www2.thegutrenewal.com Open in urlscan Pro
2606:4700::6812:5cf Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-tot...
Submission: On March 06 via manual (March 6th 2021, 7:16:25 pm UTC) from US

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 16 domains to perform 51 HTTP transactions. The main IP is 2606:4700::6812:5cf, located in United States and belongs to CLOUDFLARENET, US. The main domain is www2.thegutrenewal.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 18th 2020. Valid for: a year.

This is the only time www2.thegutrenewal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2606:4700::68... 2606:4700::6812:5cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	208.118.62.69 208.118.62.69	7296 (ALCHEMYNET) (ALCHEMYNET)
2	52.19.141.100 52.19.141.100	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	34.107.202.36 34.107.202.36	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:298::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 6	2606:4700::68... 2606:4700::6812:14b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.218.229.208 52.218.229.208	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:7e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2606:4700::68... 2606:4700::6812:15b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.36.84 151.101.36.84	54113 (FASTLY) (FASTLY)
51	17

26 2606:4700::6812:5cf (United States)

ASN13335 (CLOUDFLARENET, US)

www2.thegutrenewal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.thegutrenewal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.118.62.69 (United States)

ASN7296 (ALCHEMYNET, US)

www.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.141.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-141-100.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.202.36 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 36.202.107.34.bc.googleusercontent.com

www.gdrytrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:298::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:14b7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

thenewgutfix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.229.208 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e8 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gundrymd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:15b7 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

images.thenewgutfix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.36.84 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	thegutrenewal.com www2.thegutrenewal.com cdn.thegutrenewal.com	1 MB
9	thenewgutfix.com 4 redirects thenewgutfix.com images.thenewgutfix.com	2 KB
3	pinterest.com ct.pinterest.com	745 B
3	criteo.com 1 redirects sslwidget.criteo.com widget.us.criteo.com gum.criteo.com	2 KB
2	pinimg.com s.pinimg.com	18 KB
2	krxd.net beacon.krxd.net	914 B
2	googletagmanager.com www.googletagmanager.com	106 KB
1	gundrymd.com cdn.gundrymd.com	60 KB
1	amazonaws.com s3-us-west-2.amazonaws.com	929 B
1	google.de www.google.de	552 B
1	google.com www.google.com	552 B
1	doubleclick.net googleads.g.doubleclick.net	2 KB
1	criteo.net static.criteo.net	12 KB
1	gdrytrk.com www.gdrytrk.com
1	googleadservices.com www.googleadservices.com	13 KB
1	upsellit.com www.upsellit.com	7 KB
51	16

	Domain	Requested by
19	www2.thegutrenewal.com	www2.thegutrenewal.com
7	cdn.thegutrenewal.com	www2.thegutrenewal.com
6	thenewgutfix.com	1 redirects www2.thegutrenewal.com
3	ct.pinterest.com	www2.thegutrenewal.com
3	images.thenewgutfix.com	3 redirects
2	s.pinimg.com	www2.thegutrenewal.com s.pinimg.com
2	beacon.krxd.net	www2.thegutrenewal.com
2	www.googletagmanager.com	www2.thegutrenewal.com www.googletagmanager.com
1	cdn.gundrymd.com	www2.thegutrenewal.com
1	s3-us-west-2.amazonaws.com	www2.thegutrenewal.com
1	www.google.de	www2.thegutrenewal.com
1	www.google.com	www2.thegutrenewal.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	gum.criteo.com	static.criteo.net
1	widget.us.criteo.com	www2.thegutrenewal.com
1	sslwidget.criteo.com	1 redirects
1	static.criteo.net	www.googletagmanager.com
1	www.gdrytrk.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.upsellit.com	www.googletagmanager.com
51	20

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-18` - `2021-08-18`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.upsellit.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-30` - `2022-11-01`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
actitrk.com Go Daddy Secure Certificate Authority - G2	`2020-07-27` - `2021-06-28`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-11` - `2021-04-10`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube
Frame ID: 0BE9D63767C9F9E1FB01C637D95F7DD2
Requests: 49 HTTP requests in this frame

Frame: https://www.gdrytrk.com/?nid=704&aid=1&adv_event_id=21&transaction_id=TRANSACTION_ID&amount=AMOUNT
Frame ID: 9BC707A649D52556F637B90CCB8CE9ED
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www2.thegutrenewal.com
Frame ID: C5078A64B9936FE2E02C13318F1A380E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

51
Requests

100 %
HTTPS

58 %
IPv6

16
Domains

20
Subdomains

17
IPs

5
Countries

1280 kB
Transfer

10169 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://sslwidget.criteo.com/event?a=34370&v=5.6.2&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1TR&p2=e%3Ddis&adce=1&tld=thegutrenewal.com&dtycbr=91655 HTTP 302
https://widget.us.criteo.com/event?a=34370&v=5.6.2&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1TR&p2=e%3Ddis&adce=1&tld=thegutrenewal.com&dtycbr=91655

Request Chain 29

https://thenewgutfix.com/images/GundryMD-Logo.png HTTP 301
https://thenewgutfix.com/eu/

Request Chain 37

https://images.thenewgutfix.com/gundry-circle.png HTTP 301
https://thenewgutfix.com/eu/

Request Chain 39

https://images.thenewgutfix.com/faqDownArrow.png HTTP 301
https://thenewgutfix.com/eu/

Request Chain 40

https://images.thenewgutfix.com/GMD+Logo+Footer%401x.png HTTP 301
https://thenewgutfix.com/eu/

