lowercholesterol.study Open in urlscan Pro
2600:9000:224a:5200:c:e35c:ac80:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.labcorpmessage.com/?qs=8682cba13863931db5ba37b71c7da16fd5cd3b1683fb9a587ea042928c6e124ed573d2160219938b0a51066c85b8...
Effective URL:
https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Submission: On April 11 via api (April 11th 2022, 2:29:45 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 20 domains to perform 57 HTTP transactions. The main IP is 2600:9000:224a:5200:c:e35c:ac80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is lowercholesterol.study.
TLS certificate: Issued by Amazon on August 20th 2021. Valid for: a year.

This is the only time lowercholesterol.study was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.136.50 13.111.136.50	22606 (EXACT-7) (EXACT-7)
12	2600:9000:224... 2600:9000:224a:5200:c:e35c:ac80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	3.132.57.167 3.132.57.167	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.84.95.254 54.84.95.254	14618 (AMAZON-AES) (AMAZON-AES)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.226.20.197 34.226.20.197	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4014:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	52.6.108.254 52.6.108.254	14618 (AMAZON-AES) (AMAZON-AES)
57	22

1 13.111.136.50 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.labcorpmessage.com

click.labcorpmessage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:224a:5200:c:e35c:ac80:93a1 (United States)

ASN16509 (AMAZON-02, US)

lowercholesterol.study	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

kit-free.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.132.57.167 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-57-167.us-east-2.compute.amazonaws.com

collector-16737.us.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.38 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

beacon.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.95.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-95-254.compute-1.amazonaws.com

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.20.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-20-197.compute-1.amazonaws.com

dmp.tapnative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.108.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-108-254.compute-1.amazonaws.com

js.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	lowercholesterol.study lowercholesterol.study	341 KB
5	doubleclick.net pubads.g.doubleclick.net — Cisco Umbrella Rank: 487 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 95	4 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	763 B
4	google.de www.google.de — Cisco Umbrella Rank: 5383	826 B
4	google.com www.google.com — Cisco Umbrella Rank: 4	826 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
3	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 8754 js.callrail.com — Cisco Umbrella Rank: 10044	12 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 378	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	201 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	138 KB
2	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 438	2 KB
2	tvsquared.com collector-16737.us.tvsquared.com	9 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 897	2 KB
2	fontawesome.com kit-free.fontawesome.com — Cisco Umbrella Rank: 23338	91 KB
1	tapnative.com dmp.tapnative.com — Cisco Umbrella Rank: 118073	762 B
1	deepintent.com beacon.deepintent.com — Cisco Umbrella Rank: 30247	211 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 104	15 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	labcorpmessage.com 1 redirects click.labcorpmessage.com — Cisco Umbrella Rank: 482818	262 B
57	20

	Domain	Requested by
12	lowercholesterol.study	lowercholesterol.study
5	www.facebook.com	lowercholesterol.study
4	www.google.de	lowercholesterol.study
4	www.google.com	lowercholesterol.study
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com lowercholesterol.study
3	bat.bing.com	lowercholesterol.study bat.bing.com
3	connect.facebook.net	lowercholesterol.study connect.facebook.net
3	www.googletagmanager.com	lowercholesterol.study www.googletagmanager.com
2	js.callrail.com	cdn.callrail.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	secure.adnxs.com	1 redirects lowercholesterol.study
2	collector-16737.us.tvsquared.com	lowercholesterol.study
2	unpkg.com	1 redirects lowercholesterol.study
2	kit-free.fontawesome.com	lowercholesterol.study kit-free.fontawesome.com
1	pubads.g.doubleclick.net	lowercholesterol.study
1	dmp.tapnative.com	www.googletagmanager.com
1	cdn.callrail.com	lowercholesterol.study
1	beacon.deepintent.com	lowercholesterol.study
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	lowercholesterol.study
1	click.labcorpmessage.com	1 redirects
57	23

This site contains links to these domains. Also see Links.

Domain
clinicaltrials.gov

Subject Issuer	Validity	Valid
*.platform.threadresearch.com Amazon	`2021-08-20` - `2022-09-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.us.tvsquared.com Amazon	`2021-07-28` - `2022-08-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-04-18`	3 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
cdn.callrail.com Amazon	`2022-02-24` - `2023-03-25`	a year	crt.sh
*.tapnative.com Amazon	`2021-07-03` - `2022-08-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
js.callrail.com Amazon	`2022-02-24` - `2023-03-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Frame ID: 57884BDBBB50D4209AE13D08CA852236
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AstraZeneca’s cholesterol-lowering study

Page URL History Show full URLs

https://click.labcorpmessage.com/?qs=8682cba13863931db5ba37b71c7da16fd5cd3b1683fb9a587ea042928c6e124ed573d216... HTTP 302
https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2 Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

57
Requests

96 %
HTTPS

61 %
IPv6

20
Domains

23
Subdomains

22
IPs

4
Countries

866 kB
Transfer

2462 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://clinicaltrials.gov/ct2/show/NCT04964544
Title: ClinicalTrials.gov

