urlscan.io logo urlscan.io
SecurityTrails logo

www.wellandgood.com Open in urlscan Pro
2a02:26f0:dc:180::3fae  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link.purewow.com/click/28508451.906807/aHR0cHM6Ly93d3cud2VsbGFuZGdvb2QuY29tL3NwaWNlLWphci1oYWNrLz91dG1fc291cmNlPX...
Effective URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&...
Submission: On July 28 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 11 countries across 75 domains to perform 410 HTTP transactions. The main IP is 2a02:26f0:dc:180::3fae, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is www.wellandgood.com. The Cisco Umbrella rank of the primary domain is 90969.
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on April 26th 2022. Valid for: a year.
This is the only time www.wellandgood.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.226.166.212 14618 (AMAZON-AES)
30 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
3 104.19.150.54 13335 (CLOUDFLAR...)
2 2a00:1450:401... 15169 (GOOGLE)
1 52.222.214.67 16509 (AMAZON-02)
9 108.138.4.10 16509 (AMAZON-02)
10 142.250.181.226 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2.18.79.146 20940 (AKAMAI-ASN1)
3 2.18.79.132 20940 (AKAMAI-ASN1)
9 2a00:1450:400... 15169 (GOOGLE)
10 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
1 18.66.17.8 16509 (AMAZON-02)
2 99.86.240.124 16509 (AMAZON-02)
1 92.123.21.200 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 35.241.9.51 15169 (GOOGLE)
3 185.89.210.82 29990 (ASN-APPNEX)
15 34.107.254.252 15169 (GOOGLE)
1 13.32.110.127 16509 (AMAZON-02)
2 23.35.236.247 16625 (AKAMAI-AS)
1 18.66.100.58 16509 (AMAZON-02)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
8 54.229.167.95 16509 (AMAZON-02)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:401... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
3 35.80.231.159 16509 (AMAZON-02)
1 63.34.81.234 16509 (AMAZON-02)
1 2a02:2638::3 44788 (ASN-CRITE...)
4 15.197.193.217 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
1 3.219.23.242 14618 (AMAZON-AES)
1 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.122 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 2620:116:800d... 16509 (AMAZON-02)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.139.128.11 20446 (STACKPATH...)
2 2600:9000:225... 16509 (AMAZON-02)
1 18.66.122.96 16509 (AMAZON-02)
1 2600:9000:236... 16509 (AMAZON-02)
1 3 13.32.121.37 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:402... 15169 (GOOGLE)
1 2600:9000:230... 16509 (AMAZON-02)
4 34.202.183.121 14618 (AMAZON-AES)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2600:9000:214... 16509 (AMAZON-02)
2 14 34.98.64.218 15169 (GOOGLE)
2 104.18.19.126 13335 (CLOUDFLAR...)
4 18.156.195.47 16509 (AMAZON-02)
2 2602:803:c003... 26667 (RUBICONPR...)
4 178.250.0.165 44788 (ASN-CRITE...)
2 3.67.125.142 16509 (AMAZON-02)
1 3.121.8.16 16509 (AMAZON-02)
11 2.18.79.142 20940 (AKAMAI-ASN1)
2 23.55.235.136 20940 (AKAMAI-ASN1)
3 2.18.79.145 20940 (AKAMAI-ASN1)
2 2.16.186.9 20940 (AKAMAI-ASN1)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 107.21.19.116 14618 (AMAZON-AES)
2 199.232.18.113 54113 (FASTLY)
1 18.66.139.35 16509 (AMAZON-02)
8 2600:1f13:800... 16509 (AMAZON-02)
11 2.18.79.144 20940 (AKAMAI-ASN1)
10 23.36.162.16 20940 (AKAMAI-ASN1)
3 3 103.229.205.242 30419 (MEDIAMATH...)
4 4 37.157.2.238 198622 (ADFORM)
2 4 142.250.185.194 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
6 142.250.185.66 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
19 184.24.77.36 20940 (AKAMAI-ASN1)
2 2.16.187.88 20940 (AKAMAI-ASN1)
2 6 52.20.237.222 14618 (AMAZON-AES)
1 23.36.162.29 20940 (AKAMAI-ASN1)
2 104.18.18.126 13335 (CLOUDFLAR...)
4 4 35.158.225.181 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
2 2 34.251.67.138 16509 (AMAZON-02)
1 2 104.111.215.191 16625 (AKAMAI-AS)
1 2a04:4e42:200... 54113 (FASTLY)
1 1 64.202.112.95 22075 (AS-OUTBRAIN)
1 2600:1f18:444... 14618 (AMAZON-AES)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 4 2600:9000:249... 16509 (AMAZON-02)
5 2a03:2880:f02... 32934 (FACEBOOK)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
1 2600:9000:230... 16509 (AMAZON-02)
1 178.250.2.146 44788 (ASN-CRITE...)
2 138.199.37.212 60068 (CDN77 ^_^)
3 185.180.15.75 60068 (CDN77 ^_^)
1 34.193.4.201 14618 (AMAZON-AES)
2 2600:9000:225... 16509 (AMAZON-02)
1 18.66.139.16 16509 (AMAZON-02)
2 23.47.212.208 16625 (AKAMAI-AS)
9 2a03:2880:f12... 32934 (FACEBOOK)
2 54.68.197.107 16509 (AMAZON-02)
1 54.244.135.76 16509 (AMAZON-02)
1 34.217.170.183 16509 (AMAZON-02)
1 52.25.254.43 ()
2 3.67.4.230 ()
410 112
1    3.226.166.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-166-212.compute-1.amazonaws.com
link.purewow.com
30    2a02:26f0:dc:180::3fae (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
www.wellandgood.com
reve.leafmedia.io
3    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
2    2a00:1450:4014:80a::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.222.214.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-67.fra56.r.cloudfront.net
cdn.adsafeprotected.com
9    108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
c.amazon-adsystem.com
10    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
3    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2.18.79.146 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-146.deploy.static.akamaitechnologies.com
www.tiktok.com
3    2.18.79.132 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-132.deploy.static.akamaitechnologies.com
lf16-tiktok-web.ttwstatic.com
9    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
10    2a02:26f0:11a::6867:4841 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    18.66.17.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-17-8.vie50.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
2    99.86.240.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-124.vie50.r.cloudfront.net
cdn.p-n.io
1    92.123.21.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-21-200.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
5814efa5-d41d-4a89-b176-1cc26fae87cd.prmutv.co
3    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
15    34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    13.32.110.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-127.vie50.r.cloudfront.net
ats.rlcdn.com
2    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
1    2a02:26f0:11a::6867:4868 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
8    54.229.167.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
6    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a00:1450:4014:80f::200a (Ireland)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
7    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4014:80a::2016 (Ireland)