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/ 8 KB
3 KB 155ms
122ms Document
text/html 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4b907e81bf0d66a242daa4812db7e5db0925c642d124bd6c37db37605d7dc8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www2.thegutrenewal.com
:scheme: https
:path: /fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:01 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d208a4b6408f79e5953e82692822d61cd1615058161; expires=Mon, 05-Apr-21 19:16:01 GMT; path=/; domain=.thegutrenewal.com; HttpOnly; SameSite=Lax; Secure
cache-control: public, max-age = 31557600
last-modified: Sat, 06 Mar 2021 06:31:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 08aa90e73b000017521407e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 62bdea852ef91752-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 process_env.js Show response
www2.thegutrenewal.com/ 1 KB
858 B 128ms
127ms Script
application/javascript 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/process_env.js?ver=3620216

Requested by

Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37c4c09cd196250e24ef8b9fdd17375db14be6a208c85a847026e2d83663f622

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:01 GMT
via: 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: MISS
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08aa90e7bd0000175232be5000000001
last-modified: Sat, 06 Mar 2021 19:06:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"445-17808ef571b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: private, no-cache, max-age = 0
cf-ray: 62bdea85f8081752-FRA

GET
H2 200 funnel_confs.js Show response
www2.thegutrenewal.com/ 3 MB
151 KB 190ms
189ms Script
application/javascript 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/funnel_confs.js?ver=3620216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3698e50179739935fd4bfe74557c0277ccd090416bfdbf00fa51e66289a7f903

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:01 GMT
via: 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08aa90e7bd000017521cb61000000001
last-modified: Sat, 06 Mar 2021 18:21:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3799be-17808c63602"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age = 31557600
cf-ray: 62bdea85f80c1752-FRA

GET
H2 200 countries.js Show response
www2.thegutrenewal.com/ 2 KB
1 KB 179ms
178ms Script
application/javascript 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/countries.js?ver=3620216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fcbe5efc69b05ce7d5e76825fb642bf3867a7435f88631b13a2d8068d8e2af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:01 GMT
via: 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: MISS
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08aa90e7be000017521d191000000001
last-modified: Sat, 06 Mar 2021 18:31:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"98f-17808cf3f3e"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 62bdea85f80d1752-FRA
expires: Sat, 06 Mar 2021 20:16:01 GMT

GET
H2 200 polyfills.js Show response
www2.thegutrenewal.com/build/ 95 KB
32 KB 140ms
139ms Script
application/javascript 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/build/polyfills.js?ver=3620216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

889b55a9f68c3f0b1b423c124f4876639920d29a171098d4e42d120d401290d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
via: 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: MISS
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08aa90e8dc00001752ff2f4000000001
last-modified: Thu, 04 Mar 2021 00:15:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"17b9c-177fa968b10"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 62bdea87ca7e1752-FRA
expires: Sat, 06 Mar 2021 20:16:02 GMT

GET
H2 200 vendor.js Show response
www2.thegutrenewal.com/build/ 2 MB
424 KB 168ms
167ms Script
application/javascript 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/build/vendor.js?ver=3620216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41b3f6ea700c60e6525ffdeb2e8dbeb1485b988bcc0b01a08c10ed986a1b0189

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
via: 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: MISS
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08aa90e90a000017522eaec000000001
last-modified: Thu, 04 Mar 2021 00:30:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1b85f1-177faa45a38"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 62bdea881ad91752-FRA
expires: Sat, 06 Mar 2021 20:16:02 GMT

GET
H2 200 main.js Show response
www2.thegutrenewal.com/build/ 287 KB
45 KB 146ms
145ms Script
application/javascript 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/build/main.js?ver=3620216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7ab4b2379c4b86199b5ec976ce67678799c8f30a270fb52f3a53f4d7a18152e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
via: 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: MISS
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08aa90e90a000017524e11b000000001
last-modified: Thu, 04 Mar 2021 00:29:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"47b66-177faa3d180"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 62bdea881adb1752-FRA
expires: Sat, 06 Mar 2021 20:16:02 GMT

GET
H2 200 main.css
www2.thegutrenewal.com/build/ 3 MB
169 KB 173ms
173ms Stylesheet
text/css 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/build/main.css?ver=3620216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93d2cf65091cab7efdd8652cde8a6ec6212b9e19e3e90d87d3479a05fc4826af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:01 GMT
via: 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: MISS
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08aa90e7be0000175265b08000000001
last-modified: Thu, 04 Mar 2021 00:19:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"332ecc-177fa9a6b40"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 62bdea85f80e1752-FRA
expires: Sat, 06 Mar 2021 20:16:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 388 KB
67 KB 95ms
75ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1554e6bdf14a7b035ad334ca068812fc935a38bead751a9b8a714e2155e334e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67692
x-xss-protection: 0
last-modified: Sat, 06 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Mar 2021 19:16:02 GMT

GET
H2 200 request-ip Show response
www2.thegutrenewal.com/ 68 B
217 B 121ms
121ms Script
application/javascript 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/request-ip

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6aad33c83fd6259b41af918831dd3c0cf24b156428a9c725e8419c4d91b5c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
via: 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08aa90e90b000017522bbb6000000001
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"44-WxMlsvWbOahHbJS+S2BQMKEWOe4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-cache, max-age = 0
cf-ray: 62bdea881add1752-FRA

GET
H2 200 getsession Show response
www2.thegutrenewal.com/proxy/utils/ 0
228 B 154ms
154ms XHR
application/octet-stream 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/proxy/utils/getsession

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-brand: Gundry MD

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
via: 1.1 spaces-router (c5a8891ec815), 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/octet-stream
vary: Origin
access-control-allow-credentials: true
cf-request-id: 08aa90e910000017522a112000000001
cf-ray: 62bdea881adf1752-FRA
access-control-expose-headers: X-Brand