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.labcorpmessage.com/?qs=8682cba13863931db5ba37b71c7da16fd5cd3b1683fb9a587ea042928c6e124ed573d2160219938b0a51066c85b8bbeb90cd00d60cef827361de8dcd98f056ac HTTP 302
https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://unpkg.com/vue-recaptcha@latest/dist/vue-recaptcha.min.js HTTP 302
https://unpkg.com/vue-recaptcha@2.0.1/dist/vue-recaptcha.min.js

Request Chain 14

https://secure.adnxs.com/seg?add=27557956&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27557956%26t%3D1

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
lowercholesterol.study/
Redirect Chain

https://click.labcorpmessage.com/?qs=8682cba13863931db5ba37b71c7da16fd5cd3b1683fb9a587ea042928c6e124ed573d2160219938b0a51066c85b8bbeb90cd00d60cef827361de8dcd98f056ac
https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

150 KB
32 KB

174ms
10ms

Document
text/html

2600:9000:224a:5200:c:e35c:ac80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5200:c:e35c:ac80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 8535e4836f9ab745fd113e65799e228d1ac88ccf18d28dbfbd1619ef9730d16b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 235852
cache-control: public, max-age=2592000
content-encoding: gzip
content-length: 32124
content-type: text/html; charset=utf-8
date: Fri, 08 Apr 2022 20:58:48 GMT
server: CloudFront
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
x-amz-cf-id: E36dvT2ue2rcZ35MSdmkTiZwBjWdkVKcf_ZVJHrZKH09AvbVN5oOcw==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 212
Content-Type: text/html; charset=utf-8
Date: Mon, 11 Apr 2022 14:29:39 GMT
Location: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 44ms
21ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-96119858-3

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6887f12d8f9f8d04e81d8b61b9bc46b795df5ff9dbeda0ba5b308c2803a1aea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:29:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38164
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Apr 2022 14:29:40 GMT

GET
H2 200 runtime.36e1c8e.js Show response
lowercholesterol.study/client/654157/study/eaee2306-0edf-4139-a04d-eb4dc91db499/version/39/_nuxt/ 3 KB
2 KB 11ms
10ms Script
text/javascript 2600:9000:224a:5200:c:e35c:ac80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lowercholesterol.study/client/654157/study/eaee2306-0edf-4139-a04d-eb4dc91db499/version/39/_nuxt/runtime.36e1c8e.js
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5200:c:e35c:ac80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 1ca10f07a140268bb9bd41abd87c108a9e00463953fb5cc9c6715a3e8ba752f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:59:56 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
server: CloudFront
age: 232184
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P1
content-encoding: gzip
content-length: 1488
x-amz-cf-id: 6nSr9ZTvzJ95XXDLQAoY-6CYt77Yhylxc1lbgB6VpSvRrSOMjyAIrw==

GET
H2 200 app.35d7ec9.js Show response
lowercholesterol.study/client/654157/study/eaee2306-0edf-4139-a04d-eb4dc91db499/version/39/_nuxt/commons/ 199 KB
67 KB 11ms
10ms Script
text/javascript 2600:9000:224a:5200:c:e35c:ac80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lowercholesterol.study/client/654157/study/eaee2306-0edf-4139-a04d-eb4dc91db499/version/39/_nuxt/commons/app.35d7ec9.js
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5200:c:e35c:ac80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 024c43d89d470e666e8eb5a880cb97c55f958493edf96345d184f64694fb661e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:59:56 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
server: CloudFront
age: 232184
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P1
content-encoding: gzip
content-length: 68378
x-amz-cf-id: i8fUFBqDfc1eYf3I1KQRZC4zubRevakQOCxCvIOdUxrn5LQtSwGOmg==

GET
H2 200 vendors~app.dfec148.js Show response
lowercholesterol.study/client/654157/study/eaee2306-0edf-4139-a04d-eb4dc91db499/version/39/_nuxt/ 510 KB
176 KB 30ms
29ms Script
text/javascript 2600:9000:224a:5200:c:e35c:ac80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lowercholesterol.study/client/654157/study/eaee2306-0edf-4139-a04d-eb4dc91db499/version/39/_nuxt/vendors~app.dfec148.js
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5200:c:e35c:ac80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 347aa65c906c8b770a7c287d90a2a2933a0236d34da4cfe2773a27b10174c983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:59:57 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
server: CloudFront
age: 232183
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P1
content-encoding: gzip
content-length: 179637
x-amz-cf-id: uaP3BFoZtwJCFApHxadnCAUpfeB0jqdVno8jKid5JiEbaDI85mOzvA==

GET
H2 200 app.6be3acf.js Show response
lowercholesterol.study/client/654157/study/eaee2306-0edf-4139-a04d-eb4dc91db499/version/39/_nuxt/ 129 KB
29 KB 59ms
58ms Script
text/javascript 2600:9000:224a:5200:c:e35c:ac80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lowercholesterol.study/client/654157/study/eaee2306-0edf-4139-a04d-eb4dc91db499/version/39/_nuxt/app.6be3acf.js
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5200:c:e35c:ac80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: bb079ba752dc25a2cbc9987f73e3afd4ef9b98fb2741030f393f13f5d328d2fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:59:56 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
server: CloudFront
age: 232184
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P1
content-encoding: gzip
content-length: 29108
x-amz-cf-id: wTM1eVlBKkMyLhHe_x6-boHp0OHlV7ay0xhwGjxQ6N1LjfqDPw0oTw==

