD01MzgyJnN1YmlkMT0xMDIyZTBhNTlhMTg0ZmI5ZTAxNjA3NjJkMTQ5ZTgmc3ViaWQyPTUxNzUmdXRtX3NvdXJjZT1SZXZPZmZlcnMmb2ZmZXJfaWQ9ODgmcHVibGlzaGVyX2lkPTUxNzUmdHJhbnNhY3Rpb25faWQ9MTAyMmUwYTU5YTE4NGZiOWUwMTYwNzYyZDE0OWU4JmRpc2FibGVieD0xIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNTk3MTk4MzMyLCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL21lZHRlcnJhY2JkLmNvbS8/Y2x4PTk5NzkzMjAmcj0mYWZmaWQ9NTM4MiZzdWJpZDE9MTAyMmUwYTU5YTE4NGZiOWUwMTYwNzYyZDE0OWU4JnN1YmlkMj01MTc1JnV0bV9zb3VyY2U9UmV2T2ZmZXJzJm9mZmVyX2lkPTg4JnB1Ymxpc2hlcl9pZD01MTc1JnRyYW5zYWN0aW9uX2lkPTEwMjJlMGE1OWExODRmYjllMDE2MDc2MmQxNDllOCZkaXNhYmxlYng9MSJ9fQ==
.medterracbd.com/	1970-01-19 12:23:10	Name: __cfduid Value: d6a8e9a3cb8d0b9057c305bae6587bbd11597198331