GET
H2 200 goldenhippo.jsp Show response
www.upsellit.com/active/ 24 KB
7 KB 524ms
184ms Script
application/x-javascript 208.118.62.69
ALCHEMYNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.upsellit.com/active/goldenhippo.jsp
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.118.62.69 , United States, ASN7296 (ALCHEMYNET, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ceb07d6505a25156411d9da535c5b7459ec59abc96c572e7eb137eb1bde83c9

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
content-encoding: gzip
expires: Sun, 07 Mar 2021 19:16:02 GMT
server: nginx
cache-control: max-age=86400
content-type: application/x-javascript;charset=ISO-8859-1

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 59ms
46ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-695038606

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9211387e4afde89ab97c48cd34fc2e7acd798e1ca03cbaad0e1f18836b2d7e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39431
x-xss-protection: 0
last-modified: Sat, 06 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Mar 2021 19:16:02 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
458 B 313ms
33ms Image
text/plain 52.19.141.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=NqKvCG4b&event_type=default&company_id=4772303201
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.141.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-141-100.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=56 t=1615058162
x-served-by: beacon-n002-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H2 200 setaffparameters Show response
www2.thegutrenewal.com/proxy/affiliate/ 20 B
258 B 137ms
137ms XHR
application/json 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/proxy/affiliate/setaffparameters

Requested by

Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/build/polyfills.js?ver=3620216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube
X-Brand: Gundry MD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
via: 1.1 spaces-router (c5a8891ec815), 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.thegutrenewal.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cf-request-id: 08aa90ebe6000017524a98b000000001
cf-ray: 62bdea8ca89f1752-FRA
access-control-expose-headers: X-Brand

POST
H2 200 save Show response
www2.thegutrenewal.com/proxy/funnel/stats/ 16 B
338 B 129ms
128ms XHR
application/json 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/proxy/funnel/stats/save

Requested by

Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/build/polyfills.js?ver=3620216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504
X-Brand: Gundry MD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
via: 1.1 spaces-router (c5a8891ec815), 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"10-MxB4y4MLcx6QDsp8b8vgp7iFMFo"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.thegutrenewal.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cf-request-id: 08aa90ebe900001752753cd000000001
cf-ray: 62bdea8ca8a21752-FRA
access-control-expose-headers: X-Brand

POST
H2 200 save Show response
www2.thegutrenewal.com/proxy/funnel/stats/ 16 B
250 B 166ms
166ms XHR
application/json 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/proxy/funnel/stats/save

Requested by

Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/build/polyfills.js?ver=3620216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504
X-Brand: Gundry MD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
via: 1.1 spaces-router (c5a8891ec815), 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"10-MxB4y4MLcx6QDsp8b8vgp7iFMFo"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.thegutrenewal.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cf-request-id: 08aa90ebe900001752171f7000000001
cf-ray: 62bdea8ca8a41752-FRA
access-control-expose-headers: X-Brand

POST
H2 200 save Show response
www2.thegutrenewal.com/proxy/funnel/stats/ 16 B
223 B 129ms
129ms XHR
application/json 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/proxy/funnel/stats/save

Requested by

Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/build/polyfills.js?ver=3620216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504
X-Brand: Gundry MD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
via: 1.1 spaces-router (c5a8891ec815), 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"10-MxB4y4MLcx6QDsp8b8vgp7iFMFo"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.thegutrenewal.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cf-request-id: 08aa90ebf0000017522eb0c000000001
cf-ray: 62bdea8cb8ae1752-FRA
access-control-expose-headers: X-Brand

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 32 KB
13 KB 92ms
35ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-695038606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

104ff1abbbad8a44885817c01d09b1454d44dfef30c991f25712feb21ffea675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12538
x-xss-protection: 0
server: cafe
etag: 10853274261861872019
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 06 Mar 2021 19:16:02 GMT

GET
H2 204 /
www.gdrytrk.com/ Frame 9BC7 0
0 273ms
133ms Document
text/plain 34.107.202.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gdrytrk.com/?nid=704&aid=1&adv_event_id=21&transaction_id=TRANSACTION_ID&amount=AMOUNT
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.202.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.202.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: www.gdrytrk.com
:scheme: https
:path: /?nid=704&aid=1&adv_event_id=21&transaction_id=TRANSACTION_ID&amount=AMOUNT
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www2.thegutrenewal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www2.thegutrenewal.com/

Response headers

server: nginx
date: Sat, 06 Mar 2021 19:16:03 GMT
vary: Origin
x-eflow-request-id: d2db5544-4d4c-4b87-a028-456257f01901
via: 1.1 google
alt-svc: clear

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
831 B 120ms
104ms Script
application/javascript 2a02:26f0:6c00:298::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:298::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3b55e27038f70b1b7cfae4116bf09fe3faf8cb97795673d1fd338113d0c0d53f

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "7dfd742fa9951f09da578c3e4cfc7d96"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 36607c94-2.16.186.237
accept-ranges: bytes
content-length: 583
access-control-expose-headers: X-CDN

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 36 KB
12 KB 45ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
content-encoding: gzip
last-modified: Mon, 14 Sep 2020 13:03:43 GMT
server: nginx
etag: W/"5f5f6a2f-90a2"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 07 Mar 2021 19:16:02 GMT

GET
H2 200 173.js Show response
www2.thegutrenewal.com/build/ 248 KB
33 KB 129ms
129ms Script
application/javascript 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/build/173.js?v=833a4025283629190ec3