GET
H2 200 index.93a4cf2.js Show response
lowercholesterol.study/client/654157/study/eaee2306-0edf-4139-a04d-eb4dc91db499/version/39/_nuxt/pages/ 20 KB
6 KB 60ms
59ms Script
text/javascript 2600:9000:224a:5200:c:e35c:ac80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lowercholesterol.study/client/654157/study/eaee2306-0edf-4139-a04d-eb4dc91db499/version/39/_nuxt/pages/index.93a4cf2.js
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5200:c:e35c:ac80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 04e642db4561cc553408f4763599420af133420e5151d9879bb9ad0c665f12ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:24:20 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
server: CloudFront
age: 234320
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P1
content-encoding: gzip
content-length: 6052
x-amz-cf-id: 64xwx6KWsXJCoGXWCZ7WuAXQkzjaloJ32V_iic2YpM9-c1xIrpBTDA==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 13:08:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 14:29:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Apr 2022 14:29:40 GMT

GET
H2 200 free.min.css
kit-free.fontawesome.com/releases/latest/css/ 59 KB
13 KB 147ms
73ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:29:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: K44Y34EKMR5CB825
x-amz-id-2: E0X5xhU0gMdcX3S0qRvwVZfiKBtuMVeRgMwtxSx80u+W/Dt+XC3HVJtM+sNdkBCBUXHHOSjlOEA=
last-modified: Wed, 04 Aug 2021 21:22:50 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hVcrbGw08VA4i%2Fn%2BuWJY3l1sYXe1i6THBqeKO5d3lfLXYPk%2BUoOEYmyT0rQ%2FoCAWLz4Tn%2F5Xt9zI3k4PdhKoHdzrA4oNNdMABeOf%2FOBZRnQ10rT7MkvPAAtDh%2F2%2B2UQTx4RCtmXUrtoGvGZBNj%2FwueBzq%2FZDgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 6fa46a6fcc3741e4-MRS

GET
H2

200

vue-recaptcha.min.js Show response
unpkg.com/vue-recaptcha@2.0.1/dist/
Redirect Chain

https://unpkg.com/vue-recaptcha@latest/dist/vue-recaptcha.min.js
https://unpkg.com/vue-recaptcha@2.0.1/dist/vue-recaptcha.min.js

3 KB
1 KB

43ms
43ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue-recaptcha@2.0.1/dist/vue-recaptcha.min.js

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91d724801ba780dd6a0703d0ae56c6f439c75ee26de9a3ac13a6749ca24781f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:29:40 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10708288
fly-request-id: 01FPDC8G5ZQDK34XGQNNE0MASJ
content-encoding: br
vary: Accept-Encoding
last-modified: Fri, 22 Jun 1984 21:50:00 GMT
server: cloudflare
etag: W/"ab7-xSC6aFUmOISYaEh2Za4JJWSMUGQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6fa46a700a663752-MXP

Redirect headers

date: Mon, 11 Apr 2022 14:29:40 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01G0CG2CWK0Z81KDYANCTBS852-cdg
server: cloudflare
age: 428
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /vue-recaptcha@2.0.1/dist/vue-recaptcha.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6fa46a6fa97d3752-MXP
access-control-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
44 KB 51ms
35ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZBLNJW

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c5230a8258370ea5e76d82df8edabf8119aa2571aedfde3752e29f0b88ab20e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:29:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44751
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Apr 2022 14:29:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lowercholesterol.study
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 502191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 18:59:49 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 50ms
27ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZBLNJW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7ce02e0f563c14e7fd2d3249c13317e74fef66108f27096bf04a04552aa0c99c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:29:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14886
x-xss-protection: 0
server: cafe
etag: 11980861724045072707
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 14:29:40 GMT

GET
H/1.1 200
OK tv2track.js Show response
collector-16737.us.tvsquared.com/ 20 KB
9 KB 472ms
106ms Script
application/javascript 3.132.57.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-16737.us.tvsquared.com/tv2track.js
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.57.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-57-167.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 14:29:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Mar 2022 15:01:08 GMT
Server: nginx
ETag: "622229b4-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Mon, 11 Apr 2022 14:39:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: nZS/mbUO7anEDRZ+bYS6y7N1pXo4u4ixY4ysPDEbsAJU9JKagJblamTPpSsu/xLFWYDzhp/bEn8EccdH5rOUKA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 11 Apr 2022 14:29:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=27557956&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27557956%26t%3D1

0
1014 B

27ms
27ms

Script
application/javascript

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27557956%26t%3D1

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

HTTP/1.1

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 14:29:40 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7267db92-8f55-423d-91c3-a13aff5bd967
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 14:29:40 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 889c2421-679f-44af-b6a5-69162510286a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27557956%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 conversion
beacon.deepintent.com/ 0
211 B 353ms
95ms Image
image/gif 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.deepintent.com/conversion?id=0a9ced0e-46a6-438c-9f59-68909b7a2243
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:29:39 GMT
server: b
content-type: image/gif
content-length: 0
p3p: policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'