ASN15169 (GOOGLE, US)
i.ytimg.com
3    35.80.231.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-80-231-159.us-west-2.compute.amazonaws.com
eum-red-saas.instana.io
1    63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
p1.parsely.com
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    3.219.23.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-23-242.compute-1.amazonaws.com
id.sv.rkdms.com
1    2a00:1450:4014:80b::200e (Ireland)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
1    13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net
geo.privacymanager.io
4    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
8    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
s.skimresources.com
2    2600:9000:225e:cc00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
1    18.66.122.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-96.fra60.r.cloudfront.net
static.narrativ.com
1    2600:9000:236e:400:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-magiclinks.trackonomics.net
3    13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4025:402::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2600:9000:2304:2800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
4    34.202.183.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-183-121.compute-1.amazonaws.com
events.release.narrativ.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
1    2606:4700:4400::6812:2962 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    2600:9000:214f:a800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
14    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
demandmedia-d.openx.net
eu-u.openx.net
us-u.openx.net
2    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
4    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    3.67.125.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-125-142.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    3.121.8.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-8-16.eu-central-1.compute.amazonaws.com
krk.kargo.com
11    2.18.79.142 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-142.deploy.static.akamaitechnologies.com
lf16-tiktok-common.ibytedtos.com
2    23.55.235.136 (Newark, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-235-136.deploy.static.akamaitechnologies.com
p16-sign.tiktokcdn-us.com
3    2.18.79.145 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-145.deploy.static.akamaitechnologies.com
sf16-scmcdn-va.ibytedtos.com
2    2.16.186.9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-9.deploy.static.akamaitechnologies.com
sf16-short-va.bytedapm.com
1    2600:1f18:730:b110:a669:35d2:30d9:24a9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    107.21.19.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-19-116.compute-1.amazonaws.com
rp4.liadm.com
2    199.232.18.113 (Vienna, Austria)

ASN54113 (FASTLY, US)
v19-web-newkey.tiktokcdn.com
1    18.66.139.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-35.fra60.r.cloudfront.net
m.skimresources.com
8    2600:1f13:800:7780:6252:7b4f:105f:a05f (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
11    2.18.79.144 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-144.deploy.static.akamaitechnologies.com
mon-va.byteoversea.com
10    23.36.162.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-16.deploy.static.akamaitechnologies.com
mcs-va.tiktok.com
3    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
21    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
15    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
19    184.24.77.36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-36.deploy.static.akamaitechnologies.com
p16-sign-va.tiktokcdn.com
p16-sign-sg.tiktokcdn.com
2    2.16.187.88 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-187-88.deploy.static.akamaitechnologies.com
vmweb-va.byteoversea.com
6    52.20.237.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-237-222.compute-1.amazonaws.com
i.liadm.com
1    23.36.162.29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-29.deploy.static.akamaitechnologies.com
sli.wellandgood.com
2    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
4    35.158.225.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-225-181.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    34.251.67.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-67-138.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    64.202.112.95 (Leesburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    2600:1f18:444a:4602:377c:45e6:1b19:7050 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    2600:9000:2490:9600:e:ec66:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.keywee.co
5    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:20::681a:79b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
2    2a02:26f0:dc:182::1931 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
1    2600:9000:2304:f800:a:b27c:d040:93a1 (United States)

ASN16509 (AMAZON-02, US)
ext.chtbl.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    138.199.37.212 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-212.datapacket.com
p77-sign-va.tiktokcdn.com
3    185.180.15.75 (Prague, Czech Republic)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-180-15-75.datapacket.com
p77-sign-va-lite.tiktokcdn.com
1    34.193.4.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-4-201.compute-1.amazonaws.com
pixel.keywee.co
2    2600:9000:2250:4400:0:cc59:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)
web.chtbl.com
1    18.66.139.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-16.fra60.r.cloudfront.net
trx-hub.com
2    23.47.212.208 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-212-208.deploy.static.akamaitechnologies.com
ct.pinterest.com
9    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    54.68.197.107 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-197-107.us-west-2.compute.amazonaws.com
a.ad.gt
1    54.244.135.76 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-135-76.us-west-2.compute.amazonaws.com
id.halo.ad.gt
1    34.217.170.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-170-183.us-west-2.compute.amazonaws.com
p.ad.gt
1    52.25.254.43 (None, )

ASN- ()
pixels.ad.gt
2    3.67.4.230 (None, )