Requested by

Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/build/vendor.js?ver=3620216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9ab0890457396f05c7a2c7cb1095bd920192e67ef646c85389fd0f4a92ea04e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
via: 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: MISS
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08aa90ec9500001752ff85d000000001
last-modified: Thu, 04 Mar 2021 00:27:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3e11d-177faa23370"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 62bdea8db9d41752-FRA
expires: Sat, 06 Mar 2021 20:16:02 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
456 B 33ms
33ms Image
text/plain 52.19.141.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=NqKvCG4b&event_type=default&company_id=4772303201
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.141.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-141-100.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1615058162
x-served-by: beacon-n001-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=34370&v=5.6.2&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1TR&p2=e%3Ddis&adce=1&tld=thegutrenewal.com&dtycbr=91655
https://widget.us.criteo.com/event?a=34370&v=5.6.2&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1TR&p2=e%3Ddis&adce=1&tld=thegutrenewal.com&dtycbr=91655

1 KB
1 KB

480ms
119ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=34370&v=5.6.2&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1TR&p2=e%3Ddis&adce=1&tld=thegutrenewal.com&dtycbr=91655
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e02c12821c5a4a1c7c885aee37c585edf3876995d85d2d1deb155fd8d109136b

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 19:16:04 GMT
content-encoding: gzip
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
server-processing-duration-in-ticks: 32589
timing-allow-origin: *
content-length: 863
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 19:16:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
location: https://widget.us.criteo.com/event?a=34370&v=5.6.2&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1TR&p2=e%3Ddis&adce=1&tld=thegutrenewal.com&dtycbr=91655
cache-control: no-cache
server-processing-duration-in-ticks: 2977
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C507 0
150 B 40ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www2.thegutrenewal.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www2.thegutrenewal.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www2.thegutrenewal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www2.thegutrenewal.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1409
date: Sat, 06 Mar 2021 19:16:02 GMT
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/695038606/ 3 KB
2 KB 35ms
17ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/695038606/?random=1615058162911&cv=9&fst=1615058162911&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww2.thegutrenewal.com%2Fos200728a_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-aff-totalrestore-yt-all--qqq%26utm_campaign_id%3D7010H000001cC58QAE%26utm_content%3Dbanner_ad%26utm_medium%3Dcpc%26utm_source%3Dyoutube%26sessionid%3D242950978504%26uid%3Daff_total_restore_yt_all_os_qqq_200731%26dsid%3Da0v0H00000IznLAQAZ%26step%3D1&tiba=Gundry%20MD%20-%20Is%20There%20A%20Solution%20For%20Leaky%20Gut%3F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a16abe139283ae5d1f87e5b673720c264d79832629041b1fd4e132c84785725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 19:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1251
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/695038606/ 42 B
552 B 37ms
19ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/695038606/?random=1615058162911&cv=9&fst=1615057200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww2.thegutrenewal.com%2Fos200728a_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-aff-totalrestore-yt-all--qqq%26utm_campaign_id%3D7010H000001cC58QAE%26utm_content%3Dbanner_ad%26utm_medium%3Dcpc%26utm_source%3Dyoutube%26sessionid%3D242950978504%26uid%3Daff_total_restore_yt_all_os_qqq_200731%26dsid%3Da0v0H00000IznLAQAZ%26step%3D1&tiba=Gundry%20MD%20-%20Is%20There%20A%20Solution%20For%20Leaky%20Gut%3F&async=1&fmt=3&is_vtc=1&random=1618293146&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 19:16:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/695038606/ 42 B
552 B 40ms
20ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/695038606/?random=1615058162911&cv=9&fst=1615057200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww2.thegutrenewal.com%2Fos200728a_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-aff-totalrestore-yt-all--qqq%26utm_campaign_id%3D7010H000001cC58QAE%26utm_content%3Dbanner_ad%26utm_medium%3Dcpc%26utm_source%3Dyoutube%26sessionid%3D242950978504%26uid%3Daff_total_restore_yt_all_os_qqq_200731%26dsid%3Da0v0H00000IznLAQAZ%26step%3D1&tiba=Gundry%20MD%20-%20Is%20There%20A%20Solution%20For%20Leaky%20Gut%3F&async=1&fmt=3&is_vtc=1&random=1618293146&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 19:16:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.2a04f3ee.js Show response
s.pinimg.com/ct/lib/ 48 KB
17 KB 104ms
103ms Script
application/javascript 2a02:26f0:6c00:298::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.2a04f3ee.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:298::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1a6d2c0675a46c16261ab620e5eda102fdfb5d085391347db3306bf872a90664

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "248210fef24a364a0e167a9a4db13563"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 36607dc0-2.16.186.237
accept-ranges: bytes
content-length: 17102
access-control-expose-headers: X-CDN

GET
H2

200

/
thenewgutfix.com/eu/
Redirect Chain

https://thenewgutfix.com/images/GundryMD-Logo.png
https://thenewgutfix.com/eu/

0
0

190ms
190ms

Image
text/html

2606:4700::6812:14b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thenewgutfix.com/eu/
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sat, 06 Mar 2021 19:16:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://thenewgutfix.com/eu/
cf-ray: 62bdea9a08f99742-FRA
content-length: 0
cf-request-id: 08aa90f445000097422a271000000001

GET
H2 200 check.png
cdn.thegutrenewal.com/ 146 B
416 B 386ms
373ms Image
image/webp 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thegutrenewal.com/check.png
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c83458e65f9807a4f2f0154bdc6d832d8e03bdef378a1ccabd978138e1d88145