GET
H2 200 free-fa-solid-900.woff2
kit-free.fontawesome.com/releases/latest/webfonts/ 76 KB
77 KB 503ms
452ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit-free.fontawesome.com/releases/latest/webfonts/free-fa-solid-900.woff2
Requested by: Host: kit-free.fontawesome.com
URL: https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Origin: https://lowercholesterol.study
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:29:41 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VYTKMQKSV9BFHNK9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78168
x-amz-id-2: 6Z0FVOH7Upqc97XiQ8HQRqbfjPbadHInmCP7/MmGpaZpNsw+Y3Ysv4VnoumvwtECu29A0VsLvXk=
last-modified: Wed, 04 Aug 2021 21:26:53 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xNiZ9OwvYRCzD%2BFNGHdCFf%2Fx%2BVusLRUJMDIZO%2BR16oXXVIUkux84E%2FYwsGuNYUKfFH53QVN3unOCtvHgGae%2FZq%2BKWMhBNOmnXJtlhPrBkk4WyIXD3cp%2BKqn%2Fq9WF34I5FG7ShavUl7lFpkR13RHmgfcCJjOXd8%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6fa46a70ae37c057-MRS

GET
H2 200 1210126746161544 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 60ms
58ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1210126746161544?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c914720c34682776c851fe4b81d1140677fe5d0f26e8ddf40306e27a4ea12c35

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: VvZ3nXRBan0mjS4PLVtJ0pldkZJPGQ3c0TzXLD3ZSjVQnZvm+dwPoOw8YWPUCopcUUmED2VyQ6jnVhTjurS8Eg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 11 Apr 2022 14:29:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-96119858-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 749
date: Mon, 11 Apr 2022 14:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 11 Apr 2022 16:17:11 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 156 KB
57 KB 88ms
74ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-781504237&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-96119858-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1590db035aad9f3463de41d0021016abec5d366804e8c508ef2f37f993fd7b69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:29:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58185
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Apr 2022 14:29:40 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 113ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 28C09E96BB9F429B843FF88C1749CB96 Ref B: FRAEDGE1317 Ref C: 2022-04-11T14:29:40Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 11 Apr 2022 14:29:40 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/994007992/d62ec94efa8cfb6483a0/12/ 35 KB
11 KB 455ms
237ms Script
text/javascript 54.84.95.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.callrail.com/companies/994007992/d62ec94efa8cfb6483a0/12/swap.js
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/client/654157/study/eaee2306-0edf-4139-a04d-eb4dc91db499/version/39/_nuxt/commons/app.35d7ec9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.95.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-95-254.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 64cce63a9e76244bf0fe835b7d1fbeef42d891e568786c0ecab409648965ae2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-runtime: 0.010825
date: Mon, 11 Apr 2022 14:29:40 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"64cce63a9e76244bf0fe835b7d1fbeef"
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=3600, public
timing-allow-origin: *
x-request-id: a8e42373-00e3-42b5-9767-7591b7040b99

GET
H2 200 4341ac31-4d38-49c0-a09b-426ae2560fcc.jpg
lowercholesterol.study/img/ 19 KB
20 KB 25ms
23ms Image
image/jpeg 2600:9000:224a:5200:c:e35c:ac80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lowercholesterol.study/img/4341ac31-4d38-49c0-a09b-426ae2560fcc.jpg
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5200:c:e35c:ac80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 4cb0d8b9f1e94a5d74301cf1ad5a887c7034cd33f70380402ca91a885f3b40bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:31:41 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
server: CloudFront
age: 233879
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P1
content-length: 19796
x-amz-cf-id: reVRopl92ZPSR7HpBk6cU42l3hH042RU56OeP0fzF1J0U8ZlITcHUg==

GET
H2 200 fdb0b392-8a26-4d7c-808a-d763f6cd1a74.png
lowercholesterol.study/img/ 605 B
880 B 27ms
25ms Image
image/png 2600:9000:224a:5200:c:e35c:ac80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lowercholesterol.study/img/fdb0b392-8a26-4d7c-808a-d763f6cd1a74.png
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5200:c:e35c:ac80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: cfb046635aa1d5593bcc70e38bbd92bb8ffe3668be475049683fef60f21d05c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:31:41 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
server: CloudFront
age: 233879
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P1
content-length: 605
x-amz-cf-id: QOJUTuRoZGQnQ4RVo6oFi0StWENPlLyDJ1mYRn-rl21B5tsIeLL4rA==

GET
H2 200 0daf83b5-8767-44dc-864a-39d526064351.png
lowercholesterol.study/img/ 1 KB
1 KB 27ms
26ms Image
image/png 2600:9000:224a:5200:c:e35c:ac80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lowercholesterol.study/img/0daf83b5-8767-44dc-864a-39d526064351.png
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5200:c:e35c:ac80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 610697f1a25bb61463a35bca97dbf1f32a1c2b3ae2d3a5d28c734095bcef8017

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:24:22 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
server: CloudFront
age: 234318
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P1
content-length: 1040
x-amz-cf-id: tRYiGlhKVgOnHSM7Ecee0SS_J-xmj8_4g1Y9vONGtfImPRGBH02ZJQ==

GET
H2 200 4f28388a-ce40-45b9-959a-a020136611ea.png
lowercholesterol.study/img/ 2 KB
2 KB 27ms
26ms Image
image/png 2600:9000:224a:5200:c:e35c:ac80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lowercholesterol.study/img/4f28388a-ce40-45b9-959a-a020136611ea.png
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5200:c:e35c:ac80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a6642bf05642ed3352fa61372b874b18ab3290649971e4a6e7806f2ddcb31a34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:31:41 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
server: CloudFront
age: 233879
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P1
content-length: 1609
x-amz-cf-id: vQ44KZlZHpATJDyKxToP7LWc-uT6YmNCsEhH5O6VWMgM8bT1-6dyAA==