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
api.bounceexchange.com
api.instacloud.io
apps.elfsight.com
assets.bounceexchange.com
d.la4-c2-ia2.salesforceliveagent.com
d.la4-c2-ph2.salesforceliveagent.com
d38xvr37kwwhcm.cloudfront.net
data.cdnbasket.net
db.revoffers.com
edge.fullstory.com
fast.a.klaviyo.com
fullstory.com
ids.cdnwidget.com
insight.adsrvr.org
js.adsrvr.org
mautic.purecbd.solutions
medterracbd.com
page.cdnbasket.net
pixel.locker2.com
rs.fullstory.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s.yimg.com
scontent-lga3-1.cdninstagram.com
secure.adnxs.com
service.force.com
sp.analytics.yahoo.com
static.elfsight.com
static.klaviyo.com
stats.g.doubleclick.net
tag.bounceexchange.com
track.revoffers.com
view.cdnbasket.net
www.cloudflare.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
107.170.203.103
13.110.32.212
13.110.36.212
13.226.146.155
13.226.155.20
13.226.155.9
130.211.47.17
151.101.114.133
151.101.14.133
161.71.1.38
172.217.23.166
185.33.221.11
212.82.100.181
2600:1901:0:2470::
2600:9000:2182:f600:15:decf:f580:21
2606:4700:10::6814:14ef
2606:4700:10::6816:40cf
2606:4700:10::6816:46ab
2606:4700:20::681a:66b
2606:4700::6811:d209
2a00:1288:f03d:1fa::4000
2a00:1450:4001:806::2002
2a00:1450:4001:815::2008
2a00:1450:4001:816::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2003
2a00:1450:4001:81c::2004
2a00:1450:400c:c00::9b
2a03:2880:f212:c4:face:b00c:0:43fe
34.120.253.250
35.186.194.58
35.190.86.194
35.201.112.186
35.201.125.182
35.227.229.34
52.208.110.129
54.186.221.75
63.33.92.231
99.81.228.121
002a865da40d933ca8ecf7a282f2124fce44856bb2c3cc2e323a6a12d3017fd5
004c25401356741a14f4f8072d40a82a390cb7817f9dc6aa0fd6aa9f6af2e883
00bdf5225938e98fe0c0bd36a6b563f36b8a8c46ec0edf4eb8a1898878c889d0
0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b
068ede3ed6afbc80fdce29338161d0f7388ad000831ba1ccd3f23a4a0035b7b0
07f25f0099a7b34761876efc6b1cf3bc93ce6a59a0504a65fbe0ebc43e8a02d1
09dda99a7a47da217aa15c9010563a672854696376a050ccfe0bcd14ac85898f
0b23c9f821007c1b8eb4f898bc4a656bddd39571d5490cf51996f980df32fc3b
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
122d22f1afee8389e9606ae12bd4a9c47877dfb30b190e0882dcab64a7b3cfa7
13d0ac66141d439ddb6dbc5e2acca1cf6d3a3437ef0440a2ef4c0b397f8d6383
1504c98200fc05eb7a36a41ff6d452a88dc9c7ece3b34eb9c75aedcb9b08d495
194307f3ce1e2a14ec88a4d5ba8e0eb15df79f79738ea2ccf5d0eff039ed4179
194eca316cb806bb52f8e342e7d2abfc7090294a8ad3f646d7592574ea70534e
19e26f39aaf68f46488ca329a21eb1fa37d83683c2ae613c78c56176e7272acf
1abf6e7646203786c999996703d6ed56ad61ce40a34f692745213feac11f4f99
2247249bfd8591e232e845dc0f048fba952adb0482e79e07d13135f04a98f998
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
274eba0b3af25e87372447875881877526881be766c0368aa73793592d47ac57
2872a9bd31e233367b31cd921d3fd52fa9436cbe8e7481e924338656479500c4
2914163b37f2b0786a0ce2dd8c4f6a7ebb1909dd89788641e0ef8591223f19ae
2c40601eab2b9edc0dfa01c5ebf6014a0e1c37b42d41ffe7bcd73ee2b07688e1
2e08898b0bdaf4b7ba9070e5b64217e60a40c97acf86f5e7096de991f6b3e4f4
2ea632bc0756a94e6526a50ca39552b4ca9434475d12620ba2f42a47cd8fd221
2ea81582bbd199396ad44873ad9efe8390c4383cdb485f6f6a6c61f949108caf
33207c82efa045da3fbae51ad279020135b038e8a581fa89b34dd9faada6fb62
34ce49db75953a9698769b32c0058833e0d006433889d15764f720154099495e
35e513686d2085229337dfcaf31358dfb769c5b70349a084ef75021132c1bb62
3721f0a502c500405ebbeb54266519b7e36718745b85e93b9725459bebad762c
3797288f163a3486c0221218b609e4e2a4e68d640a34d18df77b18d61b8b1e67
39725edc891faeb797afb14f131a24a12862d887c2b39f58e43094a8491789a2
3afecf35586d959fcdc2e6e74b228119f478dd2c0c5218f54e30cfc991943919
3db73066101527e14d9b017db8bfb2ed63877f0e6e3acc55328e9f27f8fb5792
3dcb80f0b44c8b2ab03cc08b063e1f8b86c8f388f002dbcd4989960fc3f30055
422c45843a04e9a2cfe7986e66526533da72151cd96984fe834ad3762cdbf05d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4509f303365b1d68b2d934756178a94f19be52d5dfcf3e32f7078ca3771a1d9b
45fd3174c45f1d456cab3dd3a8b163b434a0ceb0c97bf170c09750d0499583ff
49c4b5faebecf0e8c41dfbe3ba5ac10d59b3802d588fb44801a717848196412b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f4e16ddedcee86d6ce3f41ac1d7231d447995d4400802781b508248c82b6ac8
52d75a810549cec837c2476eb8c9f393ad29383b8d17ce90a5c143bca016215e
543eb460fcdb35043d3fe0b06399dc41c5d7c8c5a2c5c57fd11471503c0200e2
54f755748521ee6043f0a877ce5dd5838b24511ac44a108967c97ea543de5c2a
5566125ef3eb207248a369bf90239cdf4ea022ec3e9e15e451c6ffb6be1b9338
573da9ed2ea1a22bf29ddf01590cb88c132ca545f3e9de502f470b9f9965bcc0
57a20f7215e57658489a161cef273e2778b82ae1594dd7935133156500957c86
5817c21283051e5ffdbda9384b2725ff8c5a0bfc43d66b18bfaf140969c507a8
62684fe09ad46d148a402d8b9d4e0849a5020ccb39cafaf3ac08c24b73bdcdea