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:04 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: NZ6W1R1BVTZ8V6SJ
cf-polished: origFmt=png, origSize=240
last-modified: Wed, 07 Oct 2020 19:31:40 GMT
content-disposition: inline; filename="check.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 146
x-amz-id-2: lp+T6iIFFAyH3DV156vvy1VdnCgnmL4ErJTnX7YzLmifuisZ1MIoYnTrQgutZUj2bz5slADdyH8=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "00f9d57e243a596b279a0b527e452936"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
cf-request-id: 08aa90f2220000175275018000000001
accept-ranges: bytes
cf-ray: 62bdea969cb31752-FRA
expires: Sat, 06 Mar 2021 20:16:04 GMT

GET
H2 200 guarantee.png
cdn.thegutrenewal.com/ 7 KB
7 KB 223ms
214ms Image
image/webp 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thegutrenewal.com/guarantee.png
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516af8eb08087c45e56eaf895c2c47bd20c1c3b00abc3fb1b8c23bc2b28f4d86

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:04 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: NZ6G1N2E6HZYEY1T
cf-polished: origFmt=png, origSize=7717
last-modified: Wed, 07 Oct 2020 19:31:40 GMT
content-disposition: inline; filename="guarantee.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7048
x-amz-id-2: saP/edb1uUlcM5EfwGPWYc4NMFsKrSMuI8nIKwCHtPDGy/wuwNAokPHLkfBew+fdcj4YxDCqqGM=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cab783378c5abbb911dfd32e8dff392b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
cf-request-id: 08aa90f2220000175232868000000001
accept-ranges: bytes
cf-ray: 62bdea969cb51752-FRA
expires: Sat, 06 Mar 2021 20:16:04 GMT

GET
H2 200 truck.png
cdn.thegutrenewal.com/ 266 B
533 B 227ms
218ms Image
image/webp 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thegutrenewal.com/truck.png
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27349c3075b267bc62f9243928618ca02f83fac50e75bc104e703f40ad1fcb07

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:04 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: NZ6SN3YBEGG47A58
cf-polished: origFmt=png, origSize=460
last-modified: Wed, 07 Oct 2020 19:31:41 GMT
content-disposition: inline; filename="truck.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 266
x-amz-id-2: t6e+94Z6avJ1mH9S+V89wAcxk9X/KqRWnQ1PAvPVMzNaTB2Wc+LrHcNchbgrAl8mqSyBuPvM8vs=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "0dfb48066c6afedd53c6cdb2ce6bfc74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
cf-request-id: 08aa90f222000017520a2d4000000001
accept-ranges: bytes
cf-ray: 62bdea969cb41752-FRA
expires: Sat, 06 Mar 2021 20:16:04 GMT

GET
H/1.1 200
OK red-check2.png
s3-us-west-2.amazonaws.com/cdn.thegutrenewal.com/ 573 B
929 B 905ms
183ms Image
image/png 52.218.229.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/cdn.thegutrenewal.com/red-check2.png
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.229.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 41bf01cc170de06921d6deb3d535f7a3f62d944442ee3c0f6d97c652d2a67f9b

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 19:16:06 GMT
Last-Modified: Wed, 07 Oct 2020 19:31:41 GMT
Server: AmazonS3
x-amz-request-id: V9P5TR4XFZKN9340
ETag: "8c362c15e39f16bdd24469be0d58a003"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 573
x-amz-id-2: jLkcEN2XIx0Fdi71lL25zHuA4cTKC2GvVs8v7uQaNUFLIvXCH+Fd6uW2d4UCP1OM0Vd+Mca0jq8=

GET
H2 200 totalrestore-supplist.png
cdn.gundrymd.com/images/totalrestore/ 60 KB
60 KB 860ms
311ms Image
image/webp 2606:4700::6812:7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gundrymd.com/images/totalrestore/totalrestore-supplist.png
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002c97d777b58a22e9011aa7001152fef17e876cd33288134d497e4393878778

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:05 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: NZ6VSSZQWFMWGHJR
cf-polished: origFmt=png, origSize=62413
content-disposition: inline; filename="totalrestore-supplist.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61064
x-amz-id-2: q0mzbzVEQmbLLd01xIMmcdfp4mOwybBQzXendl1T9eF78MKfFH8drInz6+OX6fBw0jErDHWv+YY=
last-modified: Mon, 10 Aug 2020 03:34:07 GMT
server: cloudflare
etag: "761986ef38f10077aa7eef1a6bef3d8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=3600
x-amz-version-id: null
cf-request-id: 08aa90f43e0000d711af089000000001
accept-ranges: bytes
cf-ray: 62bdea99fd73d711-FRA
expires: Sat, 06 Mar 2021 20:16:05 GMT

GET
H2 200 docGun.jpg
cdn.thegutrenewal.com/ 8 KB
9 KB 263ms
255ms Image
image/webp 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thegutrenewal.com/docGun.jpg
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42044b3cb1063bd3b2fbe751adaa9ba230c5b88dcdeceea10482089218b4b861

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:04 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: NZ6R8X31XZS5T8P9
cf-polished: qual=85, origFmt=jpeg, origSize=11407
last-modified: Wed, 07 Oct 2020 19:31:40 GMT
content-disposition: inline; filename="docGun.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8680
x-amz-id-2: Zt2I1U+Scr9hZn6/+mwIoMyILpHLNZtK4Be0klFliAI44f/DX7kIVo/1soa4Mvs1DFIA93sqj1Q=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "a70f92377d401cb038c3993662eb7792"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
cf-request-id: 08aa90f2210000175202978000000001
accept-ranges: bytes
cf-ray: 62bdea969cb21752-FRA
expires: Sat, 06 Mar 2021 20:16:04 GMT