GET
H2 200 studyLogo.png
lowercholesterol.study/img/ 2 KB
3 KB 28ms
27ms Image
image/png 2600:9000:224a:5200:c:e35c:ac80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lowercholesterol.study/img/studyLogo.png
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5200:c:e35c:ac80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9326b79bf83b0d8a6777a972df6076aa63c6ebd0c4c380212cd767f56127cb8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:31:41 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
server: CloudFront
age: 233879
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P1
content-length: 2381
x-amz-cf-id: ThPlgStHa7WnuEj8I4DtMc6c7B95pFG2qMzWPW6pkO-Msgf__KDhaQ==

GET
H2 200 sponsorLogo-e5e2a907-8b06-4b19-a97d-bee4d539e3a0.png
lowercholesterol.study/img/ 3 KB
3 KB 27ms
26ms Image
image/png 2600:9000:224a:5200:c:e35c:ac80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lowercholesterol.study/img/sponsorLogo-e5e2a907-8b06-4b19-a97d-bee4d539e3a0.png
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5200:c:e35c:ac80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 476e3441272e9842b3c5c9a75d4d5fa26c4e747becdd46f089b7cc73bad56b3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:31:41 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
server: CloudFront
age: 233879
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P1
content-length: 2943
x-amz-cf-id: OzEeAuAanCpCsR7SkUK_Dn_bxy2l2sEoElRnBvJwmFtmdcrz08BhCQ==

GET
H2 200 tr
www.facebook.com/ 44 B
408 B 85ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=316973266306089&ev=PageView&noscript=1

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:29:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 11 Apr 2022 14:29:40 GMT

GET
H2 200 adretarget Show response
dmp.tapnative.com/adxcommon/ 385 B
762 B 336ms
96ms Script
text/plain 34.226.20.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.tapnative.com/adxcommon/adretarget?id=73ec57fcf317a2f478faf0db3d704f29&ref=&adx_custom=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZBLNJW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.20.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-20-197.compute-1.amazonaws.com
Software: / Express
Resource Hash: fbbdfc0ffbe67efcda05ae88ff1e60561d6f85fcff183d255f60988062b4227f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:29:41 GMT
x-powered-by: Express
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 DFPAudiencePixel;ord=1747205304572296;dc_seg=6892002877
pubads.g.doubleclick.net/activity;dc_iu=/6913/ 42 B
635 B 80ms
44ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/6913/DFPAudiencePixel;ord=1747205304572296;dc_seg=6892002877?

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 14:29:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/781504237/ 2 KB
2 KB 94ms
33ms Script
text/javascript 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/781504237/?random=1649687380057&cv=9&fst=1649687380057&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg460&sendb=1&ig=1&frm=0&url=https%3A%2F%2Flowercholesterol.study%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&tiba=AstraZeneca%E2%80%99s%20cholesterol-lowering%20study&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d34cc93de96e6f8d72f6b1fcbc9123dac186fdb46e68bca84c4c8f1aa96abc45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 14:29:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1072
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
15ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1025917656&t=pageview&_s=1&dl=https%3A%2F%2Flowercholesterol.study%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&dp=%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&ul=en-us&de=UTF-8&dt=AstraZeneca%E2%80%99s%20cholesterol-lowering%20study&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACUABBAAAAC~&jid=1390536998&gjid=260998848&cid=656791295.1649687380&tid=UA-96119858-3&_gid=1987064523.1649687380&_r=1&gtm=2ou3u0&z=20488757

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowercholesterol.study/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 14:29:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lowercholesterol.study
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 21ms
16ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1025917656&t=pageview&_s=1&dl=https%3A%2F%2Flowercholesterol.study%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&dp=%2Fclient%2F654157%2Fstudy%2Feaee2306-0edf-4139-a04d-eb4dc91db499%2Fversion%2F39%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&ul=en-us&de=UTF-8&dt=AstraZeneca%E2%80%99s%20cholesterol-lowering%20study&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUABBAAAAC~&jid=402585354&gjid=1569498925&cid=656791295.1649687380&tid=UA-96119858-3&_gid=1987064523.1649687380&_r=1&_slc=1&z=606419409

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowercholesterol.study/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 14:29:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lowercholesterol.study
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 316973266306089 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 80ms
80ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/316973266306089?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

34804fb3e4c7f6ef987f6fca603f5e851f41a6ee6669e2204eebb367b368938b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Ppstmp9GB7JnACVyyt5UosoWt1fjtiWoX6v5jp1dNe8viTsh91U7vQRLhqTf4/XxFDHXfEzNuaCfX9CMBdSGXA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 11 Apr 2022 14:29:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1210126746161544&ev=PageView&dl=https%3A%2F%2Flowercholesterol.study%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&rl=&if=false&ts=1649687380133&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649687380131.539414937&it=1649687379876&coo=false&exp=p0&rqm=GET

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:29:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 11 Apr 2022 14:29:40 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 64ms
19ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-96119858-3&cid=656791295.1649687380&jid=1390536998&gjid=260998848&_gid=1987064523.1649687380&_u=YGDACUAABAAAAC~&z=1334604837