ASN- ()
k.p-n.io
Apex Domain
Subdomains		 Transfer
40 googlesyndication.com
eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
224 KB
30 wellandgood.com
www.wellandgood.com — Cisco Umbrella Rank: 90969
sli.wellandgood.com — Cisco Umbrella Rank: 237934
460 KB
28 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
static.doubleclick.net — Cisco Umbrella Rank: 467
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 296
241 KB
26 tiktokcdn.com
v19-web-newkey.tiktokcdn.com — Cisco Umbrella Rank: 32181
p16-sign-va.tiktokcdn.com — Cisco Umbrella Rank: 1060
p77-sign-va.tiktokcdn.com — Cisco Umbrella Rank: 4465
p16-sign-sg.tiktokcdn.com — Cisco Umbrella Rank: 1381
p77-sign-va-lite.tiktokcdn.com — Cisco Umbrella Rank: 8011
3 MB
19 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3233
pixel.adsafeprotected.com — Cisco Umbrella Rank: 570
static.adsafeprotected.com — Cisco Umbrella Rank: 559
dt.adsafeprotected.com — Cisco Umbrella Rank: 499
106 KB
18 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2140
api.permutive.com — Cisco Umbrella Rank: 1677
162 KB
14 ibytedtos.com
lf16-tiktok-common.ibytedtos.com — Cisco Umbrella Rank: 6698
sf16-scmcdn-va.ibytedtos.com — Cisco Umbrella Rank: 13374
652 KB
14 openx.net
demandmedia-d.openx.net — Cisco Umbrella Rank: 130326
eu-u.openx.net — Cisco Umbrella Rank: 2116
us-u.openx.net — Cisco Umbrella Rank: 391
4 KB
13 byteoversea.com
mon-va.byteoversea.com — Cisco Umbrella Rank: 7716
vmweb-va.byteoversea.com — Cisco Umbrella Rank: 46115
7 KB
13 tiktok.com
www.tiktok.com — Cisco Umbrella Rank: 1954
mcs-va.tiktok.com — Cisco Umbrella Rank: 20624
30 KB
11 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3480
rp.liadm.com — Cisco Umbrella Rank: 2023
rp4.liadm.com — Cisco Umbrella Rank: 9192
i.liadm.com — Cisco Umbrella Rank: 550
i6.liadm.com — Cisco Umbrella Rank: 1523
19 KB
11 typekit.net
use.typekit.net — Cisco Umbrella Rank: 572
p.typekit.net — Cisco Umbrella Rank: 688
337 KB
10 google.com
ampcid.google.com — Cisco Umbrella Rank: 1665
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 96
16 KB
9 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
712 B
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
region1.google-analytics.com — Cisco Umbrella Rank: 2841
22 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 113
781 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 323
45 KB
8 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 427
172 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 722
gum.criteo.com — Cisco Umbrella Rank: 397
mug.criteo.com — Cisco Umbrella Rank: 2751
9 KB
7 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 2539
t.skimresources.com — Cisco Umbrella Rank: 2465
p.skimresources.com — Cisco Umbrella Rank: 3397
r.skimresources.com — Cisco Umbrella Rank: 2348
m.skimresources.com — Cisco Umbrella Rank: 22139
19 KB
5 ad.gt
a.ad.gt — Cisco Umbrella Rank: 4536
id.halo.ad.gt — Cisco Umbrella Rank: 4791
p.ad.gt — Cisco Umbrella Rank: 5129
pixels.ad.gt
23 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
364 KB
5 keywee.co
cdn.keywee.co — Cisco Umbrella Rank: 8436
pixel.keywee.co — Cisco Umbrella Rank: 7355
35 KB
5 narrativ.com
static.narrativ.com — Cisco Umbrella Rank: 7705
events.release.narrativ.com — Cisco Umbrella Rank: 7698
45 KB
5 google.de
ampcid.google.de — Cisco Umbrella Rank: 47106
adservice.google.de — Cisco Umbrella Rank: 8252
www.google.de — Cisco Umbrella Rank: 5701
2 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 606
2 KB
4 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1033
571 B
4 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 553
as-sec.casalemedia.com — Cisco Umbrella Rank: 1305
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 991
pixel.quantserve.com — Cisco Umbrella Rank: 452
31 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
171 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 362
1 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 349
30 KB
4 p-n.io
cdn.p-n.io — Cisco Umbrella Rank: 4263
k.p-n.io
58 KB
4 instana.io
eum.instana.io — Cisco Umbrella Rank: 5977
eum-red-saas.instana.io — Cisco Umbrella Rank: 13842
10 KB
3 chtbl.com
ext.chtbl.com — Cisco Umbrella Rank: 12259
web.chtbl.com — Cisco Umbrella Rank: 12001
5 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
167 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 474
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 141
786 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 234
16 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
33 KB
3 ttwstatic.com
lf16-tiktok-web.ttwstatic.com — Cisco Umbrella Rank: 5337
23 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 893
2 KB
2 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 773
1 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 745
20 KB
2 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1093
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 186
2 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5346
754 B
2 bytedapm.com
sf16-short-va.bytedapm.com — Cisco Umbrella Rank: 8652
23 KB
2 tiktokcdn-us.com
p16-sign.tiktokcdn-us.com — Cisco Umbrella Rank: 1337
334 KB
2 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1326
233 B
2 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 516
2 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2595
p1.parsely.com — Cisco Umbrella Rank: 1946
24 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 585
60 KB
2 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1370
api.rlcdn.com — Cisco Umbrella Rank: 822
38 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
147 KB
1 trx-hub.com
trx-hub.com — Cisco Umbrella Rank: 6030
463 B
1 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3162
3 KB
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 534
291 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 629
367 B
1 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 2356
654 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 742
432 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 942
25 KB
1 trackonomics.net
cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 5763
28 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1420
595 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 3926
170 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 615
39 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 144
34 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 259
2 KB
1 prmutv.co
5814efa5-d41d-4a89-b176-1cc26fae87cd.prmutv.co — Cisco Umbrella Rank: 39449
394 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1682
17 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 leafmedia.io
reve.leafmedia.io — Cisco Umbrella Rank: 49383
23 KB
1 purewow.com
link.purewow.com — Cisco Umbrella Rank: 190150
655 B
0 33across.com Failed
ssc.33across.com Failed
410 75
Domain Requested by
29 www.wellandgood.com www.wellandgood.com
eum.instana.io
21 pagead2.googlesyndication.com www.wellandgood.com
eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
eum.instana.io
15 p16-sign-va.tiktokcdn.com www.wellandgood.com
15 tpc.googlesyndication.com www.wellandgood.com
eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
15 api.permutive.com eum.instana.io
11 mon-va.byteoversea.com sf16-short-va.bytedapm.com
11 lf16-tiktok-common.ibytedtos.com www.tiktok.com
www.wellandgood.com
10 mcs-va.tiktok.com sf16-short-va.bytedapm.com
lf16-tiktok-common.ibytedtos.com
10 use.typekit.net www.wellandgood.com
10 securepubads.g.doubleclick.net www.wellandgood.com
securepubads.g.doubleclick.net
eum.instana.io
www.googletagservices.com
9 www.facebook.com
9 www.youtube.com www.wellandgood.com
www.youtube.com
9 c.amazon-adsystem.com www.wellandgood.com
c.amazon-adsystem.com
eum.instana.io
8 dt.adsafeprotected.com www.wellandgood.com
8 cdn.cookielaw.org www.googletagmanager.com
eum.instana.io
cdn.cookielaw.org
8 pixel.adsafeprotected.com www.wellandgood.com
eum.instana.io
7 www.google.com www.youtube.com
www.wellandgood.com
eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 www.google-analytics.com www.googletagmanager.com
eum.instana.io
www.wellandgood.com
www.google-analytics.com
6 i.liadm.com 2 redirects b-code.liadm.com
i.liadm.com
6 googleads4.g.doubleclick.net www.wellandgood.com
6 eu-u.openx.net js-sec.indexww.com
eu-u.openx.net
5 connect.facebook.net www.wellandgood.com
connect.facebook.net
5 googleads.g.doubleclick.net 1 redirects www.youtube.com
eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
4 p16-sign-sg.tiktokcdn.com
4 cdn.keywee.co 1 redirects cdn.keywee.co
4 x.bidswitch.net 4 redirects
4 cm.g.doubleclick.net 2 redirects eu-u.openx.net
4 c1.adform.net 4 redirects
4 us-u.openx.net eu-u.openx.net
4 bidder.criteo.com eum.instana.io
static.criteo.net
4 c2shb.ssp.yahoo.com eum.instana.io
4 demandmedia-d.openx.net 2 redirects www.wellandgood.com
4 events.release.narrativ.com static.narrativ.com
www.wellandgood.com
eum.instana.io
4 www.googletagservices.com securepubads.g.doubleclick.net
eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
4 eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 match.adsrvr.org eum.instana.io
eu-u.openx.net
i.liadm.com
4 jnn-pa.googleapis.com www.youtube.com
3 p77-sign-va-lite.tiktokcdn.com
3 s0.2mdn.net eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
www.wellandgood.com
3 sync.mathtag.com 3 redirects
3 sf16-scmcdn-va.ibytedtos.com www.tiktok.com
sf16-scmcdn-va.ibytedtos.com
3 pixel.quantserve.com 2 redirects www.wellandgood.com
3 sb.scorecardresearch.com 1 redirects www.wellandgood.com
3 eum-red-saas.instana.io eum.instana.io
3 ib.adnxs.com eum.instana.io
3 lf16-tiktok-web.ttwstatic.com www.wellandgood.com
www.tiktok.com
3 www.tiktok.com 1 redirects lf16-tiktok-web.ttwstatic.com
sf16-short-va.bytedapm.com
3 unpkg.com 2 redirects www.wellandgood.com
3 cdn.permutive.com www.wellandgood.com
eum.instana.io
2 k.p-n.io eum.instana.io
2 a.ad.gt www.wellandgood.com
eum.instana.io
2 ct.pinterest.com eum.instana.io
2 web.chtbl.com eum.instana.io
2 p77-sign-va.tiktokcdn.com
2 s.pinimg.com www.wellandgood.com
s.pinimg.com
2 gum.criteo.com 1 redirects static.criteo.net
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 dpm.demdex.net 2 redirects
2 pool.admedo.com 2 redirects
2 as-sec.casalemedia.com eum.instana.io
2 vmweb-va.byteoversea.com sf16-short-va.bytedapm.com
2 v19-web-newkey.tiktokcdn.com www.tiktok.com
2 sf16-short-va.bytedapm.com www.tiktok.com
sf16-short-va.bytedapm.com
2 p16-sign.tiktokcdn-us.com www.tiktok.com
2 btlr.sharethrough.com eum.instana.io
2 fastlane.rubiconproject.com eum.instana.io
2 htlb.casalemedia.com eum.instana.io
2 static.adsafeprotected.com pixel.adsafeprotected.com
www.wellandgood.com
2 www.google.de www.wellandgood.com
2 p.skimresources.com www.wellandgood.com
2 t.skimresources.com www.wellandgood.com
eum.instana.io
2 stats.g.doubleclick.net eum.instana.io
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 b-code.liadm.com www.googletagmanager.com
b-code.liadm.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 region1.google-analytics.com www.googletagmanager.com
2 js-sec.indexww.com reve.leafmedia.io
2 cdn.p-n.io www.wellandgood.com
cdn.p-n.io
2 www.googletagmanager.com www.wellandgood.com
www.googletagmanager.com
1 pixels.ad.gt p.ad.gt
1 p.ad.gt a.ad.gt
1 id.halo.ad.gt a.ad.gt
1 trx-hub.com
1 pixel.keywee.co
1 mug.criteo.com
1 ext.chtbl.com www.wellandgood.com
1 cdn.brandmetrics.com www.googletagmanager.com
1 i6.liadm.com i.liadm.com
1 b1sync.zemanta.com 1 redirects
1 trc.taboola.com i.liadm.com
1 sli.wellandgood.com www.wellandgood.com
1 m.skimresources.com s.skimresources.com
1 rp4.liadm.com www.wellandgood.com
1 rp.liadm.com 1 redirects
1 krk.kargo.com eum.instana.io
1 geolocation.onetrust.com eum.instana.io
1 r.skimresources.com eum.instana.io
1 rules.quantcount.com secure.quantserve.com
1 cdn-magiclinks.trackonomics.net www.wellandgood.com
1 static.narrativ.com www.wellandgood.com
1 s.skimresources.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 geo.privacymanager.io eum.instana.io
1 ampcid.google.de eum.instana.io
1 id.sv.rkdms.com eum.instana.io
1 api.rlcdn.com eum.instana.io
1 static.criteo.net js-sec.indexww.com
1 p1.parsely.com www.wellandgood.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 ampcid.google.com eum.instana.io
1 static.doubleclick.net www.youtube.com
1 p.typekit.net www.wellandgood.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 ats.rlcdn.com reve.leafmedia.io
1 5814efa5-d41d-4a89-b176-1cc26fae87cd.prmutv.co eum.instana.io
1 fonts.gstatic.com www.youtube.com
1 secure.cdn.fastclick.net www.wellandgood.com
1 d1z2jf7jlzjs58.cloudfront.net www.wellandgood.com
1 eum.instana.io www.wellandgood.com
1 reve.leafmedia.io www.wellandgood.com
1 cdn.adsafeprotected.com www.wellandgood.com
1 link.purewow.com 1 redirects
0 ssc.33across.com Failed eum.instana.io
410 125
Subject Issuer Validity Valid
www.leafgroup.media
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-26 -
2023-04-27		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-09 -
2022-12-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
pushlycdn.com
Amazon		 2022-02-14 -
2023-03-15		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.prmutv.co
R3		 2022-07-04 -
2022-10-02		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
api.permutive.com
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.parsely.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.ttwstatic.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-11-08 -
2022-12-09		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
*.liadm.com
Amazon		 2022-01-31 -
2023-03-01		 a year crt.sh
static.narrativ.com
Amazon		 2022-04-15 -
2023-05-13		 a year crt.sh
*.trackonomics.net
Go Daddy Secure Certificate Authority - G2		 2021-12-22 -
2023-01-23		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.release.narrativ.com
Amazon		 2022-07-21 -
2023-08-18		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-22 -
2023-06-21		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.dev.kargo.com
Amazon		 2022-03-01 -
2023-03-29		 a year crt.sh
*.ibytedtos.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-08 -
2023-04-08		 a year crt.sh
*.tiktokcdn-us.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-08-19 -
2022-09-19		 a year crt.sh
*.bytedapm.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-06 -
2023-01-06		 a year crt.sh
*.tiktokcdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-16 -
2023-05-31		 a year crt.sh
m.skimresources.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-19 -
2022-08-11		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
*.byteoversea.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
sli.wellandgood.com
R3		 2022-06-21 -
2022-09-19		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-07 -
2022-08-05		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
ext.chtbl.com
Amazon		 2021-12-25 -
2023-01-22		 a year crt.sh
1450622545.rsc.cdn77.org
R3		 2022-05-27 -
2022-08-25		 3 months crt.sh
1006686430.rsc.cdn77.org
R3		 2022-05-25 -
2022-08-23		 3 months crt.sh
*.anyword.com
Amazon		 2022-07-05 -
2023-08-03		 a year crt.sh
pixel.keywee.co
Sectigo ECC Domain Validation Secure Server CA		 2022-02-01 -
2023-03-03		 a year crt.sh
web.chtbl.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.trx-hub.com
Amazon		 2022-02-20 -
2023-03-21		 a year crt.sh
*.ad.gt
Amazon		 2022-05-10 -
2023-06-08		 a year crt.sh
halo.ad.gt
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.p-n.io
Amazon		 2022-01-10 -
2023-02-06		 a year crt.sh