GET
H2 200 Total-Restore-mbg.png
cdn.thegutrenewal.com/ 24 KB
24 KB 386ms
378ms Image
image/webp 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thegutrenewal.com/Total-Restore-mbg.png
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b27221a11d1ff6c1b23bdc658ab6b5fc65d75ce8f074e0f176a29bdd03a4318e

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:04 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: NZ6GFCJG75G70K7G
cf-polished: origFmt=png, origSize=25638
last-modified: Wed, 07 Oct 2020 19:31:41 GMT
content-disposition: inline; filename="Total-Restore-mbg.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24508
x-amz-id-2: TRWkPbwpzyzd4IT+rhbLBAwohWZNpV0+zL2PW/Af4EToyOV4QuItL0yFQ+5o/h/E9o+BQEKq/Jc=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "5f70ab832750c365677912c377c44563"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
cf-request-id: 08aa90f2220000175235828000000001
accept-ranges: bytes
cf-ray: 62bdea969cb71752-FRA
expires: Sat, 06 Mar 2021 20:16:04 GMT

GET
H2

200

/
thenewgutfix.com/eu/
Redirect Chain

https://images.thenewgutfix.com/gundry-circle.png
https://thenewgutfix.com/eu/

0
0

202ms
202ms

Image
text/html

2606:4700::6812:14b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thenewgutfix.com/eu/
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sat, 06 Mar 2021 19:16:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://thenewgutfix.com/eu/
cf-ray: 62bdea9a0fae4e80-FRA
content-length: 0
cf-request-id: 08aa90f44500004e8058311000000001

GET
H2 200 5stars.png
www2.thegutrenewal.com/assets/img/ 553 B
755 B 121ms
120ms Image
image/png 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.thegutrenewal.com/assets/img/5stars.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

972d00b00947fe9d3fb9926b2967abd31e67e890bcbbe0273fd07a5f37b0251a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:04 GMT
via: 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 553
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Mar 2021 00:15:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"229-177fa968b10"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-request-id: 08aa90f21c00001752640d9000000001
accept-ranges: bytes
cf-ray: 62bdea969ca81752-FRA
expires: Sat, 06 Mar 2021 20:16:04 GMT

GET
H2

200

/
thenewgutfix.com/eu/
Redirect Chain

https://images.thenewgutfix.com/faqDownArrow.png
https://thenewgutfix.com/eu/

0
0

183ms
183ms

Image
text/html

2606:4700::6812:14b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thenewgutfix.com/eu/
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sat, 06 Mar 2021 19:16:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://thenewgutfix.com/eu/
cf-ray: 62bdea9a0faf4e80-FRA
content-length: 0
cf-request-id: 08aa90f44500004e80c00a7000000001

GET
H2

200

/
thenewgutfix.com/eu/
Redirect Chain

https://images.thenewgutfix.com/GMD+Logo+Footer%401x.png
https://thenewgutfix.com/eu/

0
0

533ms
533ms

Image
text/html

2606:4700::6812:14b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thenewgutfix.com/eu/
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sat, 06 Mar 2021 19:16:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://thenewgutfix.com/eu/
cf-ray: 62bdea9a0fb14e80-FRA
content-length: 0
cf-request-id: 08aa90f44500004e80943bc000000001

GET
H2 200 gundry-logo.jpg
cdn.thegutrenewal.com/ 3 KB
3 KB 209ms
208ms Image
image/webp 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thegutrenewal.com/gundry-logo.jpg
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a2914b51918db5968e25efb198b1b94e9be28dd3356751255544954e8f29df7

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:04 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 1R38GAKGFT9ECAZP
cf-polished: qual=85, origFmt=jpeg, origSize=4571
last-modified: Wed, 07 Oct 2020 19:31:41 GMT
content-disposition: inline; filename="gundry-logo.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3280
x-amz-id-2: i7gKBLDOuodU1UTWZnmDyPDsx/Nm7ZN9EpdLipPbjpRqq0mzBjIYsTGvgp50AGZbdBUW+k3Mm14=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "6534b079e432031ab72ea0beb4411445"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=3600
cf-request-id: 08aa90f2db000017524117c000000001
accept-ranges: bytes
cf-ray: 62bdea97ce5a1752-FRA
expires: Sat, 06 Mar 2021 20:16:04 GMT

GET
H2 200 phone.png
thenewgutfix.com/assets/images/ 562 B
855 B 388ms
25ms Image
image/webp 2606:4700::6812:14b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thenewgutfix.com/assets/images/phone.png
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b76c4e791836e777cbd8cda55e5d68d2eeada933c1c01209ed5d85a8d11fc788

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:04 GMT
cf-cache-status: HIT
age: 196192
cf-polished: origFmt=png, origSize=19701
content-disposition: inline; filename="phone.webp"
cf-bgj: imgq:85,h2pri
content-length: 562
cf-request-id: 08aa90f445000097420a15a000000001
last-modified: Tue, 04 Aug 2020 16:09:54 GMT
server: cloudflare
etag: "5f298852-4cf5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 62bdea9a08f79742-FRA
expires: Tue, 04 Mar 2031 19:16:04 GMT

GET
H2 200 background.jpg
cdn.thegutrenewal.com/ 63 KB
63 KB 269ms
268ms Image
image/jpeg 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.thegutrenewal.com/background.jpg
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/build/main.css?ver=3620216
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b308230485689fad5070b2caa3edc219b515cc332bc59c58e31938b17167e875