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowercholesterol.study/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 11 Apr 2022 14:29:40 GMT
content-type: text/plain
access-control-allow-origin: https://lowercholesterol.study
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 64ms
19ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-96119858-3&cid=656791295.1649687380&jid=402585354&gjid=1569498925&_gid=1987064523.1649687380&_u=aGDACUABBAAAAC~&z=1721998425

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lowercholesterol.study/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 11 Apr 2022 14:29:40 GMT
content-type: text/plain
access-control-allow-origin: https://lowercholesterol.study
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 21002289.js Show response
bat.bing.com/p/action/ 0
118 B 167ms
167ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/21002289.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5030A5F2EFC7406D8B0084B96A6E3764 Ref B: FRAEDGE1317 Ref C: 2022-04-11T14:29:40Z
date: Mon, 11 Apr 2022 14:29:40 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=21002289&Ver=2&mid=6b0f3480-4ee1-4a4a-b4df-1b385be8b25e&sid=d2585d20b9a311ecbe836f5d4ba957ee&vid=d25884e0b9a311ecad32e9d9a360ba0c&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=AstraZeneca%E2%80%99s%20cholesterol-lowering%20study&p=https%3A%2F%2Flowercholesterol.study%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&r=&lt=1110&evt=pageLoad&msclkid=N&sv=1&rn=657008

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A59D3C79DFB47169684BB884D0053D5 Ref B: FRAEDGE1317 Ref C: 2022-04-11T14:29:40Z
date: Mon, 11 Apr 2022 14:29:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1025917656&t=pageview&_s=2&dl=https%3A%2F%2Flowercholesterol.study%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&dp=%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&ul=en-us&de=UTF-8&dt=AstraZeneca%E2%80%99s%20cholesterol-lowering%20study&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUABBAAAAC~&jid=&gjid=&cid=656791295.1649687380&tid=UA-96119858-3&_gid=1987064523.1649687380&gtm=2ou3u0&z=1703122293

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 12:55:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5653
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/781504237/ 2 KB
1 KB 393ms
92ms Script
text/javascript 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/781504237/?random=1649687380177&cv=9&fst=1649687380177&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa460&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flowercholesterol.study%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&tiba=AstraZeneca%E2%80%99s%20cholesterol-lowering%20study&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30b7c2e3d15d6e83019cb582da6b502eaa703e53d0289f52181e9d0d7f3f4be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 14:29:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1093
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/781504237/ 42 B
548 B 43ms
18ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/781504237/?random=1649687380057&cv=9&fst=1649685600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg460&sendb=1&frm=0&url=https%3A%2F%2Flowercholesterol.study%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&tiba=AstraZeneca%E2%80%99s%20cholesterol-lowering%20study&async=1&fmt=3&is_vtc=1&random=3695569501&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 14:29:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/781504237/ 42 B
548 B 42ms
19ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/781504237/?random=1649687380057&cv=9&fst=1649685600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg460&sendb=1&frm=0&url=https%3A%2F%2Flowercholesterol.study%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&tiba=AstraZeneca%E2%80%99s%20cholesterol-lowering%20study&async=1&fmt=3&is_vtc=1&random=3695569501&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 14:29:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 43ms
43ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-96119858-3&cid=656791295.1649687380&jid=1390536998&_u=YGDACUAABAAAAC~&z=1568443962

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 14:29:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 44ms
44ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-96119858-3&cid=656791295.1649687380&jid=1390536998&_u=YGDACUAABAAAAC~&z=1568443962

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 14:29:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 44ms
44ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-96119858-3&cid=656791295.1649687380&jid=402585354&_u=aGDACUABBAAAAC~&z=908826906

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 14:29:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 43ms
43ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-96119858-3&cid=656791295.1649687380&jid=402585354&_u=aGDACUABBAAAAC~&z=908826906

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 14:29:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=316973266306089&ev=PageView&dl=https%3A%2F%2Flowercholesterol.study%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&rl=&if=false&ts=1649687380240&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649687380131.539414937&it=1649687379876&coo=false&exp=p0&rqm=GET

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:29:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 11 Apr 2022 14:29:40 GMT

GET
H/1.1 200
OK tv2track.php
collector-16737.us.tvsquared.com/ 42 B
276 B 108ms
107ms Image
image/gif 3.132.57.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-16737.us.tvsquared.com/tv2track.php?action_name=AstraZeneca%E2%80%99s%20cholesterol-lowering%20study&idsite=TV-8136276327-1&rec=1&r=067335&h=14&m=29&s=40&url=https%3A%2F%2Flowercholesterol.study%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&_id=09428f56199fc9da&_idts=1649687380&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=21
Requested by: Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.57.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-57-167.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 14:29:41 GMT
Server: nginx
Connection: keep-alive
Request-Id: 424e836d-f1d0-472a-bd85-a7dcfcea7c89
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length: 42
Content-Type: image/gif

POST
H2 200 swap_session.json Show response
js.callrail.com/group/0/d62ec94efa8cfb6483a0/12/ 297 B
591 B 440ms
234ms XHR
application/json 52.6.108.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://js.callrail.com/group/0/d62ec94efa8cfb6483a0/12/swap_session.json
Requested by: Host: cdn.callrail.com
URL: https://cdn.callrail.com/companies/994007992/d62ec94efa8cfb6483a0/12/swap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.108.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-108-254.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7513d171bcd09edccb0230f6b730f49e9474821721e5199e017faf273b01790d