This page contains 29 frames:

Primary Page: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Frame ID: 038463C8F8B6DB14DE1662C6C9E61C7A
Requests: 227 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Wc1KC8Ref0M
Frame ID: 35C8505EE7607E2A774054B458765A32
Requests: 20 HTTP requests in this frame

Frame: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4C490ED76BC6C4722968500F4EBAEC8D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv18gDifapEym8hoePUElq4u-534JNYD8n1eJq1TQE2xlRtCIKf_qDRXLEWnVHAUFJayioTkI--V4wfJwd9wSmHHAWbfTC_lUSLFIw8nH8e7pz8lH1K4pw2BHAiSz24u7JAEFQ3AnoU-6HgSWnF9NQJFHyUXAPYWvmZh7KQEviRngXmgcN6gj5R6SpqvqThUwseFmAroOw6o2kvWloEmnzn1iHI10la8IekARK38h65WXkWGYWrftI8FcgwFg41yBn5pBTQ_v9O7h1d-Cf4ZtNrtPrGEVnODOb7CpyMDbMaNhYk6_ozLygGfDledxvMz5jQRbMz5dP8QvZx0s4X-I3zN1u8kglxO5uclA&sai=AMfl-YRxy0A2h4E1uWiAXRPjS4F4AyvADeANt_URfoXbnrXWlGLmstDHIb6CPb5G3RsPGzn59bFzkHF4FJfpTl7nsO5MLSXhou0tlrydn9t3PiN_lwh3NfxWdaiGZOxuKMQz&sig=Cg0ArKJSzJuIe5dUYyggEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B030041A355D7C1C61CD963736A2E172
Requests: 5 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7085876658711907626?lang=en-US&referrer=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational
Frame ID: 3CB9A65EC9567A4426D3EB3278D42699
Requests: 59 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928482&campId=1x3&pubId=4591704940&chanId=22073381215&placementId=5480519500&pubCreative=138386656614&pubOrder=2346107983&cb=1321063359&custom=article&custom2=good_food,healthy_cooking&adsafe_par&impId=12b3b06f-0ec7-11ed-a9e8-064a9e4ec701&custom3=purewow
Frame ID: 13B1E8B5E5EEF7A972EB08B113F4B9B3
Requests: 2 HTTP requests in this frame

Frame: https://events.release.narrativ.com/api/v0/session.html
Frame ID: 9DDD79556EFDB1BBF2422467E89EC88D
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.08703665059000465
Frame ID: B6B555C5E4B75DBA3177EE4FCAD2AD4E
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 12893011735A0D7957B379E3B33C5057
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: FBFAB38D401E2B188CB454B6109250C0
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: C651B0A99B58BC603E730C4C2720B4CD
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 31F3B2DA586BB3C3B9C298C7EE8067DB
Requests: 7 HTTP requests in this frame

Frame: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5D3B408DD3A05D2501FDF130511BDF75
Requests: 13 HTTP requests in this frame

Frame: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A8B3534A2399FBCAEA780C8A3B1A1FFD
Requests: 14 HTTP requests in this frame