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:04 GMT
cf-cache-status: MISS
x-amz-request-id: 2AH3AWGHJH3FHVCF
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64398
x-amz-id-2: GIzGPElgF+hdCBXBq+HBhvnG93Wj6OsvwCAzgxG59TdVFtWNKneuCpd4tUL2/tvQXuEkJVSYbwE=
last-modified: Wed, 07 Oct 2020 19:31:41 GMT
server: cloudflare
etag: "dc96410a9619dfad2a04398c9bc9be53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=3600
cf-request-id: 08aa90f2da000017525f185000000001
accept-ranges: bytes
cf-ray: 62bdea97ce591752-FRA
expires: Sat, 06 Mar 2021 20:16:04 GMT

GET
H2 200 ProximaNova-Light.otf
www2.thegutrenewal.com/assets/fonts/Proxima-nova-light/ 61 KB
39 KB 326ms
325ms Font
font/otf 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/assets/fonts/Proxima-nova-light/ProximaNova-Light.otf

Requested by

Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/build/main.css?ver=3620216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www2.thegutrenewal.com
Referer: https://www2.thegutrenewal.com/build/main.css?ver=3620216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:04 GMT
via: 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: MISS
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08aa90f238000017522a18b000000001
last-modified: Thu, 04 Mar 2021 00:15:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f5f8-177fa968b10"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: font/otf
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 62bdea96bce21752-FRA
expires: Sat, 06 Mar 2021 20:16:04 GMT

GET
H2 200 ProximaNova-Semibold.otf
www2.thegutrenewal.com/assets/fonts/Proxima-nova-semibold/ 62 KB
39 KB 160ms
160ms Font
font/otf 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/assets/fonts/Proxima-nova-semibold/ProximaNova-Semibold.otf

Requested by

Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/build/main.css?ver=3620216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www2.thegutrenewal.com
Referer: https://www2.thegutrenewal.com/build/main.css?ver=3620216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:04 GMT
via: 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: MISS
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08aa90f2380000175206959000000001
last-modified: Thu, 04 Mar 2021 00:15:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f68c-177fa968b10"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: font/otf
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 62bdea96bce41752-FRA
expires: Sat, 06 Mar 2021 20:16:04 GMT

GET
H2 200 Montserrat-regular.woff2
www2.thegutrenewal.com/assets/fonts/Montserrat-regular/ 10 KB
10 KB 116ms
116ms Font
font/woff2 2606:4700::6812:5cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrenewal.com/assets/fonts/Montserrat-regular/Montserrat-regular.woff2

Requested by

Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/build/main.css?ver=3620216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6d5f3361200b9841322bf424d7d49b1e7d81ad6ed193b81787b9915f867755b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www2.thegutrenewal.com
Referer: https://www2.thegutrenewal.com/build/main.css?ver=3620216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 19:16:04 GMT
via: 1.1 spaces-router (c5a8891ec815)
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9768
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Mar 2021 00:15:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2628-177fa968b10"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-request-id: 08aa90f2d9000017526e2b5000000001
accept-ranges: bytes
cf-ray: 62bdea97ce581752-FRA
expires: Sat, 06 Mar 2021 20:16:04 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 38 B
450 B 376ms
68ms XHR
application/json 151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2615447712663&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1615058164495
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/build/polyfills.js?ver=3620216
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 19:16:04 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www2.thegutrenewal.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPVpqVmlOREExWVRJdE56VXdOeTAwTURBNExUazVaVEV0WlRJNFpHWTJOVGhqWWpaaQ
x-pinterest-rid: 7961547273008582
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
content-length: 64
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
97 B 375ms
68ms Image
image/gif 151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2615447712663&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww2.thegutrenewal.com%2Fos200728a_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26utm_campaign%3Dgmd-aff-totalrestore-yt-all--qqq%26utm_campaign_id%3D7010H000001cC58QAE%26utm_content%3Dbanner_ad%26utm_medium%3Dcpc%26utm_source%3Dyoutube%26sessionid%3D242950978504%26uid%3Daff_total_restore_yt_all_os_qqq_200731%26dsid%3Da0v0H00000IznLAQAZ%26step%3D1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222a04f3ee%22%7D&cb=1615058164496
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/os200728a_ap?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube&sessionid=242950978504&uid=aff_total_restore_yt_all_os_qqq_200731&dsid=a0v0H00000IznLAQAZ&step=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 19:16:04 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 12
x-pinterest-rid: 1618360661780489
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
198 B 84ms
43ms XHR
text/plain 151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/md/
Requested by: Host: www2.thegutrenewal.com
URL: https://www2.thegutrenewal.com/build/polyfills.js?ver=3620216
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www2.thegutrenewal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 19:16:04 GMT
referrer-policy: origin
x-cdn: fastly
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 0
x-pinterest-rid: 2236236236009704
expires: Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.criteo.com/	1970-01-20 01:59:14	Name: uid Value: 31d785d2-04e1-453f-b397-8a03adbbe063
.thegutrenewal.com/	1970-01-19 18:47:14	Name: _gcl_au Value: 1.1.673803393.1615058163
www2.thegutrenewal.com/	1970-01-19 16:57:38	Name: connect.sid Value: s%3AafYwhRMec7UcT_ejIvDTYF8rK0hNDadl.xLB4kvVGtKWaSZ7bjOZfBKwJw7%2BlHjdL51Zf7f%2FsERQ
www2.thegutrenewal.com/	1970-01-19 16:47:42	Name: GAID Value: b443c4a8-f2ad-6445-bb13-0fb1a4bb4625
.www2.thegutrenewal.com/	1970-01-20 01:23:14	Name: _pin_unauth Value: dWlkPVpqVmlOREExWVRJdE56VXdOeTAwTURBNExUazVaVEV0WlRJNFpHWTJOVGhqWWpaaQ
.thegutrenewal.com/	1970-01-19 17:20:50	Name: __cfduid Value: d208a4b6408f79e5953e82692822d61cd1615058161