Request headers

Accept: application/json
Referer: https://lowercholesterol.study/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

x-runtime: 0.139365
date: Mon, 11 Apr 2022 14:29:41 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
status: 200 OK
etag: W/"7513d171bcd09edccb0230f6b730f49e"
vary: Origin
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 7200
cache-control: max-age=0, private, must-revalidate
x-request-id: b8b0ea53-54b6-436a-9b39-d93442756c30
access-control-expose-headers

GET
H3 200 /
www.google.com/pagead/1p-user-list/781504237/ 42 B
64 B 46ms
19ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/781504237/?random=1649687380177&cv=9&fst=1649685600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa460&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flowercholesterol.study%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&tiba=AstraZeneca%E2%80%99s%20cholesterol-lowering%20study&async=1&fmt=3&is_vtc=1&random=681781075&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 14:29:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/781504237/ 42 B
64 B 39ms
21ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/781504237/?random=1649687380177&cv=9&fst=1649685600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa460&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Flowercholesterol.study%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&tiba=AstraZeneca%E2%80%99s%20cholesterol-lowering%20study&async=1&fmt=3&is_vtc=1&random=681781075&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: lowercholesterol.study
URL: https://lowercholesterol.study/?utm_medium=email&utm_source=labcorp&utm_campaign=email2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 14:29:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icap.js Show response
js.callrail.com/group/0/d62ec94efa8cfb6483a0/12/ 22 B
298 B 407ms
125ms Script
text/javascript 52.6.108.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://js.callrail.com/group/0/d62ec94efa8cfb6483a0/12/icap.js?t=1649687380909&GoogleAnalytics__ga=GA1.2.656791295.1649687380&ga=GA1.2.656791295.1649687380&uuid=d3625855-2836-4ba1-9691-b84239b51f6e&ids%5B%5D=994007992
Requested by: Host: cdn.callrail.com
URL: https://cdn.callrail.com/companies/994007992/d62ec94efa8cfb6483a0/12/swap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.108.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-108-254.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1643b5cec44cc597bc2cce3448ce5434241eec9b92db8af268ee3ee1f198441d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-runtime: 0.029696
date: Mon, 11 Apr 2022 14:29:41 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"1643b5cec44cc597bc2cce3448ce5434"
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-request-id: 884fbb6b-65ba-47ed-91d5-a40bf3a00365

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1210126746161544&ev=Microdata&dl=https%3A%2F%2Flowercholesterol.study%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&rl=&if=false&ts=1649687381636&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22AstraZeneca%E2%80%99s%20cholesterol-lowering%20study%22%2C%22meta%3Adescription%22%3A%22Recruitment%20Site%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1649687380131.539414937&it=1649687379876&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:29:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 11 Apr 2022 14:29:42 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=316973266306089&ev=Microdata&dl=https%3A%2F%2Flowercholesterol.study%2F%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2&rl=&if=false&ts=1649687381742&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22AstraZeneca%E2%80%99s%20cholesterol-lowering%20study%22%2C%22meta%3Adescription%22%3A%22Recruitment%20Site%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1649687380131.539414937&it=1649687379876&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lowercholesterol.study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:29:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 11 Apr 2022 14:29:42 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adnxs.com/	1970-01-20 04:24:23	Name: uuid2 Value: 247230093017358292
.adnxs.com/	1970-01-20 04:24:23	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GVIrHBac!]tbP6j2F-XstGt!@DS/$czfV
.facebook.com/	1970-01-20 04:24:23	Name: fr Value: 0iZG8bgUNPOMo1ad3..BiVDtU...1.0.BiVDtU.
.lowercholesterol.study/	1970-01-20 19:45:59	Name: _ga Value: GA1.2.656791295.1649687380
.lowercholesterol.study/	1970-01-20 02:16:13	Name: _gid Value: GA1.2.1987064523.1649687380
.lowercholesterol.study/	1970-01-20 02:14:47	Name: _gat_gtag_UA_96119858_3 Value: 1
.bing.com/	1970-01-20 11:36:23	Name: MUID Value: 2F61DDBCE54262EC36D6CC3FE490633A
.lowercholesterol.study/	1970-01-20 02:14:47	Name: _gat Value: 1
.lowercholesterol.study/	1970-01-20 04:24:23	Name: _fbp Value: fb.1.1649687380131.539414937
.lowercholesterol.study/	1970-01-20 02:16:13	Name: _uetsid Value: d2585d20b9a311ecbe836f5d4ba957ee
.lowercholesterol.study/	1970-01-20 11:36:23	Name: _uetvid Value: d25884e0b9a311ecad32e9d9a360ba0c
.lowercholesterol.study/	1970-01-20 04:24:23	Name: _gcl_au Value: 1.1.1174796675.1649687380
lowercholesterol.study/	1970-01-20 19:45:59	Name: _tq_id.TV-8136276327-1.b322 Value: 09428f56199fc9da.1649687380.0.1649687380..
.tapnative.com/	1970-01-20 04:24:23	Name: adx_profile_guid Value: 44267f60-f358-4172-b0cb-66a766c93579
.tapnative.com/	1970-01-20 06:33:59	Name: ca\|1\|retargettinglist\|614 Value: 614
.lowercholesterol.study/	1970-01-20 11:00:23	Name: calltrk_referrer Value: direct
.lowercholesterol.study/	1970-01-20 11:00:23	Name: calltrk_landing Value: https%3A//lowercholesterol.study/%3Futm_medium%3Demail%26utm_source%3Dlabcorp%26utm_campaign%3Demail2
.lowercholesterol.study/	1970-01-20 11:00:23	Name: calltrk_session_id Value: d3625855-2836-4ba1-9691-b84239b51f6e
.doubleclick.net/	1970-01-20 11:36:23	Name: IDE Value: AHWqTUlQDHRcMZEFyPclwfdZM9AgSG3LXfxg_vhqmWpqSDYDTqV-0N98XzK4nKWK