Frame: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FFD1B7AFD942242C7D4822A119C55D6F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKm1AIQlZHVAhjkyK7OATAB&v=APEucNXf4dCMmLrIumf76_-NF3VbfNIo1su8KxP9XnnsZaxq6HfgI6d33Vtmh-zr0GuazNpSG9_omrpj586qlCylaXO_VGlksA
Frame ID: 8E06F56E29220DE938CFF9BDEB954D76
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhiSkfPFATAB&v=APEucNW3fezdMDQYJrZSf7bFCuCg9zmyLoW0OTTz8ZBRf-7ulaUywySJCT3ATEd2VN-qnQqLklojXgJ74QfeLGuVL57VYlW4fw
Frame ID: 18C47BD2F353D238E415DAA94987E6B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhiSkfPFATAB&v=APEucNUttb6QLzGGnGHF0kiTT9wa0tVLCPmqLoBqtVMr2cBiuV8h9S-zkt5oA4fWWDowgXJk5Ftv-EOvZjumGJd7um0DWDZrMg
Frame ID: FC2D7E1A97738948620B6C134D132CD1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1EF76EC0B502C9F66CA57F0E26D2595B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EA9E95ACDACD343B44DB7A2990C85880
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 24F4F2A8048D13BEBBE4FEB6600DB189
Requests: 3 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01mt?s=&cim=&ps=true&ls=true&duid=5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: B71E4518B9C7A8B4C4BC69AD550153A1
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.wellandgood.com
Frame ID: A20880C4E35628FA25F2BBCD807D43EC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B82C1CE40C5C05B97C912DE46F351DE3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 62B1298E305AC5423B0FD9F0D19FBACF
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F1B972324F5089E6C16D6A2EE554FBBC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5007906585E9AF51A96895D80320FBC3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 71898BC2269BD8E2645DCB3E87566102
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3B02B6663A80BD031C900DA0748E8ADE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

A Genius Spice Jar Hack to Unclog It *Without* Shaking | Well+GoodBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://link.purewow.com/click/28508451.906807/aHR0cHM6Ly93d3cud2VsbGFuZGdvb2QuY29tL3NwaWNlLWphci1oYW... HTTP 302
    https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=socia... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

410
Requests

93 %
HTTPS

41 %
IPv6

75
Domains

125
Subdomains

112
IPs

11
Countries

8553 kB
Transfer

18218 kB
Size

72
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.purewow.com/click/28508451.906807/aHR0cHM6Ly93d3cud2VsbGFuZGdvb2QuY29tL3NwaWNlLWphci1oYWNrLz91dG1fc291cmNlPXB1cmV3b3cmdXRtX21lZGl1bT1zeW5kaWNhdGlvbiZ1dG1fY2FtcGFpZ249c29jaWFs/62c1d03b7fa0db082b086d65B24d5306d/email HTTP 302
    https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://unpkg.com/web-vitals?module HTTP 302
  • https://unpkg.com/web-vitals@2.1.4?module HTTP 302
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.js?module
Request Chain 11
  • https://www.tiktok.com/embed.js HTTP 302
  • https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web-us/tiktok/falcon/embed/embed_v1.0.6.js
Request Chain 60
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 160
  • https://demandmedia-d.openx.net/w/1.0/arj?auid=539505649&aus=300x250%2C300x600&ju=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._B9lP9QIk&cache=1659048370181&gdpr_consent=&gdpr=0&us_privacy= HTTP 302
  • https://demandmedia-d.openx.net/w/1.0/arj?cc=1&auid=539505649&aus=300x250%2C300x600&ju=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._B9lP9QIk&cache=1659048370181&gdpr_consent=&gdpr=0&us_privacy=
Request Chain 176
  • https://demandmedia-d.openx.net/w/1.0/arj?auid=539505649&aus=728x90%2C970x250&ju=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._3xo5tFgv&cache=1659048370201&gdpr_consent=&gdpr=0&us_privacy= HTTP 302
  • https://demandmedia-d.openx.net/w/1.0/arj?cc=1&auid=539505649&aus=728x90%2C970x250&ju=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._3xo5tFgv&cache=1659048370201&gdpr_consent=&gdpr=0&us_privacy=
Request Chain 189
  • https://rp.liadm.com/j?dtstmp=1659048370252&aid=a-01mt&se=e30&duid=5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b&tna=v2.4.0&pu=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&ext__pubcid=2b7bd0a2-9454-432d-91a1-9deea9527fc1&wpn=lc-bundle&c=PHRpdGxlPkEgR2VuaXVzIFNwaWNlIEphciBIYWNrIHRvIFVuY2xvZyBJdCAqV2l0aG91dCogU2hha2luZyB8IFdlbGwrR29vZDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlRoaXMgZ2VuaXVzIFRpa1RvayB0cmljayBzaG93cyBob3cgdG8gdW5jbG9nIHlvdXIgc3BpY2UgamFyIGluIHNlY29uZHMgd2l0aG91dCB2aWdvcm91c2x5IHNoYWtpbmcgaXQgd2hhdHNvZXZlci4iPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy53ZWxsYW5kZ29vZC5jb20vc3BpY2UtamFyLWhhY2svIj48aDEgY2xhc3M9InRleHQtaDEtLWFydGljbGUgbXQtMCBtYi1bMjVweF0iPgogICAgICAgIFRoaXMgSXMgdGhlIExhc3QgVGhpbmcgWW91IFNob3VsZCBEbyBXaXRoIGEgQ2xvZ2dlZCBKYXIgb2YgU3BpY2VzICAgICAgPC9oMT4 HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1659048370252&aid=a-01mt&se=e30&duid=5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b&tna=v2.4.0&pu=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&ext__pubcid=2b7bd0a2-9454-432d-91a1-9deea9527fc1&wpn=lc-bundle&c=PHRpdGxlPkEgR2VuaXVzIFNwaWNlIEphciBIYWNrIHRvIFVuY2xvZyBJdCAqV2l0aG91dCogU2hha2luZyB8IFdlbGwrR29vZDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlRoaXMgZ2VuaXVzIFRpa1RvayB0cmljayBzaG93cyBob3cgdG8gdW5jbG9nIHlvdXIgc3BpY2UgamFyIGluIHNlY29uZHMgd2l0aG91dCB2aWdvcm91c2x5IHNoYWtpbmcgaXQgd2hhdHNvZXZlci4iPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy53ZWxsYW5kZ29vZC5jb20vc3BpY2UtamFyLWhhY2svIj48aDEgY2xhc3M9InRleHQtaDEtLWFydGljbGUgbXQtMCBtYi1bMjVweF0iPgogICAgICAgIFRoaXMgSXMgdGhlIExhc3QgVGhpbmcgWW91IFNob3VsZCBEbyBXaXRoIGEgQ2xvZ2dlZCBKYXIgb2YgU3BpY2VzICAgICAgPC9oMT4&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojk%3D&n3pc=true
Request Chain 219
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fe6e62e3-11b3-4f00-bc3f-e869d72b62ca
Request Chain 220
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=uQMPxb4ACMSiBF3BvQVHwb8HC8OiBl2Q7lIh97AA
Request Chain 221
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3678105027151190802
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEQ7R8oU-Rl-HQYSpLT4KZE&google_cver=1
Request Chain 225
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2f8662e3-11b3-4b00-b6b2-eb54679f5733
Request Chain 226
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=uQMPxb4ACMSiBF3BvQVHwb8HC8OiBl2Q7lIh97AA
Request Chain 227
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8026249967148130779
Request Chain 230
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEQ7R8oU-Rl-HQYSpLT4KZE&google_cver=1
Request Chain 319
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01mt%2F0%2F7d65aeeb50c54467b78354583ce96796%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&26f167b1-9318-41f1-ba9f-f61af5215323 HTTP 302
  • https://i.liadm.com/s/e/a-01mt/0/7d65aeeb50c54467b78354583ce96796?mpid=7156&muid=2f8662e3-11b3-4b00-b6b2-eb54679f5733
Request Chain 321
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=26f167b1-9318-41f1-ba9f-f61af5215323&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=26f167b1-9318-41f1-ba9f-f61af5215323&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=8ab99147-39e2-4f58-8d7d-6690a98675fe HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=26f167b1-9318-41f1-ba9f-f61af5215323 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=8ab99147-39e2-4f58-8d7d-6690a98675fe HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=8ab99147-39e2-4f58-8d7d-6690a98675fe HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f5377ddf-fb75-47d2-b778-5741ca78e744&user_group=1&ssp=liveintent&bsw_param=8ab99147-39e2-4f58-8d7d-6690a98675fe HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=8ab99147-39e2-4f58-8d7d-6690a98675fe
Request Chain 322
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=26f167b1-9318-41f1-ba9f-f61af5215323&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01mt%2F0%2F7d65aeeb50c54467b78354583ce96796%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=26f167b1-9318-41f1-ba9f-f61af5215323&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01mt%2F0%2F7d65aeeb50c54467b78354583ce96796%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://i.liadm.com/s/e/a-01mt/0/7d65aeeb50c54467b78354583ce96796?mpid=82775&muid=76309656343925400890216846639799129148
Request Chain 323
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=26f167b1-9318-41f1-ba9f-f61af5215323 HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=26f167b1-9318-41f1-ba9f-f61af5215323&rd=Y
Request Chain 325
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Request Chain 331
  • https://cdn.keywee.co/dist/analytics.min.js HTTP 301
  • https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Request Chain 335
  • https://sb.scorecardresearch.com/c2/19765212/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 338
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=wellandgood.com&sn=ChromeSyncframe&so=0&topUrl=www.wellandgood.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=wDimYXxEWEpFT0tvQnMxZ1B2L0xwTjMwUUYrdHFMRHVnN0VVZXhRaWtCMzVwWTZVOUR1THFZUW05cXJweHV6MUhPRDFoYmtjNHdzVytvcytRQTE5aEpOWkozTFJoL0dWd3FqbCtVWU1WSGRLa1ZaenBPZ0FDRU1VVkhGZGJ3Uk5jRndRVHZ1djNTb3BoZ2FwbkhYVUlUSmszamRFc3AxdWZ4RVJjbXpzN29zRW4yTUJySTlnNHNTdThiZ1dMRnRJM2w0RXl1c1FzckhOR3JrOGx0bG1aVWhGL2RxSElrem1SU3lFa2RSU1pwMmpVQlphYTQzQzZqMHZsRUwwdW1kSFJzZUdFMXJWRnozQVNrYlhXdVRvclM5YzhjZz09fA&cppv=2