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube(Line 57) Message: input value:gmd-aff-totalrestore-yt-all--qqq
console-api	log	URL: https://www2.thegutrenewal.com/fst/d_aff_total_restore_yt_all_os_qqq/?business_unit=a00f400000dk8tnaab&utm_campaign=gmd-aff-totalrestore-yt-all--qqq&utm_campaign_id=7010H000001cC58QAE&utm_content=banner_ad&utm_medium=cpc&utm_source=youtube(Line 127) Message: can't setup debugMode TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://www2.thegutrenewal.com/build/main.js?ver=3620216(Line 1) Message: funnel settings extender
console-api	log	URL: https://www2.thegutrenewal.com/build/main.js?ver=3620216(Line 1) Message: can't log deepLinkConfig TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.krxd.net
cdn.gundrymd.com
cdn.thegutrenewal.com
ct.pinterest.com
googleads.g.doubleclick.net
gum.criteo.com
images.thenewgutfix.com
s.pinimg.com
s3-us-west-2.amazonaws.com
sslwidget.criteo.com
static.criteo.net
thenewgutfix.com
widget.us.criteo.com
www.gdrytrk.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.upsellit.com
www2.thegutrenewal.com
142.250.185.194
151.101.36.84
178.250.2.151
208.118.62.69
2606:4700::6812:14b7
2606:4700::6812:15b7
2606:4700::6812:5cf
2606:4700::6812:7e8
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:82b::2003
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00:298::1931
34.107.202.36
52.19.141.100
52.218.229.208
74.119.119.150
002c97d777b58a22e9011aa7001152fef17e876cd33288134d497e4393878778
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2
0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20
104ff1abbbad8a44885817c01d09b1454d44dfef30c991f25712feb21ffea675
1554e6bdf14a7b035ad334ca068812fc935a38bead751a9b8a714e2155e334e1
1a16abe139283ae5d1f87e5b673720c264d79832629041b1fd4e132c84785725
1a6d2c0675a46c16261ab620e5eda102fdfb5d085391347db3306bf872a90664
27349c3075b267bc62f9243928618ca02f83fac50e75bc104e703f40ad1fcb07
3698e50179739935fd4bfe74557c0277ccd090416bfdbf00fa51e66289a7f903
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37c4c09cd196250e24ef8b9fdd17375db14be6a208c85a847026e2d83663f622
3b55e27038f70b1b7cfae4116bf09fe3faf8cb97795673d1fd338113d0c0d53f
41b3f6ea700c60e6525ffdeb2e8dbeb1485b988bcc0b01a08c10ed986a1b0189
41bf01cc170de06921d6deb3d535f7a3f62d944442ee3c0f6d97c652d2a67f9b
42044b3cb1063bd3b2fbe751adaa9ba230c5b88dcdeceea10482089218b4b861
4a2914b51918db5968e25efb198b1b94e9be28dd3356751255544954e8f29df7
4fcbe5efc69b05ce7d5e76825fb642bf3867a7435f88631b13a2d8068d8e2af6
516af8eb08087c45e56eaf895c2c47bd20c1c3b00abc3fb1b8c23bc2b28f4d86
889b55a9f68c3f0b1b423c124f4876639920d29a171098d4e42d120d401290d7
8ceb07d6505a25156411d9da535c5b7459ec59abc96c572e7eb137eb1bde83c9
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
9211387e4afde89ab97c48cd34fc2e7acd798e1ca03cbaad0e1f18836b2d7e88
93d2cf65091cab7efdd8652cde8a6ec6212b9e19e3e90d87d3479a05fc4826af
972d00b00947fe9d3fb9926b2967abd31e67e890bcbbe0273fd07a5f37b0251a
9e7ff2f279f8c497d687d1248d17e7a8c19784d945698c4bc8f9168fe9e351cb
a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7
b27221a11d1ff6c1b23bdc658ab6b5fc65d75ce8f074e0f176a29bdd03a4318e
b308230485689fad5070b2caa3edc219b515cc332bc59c58e31938b17167e875
b4b907e81bf0d66a242daa4812db7e5db0925c642d124bd6c37db37605d7dc8b
b6aad33c83fd6259b41af918831dd3c0cf24b156428a9c725e8419c4d91b5c19
b76c4e791836e777cbd8cda55e5d68d2eeada933c1c01209ed5d85a8d11fc788
c83458e65f9807a4f2f0154bdc6d832d8e03bdef378a1ccabd978138e1d88145
e02c12821c5a4a1c7c885aee37c585edf3876995d85d2d1deb155fd8d109136b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d5f3361200b9841322bf424d7d49b1e7d81ad6ed193b81787b9915f867755b
f7ab4b2379c4b86199b5ec976ce67678799c8f30a270fb52f3a53f4d7a18152e
f9ab0890457396f05c7a2c7cb1095bd920192e67ef646c85389fd0f4a92ea04e
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

www2.thegutrenewal.com Open in urlscan Pro 2606:4700::6812:5cf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

58 %IPv6

16 Domains

20 Subdomains

17 IPs

5 Countries

1280 kBTransfer

10169 kBSize

6 Cookies

0 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www2.thegutrenewal.com Open in urlscan Pro
2606:4700::6812:5cf Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

58 %
IPv6

16
Domains

20
Subdomains

17
IPs

5
Countries

1280 kB
Transfer

10169 kB
Size

6
Cookies

51 HTTP transactions
0 data transactions