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://dmp.tapnative.com/adxcommon/adretarget?id=73ec57fcf317a2f478faf0db3d704f29&ref=&adx_custom= Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
beacon.deepintent.com
cdn.callrail.com
click.labcorpmessage.com
collector-16737.us.tvsquared.com
connect.facebook.net
dmp.tapnative.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.callrail.com
kit-free.fontawesome.com
lowercholesterol.study
pubads.g.doubleclick.net
secure.adnxs.com
stats.g.doubleclick.net
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.111.136.50
142.250.185.226
142.250.186.130
169.197.150.8
2600:9000:224a:5200:c:e35c:ac80:93a1
2606:4700::6810:7daf
2620:1ec:c11::200
2a00:1450:4001:800::2008
2a00:1450:4001:803::2003
2a00:1450:4001:809::2004
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c07::9a
2a00:1450:4014:80e::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::7
3.132.57.167
34.226.20.197
37.252.173.38
52.6.108.254
54.84.95.254
024c43d89d470e666e8eb5a880cb97c55f958493edf96345d184f64694fb661e
04e642db4561cc553408f4763599420af133420e5151d9879bb9ad0c665f12ff
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1590db035aad9f3463de41d0021016abec5d366804e8c508ef2f37f993fd7b69
1643b5cec44cc597bc2cce3448ce5434241eec9b92db8af268ee3ee1f198441d
1ca10f07a140268bb9bd41abd87c108a9e00463953fb5cc9c6715a3e8ba752f1
30b7c2e3d15d6e83019cb582da6b502eaa703e53d0289f52181e9d0d7f3f4be3
347aa65c906c8b770a7c287d90a2a2933a0236d34da4cfe2773a27b10174c983
34804fb3e4c7f6ef987f6fca603f5e851f41a6ee6669e2204eebb367b368938b
476e3441272e9842b3c5c9a75d4d5fa26c4e747becdd46f089b7cc73bad56b3b
4c5230a8258370ea5e76d82df8edabf8119aa2571aedfde3752e29f0b88ab20e
4cb0d8b9f1e94a5d74301cf1ad5a887c7034cd33f70380402ca91a885f3b40bc
610697f1a25bb61463a35bca97dbf1f32a1c2b3ae2d3a5d28c734095bcef8017
64cce63a9e76244bf0fe835b7d1fbeef42d891e568786c0ecab409648965ae2a
6887f12d8f9f8d04e81d8b61b9bc46b795df5ff9dbeda0ba5b308c2803a1aea3
7513d171bcd09edccb0230f6b730f49e9474821721e5199e017faf273b01790d
7ce02e0f563c14e7fd2d3249c13317e74fef66108f27096bf04a04552aa0c99c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8535e4836f9ab745fd113e65799e228d1ac88ccf18d28dbfbd1619ef9730d16b
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
91d724801ba780dd6a0703d0ae56c6f439c75ee26de9a3ac13a6749ca24781f9
9326b79bf83b0d8a6777a972df6076aa63c6ebd0c4c380212cd767f56127cb8c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a6642bf05642ed3352fa61372b874b18ab3290649971e4a6e7806f2ddcb31a34
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bb079ba752dc25a2cbc9987f73e3afd4ef9b98fb2741030f393f13f5d328d2fa
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c914720c34682776c851fe4b81d1140677fe5d0f26e8ddf40306e27a4ea12c35
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cfb046635aa1d5593bcc70e38bbd92bb8ffe3668be475049683fef60f21d05c2
d34cc93de96e6f8d72f6b1fcbc9123dac186fdb46e68bca84c4c8f1aa96abc45
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
fbbdfc0ffbe67efcda05ae88ff1e60561d6f85fcff183d255f60988062b4227f
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

lowercholesterol.study Open in urlscan Pro 2600:9000:224a:5200:c:e35c:ac80:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

96 %HTTPS

61 %IPv6

20 Domains

23 Subdomains

22 IPs

4 Countries

866 kBTransfer

2462 kBSize

19 Cookies

1 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lowercholesterol.study Open in urlscan Pro
2600:9000:224a:5200:c:e35c:ac80:93a1 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

96 %
HTTPS

61 %
IPv6

20
Domains

23
Subdomains

22
IPs

4
Countries

866 kB
Transfer

2462 kB
Size

19
Cookies

57 HTTP transactions
0 data transactions