410 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.wellandgood.com/spice-jar-hack/
Redirect Chain
  • https://link.purewow.com/click/28508451.906807/aHR0cHM6Ly93d3cud2VsbGFuZGdvb2QuY29tL3NwaWNlLWphci1oYWNrLz91dG1fc291cmNlPXB1cmV3b3cmdXRtX21lZGl1bT1zeW5kaWNhdGlvbiZ1dG1fY2FtcGFpZ249c29jaWFs/62c1d03b7...
  • https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
196 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0f8f075a48ff5e46445150ecab5373f07e9e89dd895a329c2b66d375889c0206

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
42673
content-type
text/html; charset=UTF-8
date
Thu, 28 Jul 2022 22:46:08 GMT
link
<https://www.wellandgood.com/wp-json/>; rel="https://api.w.org/" <https://www.wellandgood.com/wp-json/wp/v2/posts/891407>; rel="alternate"; type="application/json" <https://www.wellandgood.com/?p=891407>; rel=shortlink
server-timing
intid;desc=f367a67e096f87f5
vary
Accept-Encoding

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 28 Jul 2022 22:46:08 GMT
location
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
server
Sailthru
x-robots-tag
noindex
Stocksy_txp002031316kT300_Small_4607767_1170x781_true_75.jpg
www.wellandgood.com/wp-content/uploads/2022/07/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wellandgood.com/wp-content/uploads/2022/07/Stocksy_txp002031316kT300_Small_4607767_1170x781_true_75.jpg
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
50739cad32600ba819692681d66dc63e0e32735aa64f77a4c55b87ece5695904

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
last-modified
Fri, 22 Jul 2022 19:03:19 GMT
accept-ranges
bytes
etag
"62daf477-10071"
content-length
65649
content-type
image/jpeg
5814efa5-d41d-4a89-b176-1cc26fae87cd-web.js
cdn.permutive.com/ 		470 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/5814efa5-d41d-4a89-b176-1cc26fae87cd-web.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
721372004061e890f90932b40dd5ba69fc1aa21b3322f20d73b1ea0653189890

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
5814efa5-d41d-4a89-b176-1cc26fae87cd
age
3190
x-guploader-uploadid
ADPycdstfJIBXyJ2zIP6DXQlFCK2nde2He7llZzc40WedVs-3D3nh3xcMHEub2mVNq_lvZkwxmy6X2Mq-kGv9Rcd6e_mQw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
last-modified
Tue, 26 Jul 2022 20:38:09 GMT
server
cloudflare
etag
W/"ec5577c1082eb2ec44a8f0b8aa0fe0d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=pfa5fw==, md5=7FV3wQgusuxEqPC4qg/g0A==
x-goog-generation
1658867889146771
cache-control
public, max-age=900
x-goog-stored-content-length
127820
cf-ray
7321263148389bee-FRA
expires
Thu, 28 Jul 2022 23:01:08 GMT
gtm.js
www.googletagmanager.com/ 		248 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5Q356Q
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b5a1e2a0e0bc0564114068a7cf53ec26e7ad0ca1a265d5392bcda8a17554596
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76862
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 21:51:26 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Jul 2022 22:46:08 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-67.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Fri, 22 Jul 2022 07:33:31 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
Age
573158
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P3
X-Amz-Cf-Id
pRrhUQtxO2QedA8RUOYqsrYLdw1niCVhhjlfnakwXWOAYqCYcHPlhw==
apstag.js
c.amazon-adsystem.com/aax2/ 		140 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 28 Jul 2022 22:13:19 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
last-modified
Thu, 30 Jun 2022 20:51:38 GMT
server
AmazonS3
age
1970
etag
W/"72916dde70b34122b394074010b382ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P6
content-encoding
gzip
x-amz-cf-id
inEEGSYXBH-KlOqygwZP00VNWCGRCQ9E_ntFo7MoZ0YKgP-olrNpXQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
5161c7ee3ba66cf5e9405aee7dd0724b06f90b0b39d614e8048b7fbaa742e0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28339
x-xss-protection
0
server
sffe
etag
"1287 / 342 of 1000 / last-modified: 1659046109"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 28 Jul 2022 22:46:08 GMT
wellandgood.js
reve.leafmedia.io/ 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reve.leafmedia.io/wellandgood.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
004a0a1938fd271e8b71361f25d25d8ae558060ef6daa879cc3155220b0f4e6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
accept-ranges
bytes
content-length
23859
vary
Accept-Encoding
content-type
text/javascript
eum.min.js
eum.instana.io/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309

Request headers

Referer
https://www.wellandgood.com/
Origin
https://www.wellandgood.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 1 Jan 1970 00:00:01 GMT
server
cloudflare
age
84711
etag
1562908762--gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray
73212630dcc2921d-FRA
via
1.1 google
web-vitals.js
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals?module
  • https://unpkg.com/web-vitals@2.1.4?module
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.js?module
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.js?module
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a3662bdef768ff6e38604877fb5cb4158b2c2202e4436b430140769395e94839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
15951091
x-powered-by
Express
content-encoding
br
vary
Accept-Encoding
fly-request-id
01FT83NF8DV131E5D4S6A6YN78
server
cloudflare
etag
W/"13d6-IFsTpiEW6U8ebsIN/Xm9vJxQlt0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
73212631180790ee-FRA