63e665bb76c4d50f7acc657482c92b6d65489e9bd7a89ec2a4e8192486fdfef8
64e7dfcc1780721fbc6ed47a4abe4c5b63824ac30476d1d86c875ca34902191c
671743307e1b1a0e7977f0584785502d07b87c15e694c82883ae3f519abeed3d
6ac6ecb5f26e0953f551059ebc72636703e1c1680bce4d1942394348f7a2415d
6da26d6e5db7fdbe8f53b26d19d8512ce2921411100de97e056cdaea8602b846
70ee16e00ffddb9759541f937a948bb52b9dff9515fc4e403baeca0eff69b06b
72249ab78808516933bab2453d24b3f8970d25e3c29c74053d2b8deea1a75757
753fc607002d0a5af67f0d1664a63afc3c132ec976ed84eab493bfff6058fd72
7606f8869bfc5f2208e5f277475818c42798c91e12f47c00558953de9f0e4765
7acd997b8282c92fea971b5bc0ae4baf34b874ae0cb9e2ff3d95c88291240225
7b394238d6baf43878a826856903696e9c20a2ecb5266bb4495801c346e80c2f
7eccadc4f7eb2edc79bd5a6da2ee9e6ede27d95f993aa90855268cc5178649f0
82a26ed404b9b3f3996b757cdff693b2007f77256d9c5375e3419d71bf7a300d
88cf2c9a4c4bcef2aa64fb6ea0f337f78e9a7dc61d87993441369fa5cb429d32
8f735dd97980146cf849f9c3c96ed5609053a02502d563e85aca94146ebb7490
901676e14a08412c46378639c83ebfcd79e47493871ded2e1935362b315bf8d7
9349aea6b6ccec6e3ef0c775c744c929c6fc15abb1ca7c48c09491acef4d0426
94418a72b29d3925bfe359619e4a812fe0503fd7c44431f90ffc46052b50e522
9692541342f0ac243821215beab6cdd504e3348404b874d534d6a76a3149b6b4
9766209be8bc1d2e3a022ed943ef1a019ce795cdf7965b4399406c4068c53ce8
981e520b1919ad03b35139108582fbc24c538b064b2adf533f0074d736387a6a
986f3b4734864b914498f7d04e00869b2eaa0cda7b2e2e0b608370b4e67779fb
9a1101cb67eab5cb68b9aa61b99b5c85e809bd9fe831415371a2d2026efa9448
9a2dff1f5f489215aece13dd0ba4dc293139a54206cd66cdd41f58d4758f0e4d
9b8b931c2f95a5d6c569971b6bf5e8a9d57fc2ec1e876e3884ef0b645353cc77
9dd2970e79d8764b7867c51ce1841fc4960a0a7c109470dbe02e5707a70b41e7
9e72ad302f1a6695fd18142d75e36e4af409b61e71343a855fbb732fde7274b1
a283dc4d55bc6b2d5219b839a6b86d5f2f177dcae9276df69a0c99bf1ce8c719
ab701672077855ab116586a29efbd3637935feafc6e5a600bbf322a496a5c412
ac20136402e1daf9eb019c6b2d21f58dd940c9ba59d42ae2e2ab235021327cc2
b0eb52d278fd98dad941df7235face340e698e01a540b6692cbb4338be0d5dd2
b1a6618545dd413dfa8641bc3c6c971c79c3fd4ba06f714e613824092204baaf
b2767f1177ebc12209e40382d7be09c94e93f73ddc74c3370277c5c2b8f77913
b8b62d35b546add682eda9119437f81b821a9ca9b8f0cf61a88a367596116669
bbea7bb25b667945a6046b0985da43f1ae856fd2bd461e9a891f0f6609fe4d0a
bc630071cc23ab17087da8d662759c3ce113ae6898cb78e14500fb5c3a6fd0b6
bf0b32df4be99bbc695c3acdfe3a42978076495a8f568443734bbdd4f82c143e
c15a89c2aeb9c759fa6cdfeec758922c5aca8a8922fcd15ff89b3d2b2dd762d3
c381e7ab59d0353b3510322fa99a95ca3b009863b8481f7f60b4c565ce2f26da
c55ce94b5a2bd7213de7aeb580b5025cb7b939bde8e9432f51d7ce637a24b3b3
c64bc5842c528a5328f2f9f99aef3526e7f3dca8665e8bb3ccc553ec8f94230b
c835ea2e48e7a3b061b79557e7b6fde1584340ad1ef501485376b89f249eacfb
cdac3b85f49125712a78e60c45d90f33ebe7f1f75c11fba5e7c0c4b17c0d56f4
d213aa6f89c67b2392d9ef7cdb9f68a518552a3f8816bb9474eb21e871d5d59d
d30e7012b5eea996e5fae49486f171f7a9101f08f06183ff9ad99bd8f44778fe
dc960fd5e27b2b5015f8945d833f0bed74eb0609355aab2fbcad2b4f4d5926ca
e0117aad9bed3888498ac20e69fe89ad5984f238da7d8bc561e4fe6aff413600
e019e0183f590b75be835899e7e22397f146f347567da0faf4ef51523eaa8d92
e2a087223a9ecb783a975e9cc8bd1456a2a81e53973f67c8eebea5287b12c181
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cb447c600ef2a7b34c70ae394deccc463885e48f97baa4c4d9146cd5480eaa
e71b66602af067bcc801d263cf7e64d3fdfe86b70ad64d9c1868808966009807
e8f327b57620c846c692fa961a7a98c951ab982139fc48152bd9d2b6a864f645
e935d04531241874700aa25f80e26b19e2e4df44705342aac6ff7c8c4358e738
e975b2057320cdad76b1a2edbc639622f6f551ee01f91408182422f2e401a234
e9f96f38a54ce0f2fcf89e0c2b27ed60d2d12bfaaa03f2c1e5975e48c1dbf736
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f098ac0e1d537f2b32c1d4ad28bdb2e1cc99638ea06d4d456f292cd23bdc89cc
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f35d4cd556e1dd3adee2e5a53d700b5e5e5637bafe43b38a043e2147f634627a
f5b2ff36f5d49d816e21a5fcbbe24389b63709ee1ad1310a8fda28a7af22e51e
f9275855d9ae4c0a8c5331532d8af9476dc02f1e19f5cf4f71b2a2ccea14a027
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
fe41cf87dd0ef28d7f52a0b97e04376b540e642612ab8ce0b197f71954e328b8
fef27c7c64e55ae498d2649e2735ae1d7389cab937873bbd9e49002ed860f7c1

medterracbd.com Open in urlscan Pro 2606:4700:10::6816:40cf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

100 %HTTPS

41 %IPv6

26 Domains

41 Subdomains

33 IPs

8 Countries

3400 kBTransfer

6095 kBSize

4 Cookies

11 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

medterracbd.com Open in urlscan Pro
2606:4700:10::6816:40cf Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

100 %
HTTPS

41 %
IPv6

26
Domains

41
Subdomains

33
IPs

8
Countries

3400 kB
Transfer

6095 kB
Size

4
Cookies

132 HTTP transactions
2 data transactions