Redirect headers

date
Thu, 28 Jul 2022 22:46:08 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
15951093
x-powered-by
Express
vary
Accept, Accept-Encoding
fly-request-id
01FT83NE7CSYGNX612XFAWC5JT
server
cloudflare
location
/web-vitals@2.1.4/dist/web-vitals.js?module
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
73212630efdf90ee-FRA
w-g-logo-black.svg
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/img/w-g-logo-black.svg
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
67df9f3bd8443ff09350889f0b6a55729b284d427d34aece1ef7f26757c535bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:21 GMT
etag
W/"62e083d5-1484"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
2355
Maki-Yazawa-84x84.jpg
www.wellandgood.com/wp-content/uploads/2022/04/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wellandgood.com/wp-content/uploads/2022/04/Maki-Yazawa-84x84.jpg
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
73a6cb4190a821ba10c12c9365ea8dae4c20a1f13e4806b5289712881464c5d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
last-modified
Fri, 29 Apr 2022 19:06:26 GMT
accept-ranges
bytes
etag
"626c3732-321c"
content-length
12828
content-type
image/jpeg
embed_v1.0.6.js
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web-us/tiktok/falcon/embed/
Redirect Chain
  • https://www.tiktok.com/embed.js
  • https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web-us/tiktok/falcon/embed/embed_v1.0.6.js
46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web-us/tiktok/falcon/embed/embed_v1.0.6.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Server
2.18.79.132 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-132.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
600d682de9fea2e27e1bc8838d92d1aa23716c47dcc63b95f8ddffe9fa98b87a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
10aa33
date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
9XdX6uhi1oQKccKbDqMekA==
x-cache
TCP_MEM_HIT from a2-18-78-132.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
Standard
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=7
content-length
14914
x-tos-request-id
4be612bb9dbae95f-abd2f1c
x-tos-response-time
Wed, 29 Jun 2022 00:32:58 GMT
last-modified
Tue, 28 Jun 2022 18:16:55 GMT
server
nginx
etag
"f57757eae862d6840a71c29b0ea31e90"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=2303466
access-control-allow-credentials
false
x-tt-trace-host
0125b7c4d52155b1e518f8e304d345d202a6bc210f2698221d22e524777ba475e5b5b17c474a48fbfe7e38d57fb5b0f892c322c68b392edaa020399cda8b156b361055e5dbbfb0f62734b94b538d9754b39f888e77083aeea032403bcdfba2c913bcf656ec6a98e95bf210c3e403a3e6937af39ed9da5b00c23e73985b8bfb3161
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

x-akamai-request-id
1c3497ad.c27cac
strict-transport-security
max-age=31536000
x-cache-remote
TCP_MISS from a23-197-193-174.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-18-78-146.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
105,2.18.78.146
server-timing
cdn-cache; desc=MISS, edge; dur=100, origin; dur=5
content-length
154
pragma
no-cache
server
nginx
date
Thu, 28 Jul 2022 22:46:08 GMT
content-type
text/html
location
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web-us/tiktok/falcon/embed/embed_v1.0.6.js
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.197.193.174
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a688fff396f5aa5cb6c5fcbbef0894c1b6f02ca91826117cfa48e9df2682d721c0bcded2632c9aa38825a94b4af4b4df4318830d00c755c106c45fbc063dc2a752
expires
Thu, 28 Jul 2022 22:46:08 GMT
Wc1KC8Ref0M
www.youtube.com/embed/ Frame 35C8 		62 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Wc1KC8Ref0M
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9b7771abd1cc32b2f00cde995b69747deb353ecddcec239db4fa8deb3ee7b9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 28 Jul 2022 22:46:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
wg-shop-logo.svg
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/img/wg-shop-logo.svg
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
936be7b582a2bb754f12203ad80017d6a8ed7dbe6df005795ec01df21b1156a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:00 GMT
etag
"62e083c0-1100"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
1925
l
use.typekit.net/af/3da9bf/00000000000000003b9b2063/27/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3da9bf/00000000000000003b9b2063/27/l?fvd=n4&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f18864001522dcb0cc98afade5c3f1a716b511869bc5411079bf894c34045116

Request headers

Referer
https://www.wellandgood.com/
Origin
https://www.wellandgood.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
server
nginx
etag
"d6768399f3b9304a9ed13c680eb3e17f92e754f3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35996
l
use.typekit.net/af/6469f1/000000000000000000012108/27/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6469f1/000000000000000000012108/27/l?fvd=n5&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f42ca2577d449a0a71e253026629d50e79ce18693c50abb0474eb8f677079399

Request headers

Referer
https://www.wellandgood.com/
Origin
https://www.wellandgood.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
server
nginx
etag
"d79c0c7fdfdc470f73009c0d4db6d5c7987d5f78"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25296
l
use.typekit.net/af/dff101/00000000000000003b9b2061/27/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/dff101/00000000000000003b9b2061/27/l?fvd=n5&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a5a31118c95a69d501342efc9101d16e81fa7e1325989ff89ff3f815439da542

Request headers

Referer
https://www.wellandgood.com/
Origin
https://www.wellandgood.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
server
nginx
etag
"e7b83e8ab836eca23dcc393f2949230d57b4b201"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35640
iconfont.woff2
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/fonts/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/fonts/iconfont.woff2
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e1e8e49ca0b7dd21d87f99adef39d4dde8cc6d4f5d058f7a7495e5c379905bf0

Request headers

Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Origin
https://www.wellandgood.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
last-modified
Wed, 27 Jul 2022 00:15:31 GMT
accept-ranges
bytes
etag
"62e083a3-f5d8"
content-length
62936
content-type
font/woff2
l
use.typekit.net/af/ac6334/000000000000000000012059/27/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/ac6334/000000000000000000012059/27/l?fvd=n4&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0216c8dc29523e3ff49d1831d3ca3631eb225f80924b590c890c3b24228c7aba

Request headers

Referer
https://www.wellandgood.com/
Origin
https://www.wellandgood.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
server
nginx
etag
"4fc6598b8ab354a0519cf28edb49b1ef3cfa7429"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29676
l
use.typekit.net/af/5464d5/00000000000000000001205a/27/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/5464d5/00000000000000000001205a/27/l?fvd=i4&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2436f80084a2d014dde7121e650ac23f271e2f23fb8f78b539919c296e08f543

Request headers

Referer
https://www.wellandgood.com/
Origin
https://www.wellandgood.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
server
nginx
etag
"ad44b3d0af45d52dc2c32d0d09c2928af52e18b2"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29404
l
use.typekit.net/af/04ec74/00000000000000000001205b/27/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/04ec74/00000000000000000001205b/27/l?fvd=n7&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8d0056dcc26b8dce6be00539697962adb12475fbf9cbf7fdcbc7c81b2ae7328d

Request headers

Referer
https://www.wellandgood.com/
Origin
https://www.wellandgood.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
server
nginx
etag
"1c4557ace28950fbc49487c3a85660222d5fe232"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29588
l
use.typekit.net/af/ee7e95/000000000000000000012109/27/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/ee7e95/000000000000000000012109/27/l?fvd=i5&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
23f63b420daeef9c7faed3087cee36f219d64830fda15f89eb3bcb47487ce9f6

Request headers

Referer
https://www.wellandgood.com/
Origin
https://www.wellandgood.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
server
nginx
etag
"03b451e3c02ba1dd946c98fad7bf8573883fc64a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25184
spacer.gif
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/img/ 		26 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/img/spacer.gif
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
last-modified
Wed, 27 Jul 2022 00:16:57 GMT
accept-ranges
bytes
etag
"62e083f9-1a"
content-length
26
content-type
image/gif
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.17.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-17-8.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 10:27:31 GMT
Via
1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
Age
44317
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
VIE50-P1
Accept-Ranges
bytes
X-Amz-Cf-Id
HsDBWhWc5DSCc1xYcD_VxL7YrjEPCWR17dvsKj9YMosSrQHmZ142FQ==
Expires
Fri, 29 Jul 2022 10:27:31 GMT
tailwind.bd98611b9b1de3d18d21.css
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/css/ 		46 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/css/tailwind.bd98611b9b1de3d18d21.css
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
abb2ee3d69e2103beda7e41f99402dd5c28c5cd66fc50b2cd3cf850cd7abb926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:34:10 GMT
etag
W/"62e08802-b9fb"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
9381
theme.c364b1f007cb44824959.css
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/css/ 		72 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/css/theme.c364b1f007cb44824959.css
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
efa30a9e6aba180391f5f846663b381b57207b91189dd6e9d2caa80889b4af0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:32 GMT
etag
W/"62e083e0-1208a"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4822
main-2016.d0707aa61b7617728047.css
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/css/ 		247 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/css/main-2016.d0707aa61b7617728047.css
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a0367cb5206a662f47abbe6a2c1e7877b6fae71949bd448c810752c16e547529

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:35 GMT
etag
W/"62e083e3-3db87"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
40677
post.5872b6ec9847cdd4c527.css
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/css/ 		74 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/css/post.5872b6ec9847cdd4c527.css
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5474431f71de44407de9743ebbc3ec69c99d6d1959a30bb685f9a4d88ae6d8d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:53 GMT
etag
W/"62e083f5-12817"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
11173
pushly-sdk.min.js
cdn.p-n.io/ 		302 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=w6MKZpunTxnvC1ZppsdFZQENdmxfmGJqAPgz&ver=5.9.3
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-124.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d4ca5250c5405e918db546130b57d38662caaa0d8d5daa37493000b701fd673

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 20:55:22 GMT
server
AmazonS3
age
271
etag
W/"ae42bd02e81eb00862c0c28f702f2b82"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
dxSNwz70ReisElVGDlnPJ8xuMPjYn0GcShAGtbGcaQhuyo-zTiSzcQ==
runtime.096697798900189d7507.js
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/runtime.096697798900189d7507.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4fbee4342890b861ddd7a0f6e8ecd49b817f300d4befd405c8a1c437ecb0b19a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:42 GMT
etag
W/"62e083ea-296f"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
4212
app.2414823f1509feaac11a.js
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/app.2414823f1509feaac11a.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
49a0fed64e7176b061231874d8337ecca03c3d0bbecefd7acb19d59a99018536

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:53 GMT
etag
W/"62e083f5-5ab4"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
7410
theme.c47d7cc6d0b930c6f835.js
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/ 		152 B
299 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/theme.c47d7cc6d0b930c6f835.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
10bb9eaf17872545fb9a4e4f778d731135b4d56cf71e249574ce29192c99bf50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:15:48 GMT
etag
"62e083b4-98"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
152
main-2016.f553d4985a20111387d0.js
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/main-2016.f553d4985a20111387d0.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3a1267e8dcbbc55595613d4aeb916709be4ccdf3c7b2353e60da1cf533bdfa0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:45 GMT
etag
W/"62e083ed-dcc"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
1525
config
c.amazon-adsystem.com/cdn/prod/ 		248 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3066&u=https%3A%2F%2Fwww.wellandgood.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:34:01 GMT
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server
Server
age
727
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P6
content-length
248
x-amz-cf-id
5IDw_7lIAqlA1HJqO3WdOLrptdijuyIZs0yEB3IILYkBLa3Ct9fp6Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 04:41:50 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
65059
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 29 Jun 2022 23:14:57 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P6
content-type
application/javascript
x-amz-cf-id
DHNZywzzjFugbolhNSw6JH8k1QIbAt20WNa1iyUxGzjjWfmpSGbBrQ==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-21-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Thu, 28 Jul 2022 23:01:08 GMT
www-player.css
www.youtube.com/s/player/240bde48/ Frame 35C8 		340 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/240bde48/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Wc1KC8Ref0M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb599e114d2bc2f901597ac2b6cbf99e6e6e7de9501a5c1a600ea2d6bad68d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Wc1KC8Ref0M
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 14:48:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
115039
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47800
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Jul 2023 14:48:49 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 35C8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Wc1KC8Ref0M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 17:06:41 GMT
x-content-type-options
nosniff
age
193167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Jul 2023 17:06:41 GMT
www-embed-player.js
www.youtube.com/s/player/240bde48/www-embed-player.vflset/ Frame 35C8 		308 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/240bde48/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Wc1KC8Ref0M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
126a7f1527363ca12ba70485e469f9cf583b319537a76cfded51a20f52128be5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Wc1KC8Ref0M
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 14:48:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
115039
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97242
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Jul 2023 14:48:49 GMT
base.js
www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/ Frame 35C8 		2 MB
565 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Wc1KC8Ref0M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
333c385f1afe99ad2f9c25f1cb0bff7bdcf017a2cd4c025bf6cb0238da22217d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Wc1KC8Ref0M
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 14:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
115036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
577713
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Jul 2023 14:48:52 GMT
fetch-polyfill.js
www.youtube.com/s/player/240bde48/fetch-polyfill.vflset/ Frame 35C8 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/240bde48/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Wc1KC8Ref0M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Wc1KC8Ref0M
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 14:48:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
115039
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Jul 2023 14:48:49 GMT
pubads_impl_2022072102.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js?cb=31068698
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
b5629bff9f7cf70baed7df75fbde4ab28280e2a687c8f4712b06a03d52666d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 21:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4604
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131883
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 17:43:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 28 Jul 2023 21:29:24 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		202 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wellandgood.com
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b5b657adebe472d1ec36080afd77d1dd2e5ca756182fdbfa9d1a08ad012f62e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127
x-xss-protection
0
expires
Thu, 28 Jul 2022 22:46:08 GMT
js
www.googletagmanager.com/gtag/ 		199 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FCN1P5XW0G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q356Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77e2169e770ab005acaae16396bf76d8e5a4a7a46e8351728e1dbc7cec3b3291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:08 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72802
x-xss-protection
0
expires
Thu, 28 Jul 2022 22:46:08 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q356Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6248
date
Thu, 28 Jul 2022 21:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 28 Jul 2022 23:02:00 GMT
pxid
5814efa5-d41d-4a89-b176-1cc26fae87cd.prmutv.co/v2.0/ 		46 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://5814efa5-d41d-4a89-b176-1cc26fae87cd.prmutv.co/v2.0/pxid?k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6bae0343f43db33d60cfe18091e84c909c56fc3d3b6fdd45d389bedfec6d4546

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
via
1.1 google
getuidj
ib.adnxs.com/ 		11 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 28 Jul 2022 22:46:09 GMT
X-Proxy-Origin
217.114.218.26; 217.114.218.26; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
fbeeea44-f973-45f9-a764-d00cb5b2ef64
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.wellandgood.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
5814efa5-d41d-4a89-b176-1cc26fae87cd-models.bin
cdn.permutive.com/models/v2/ 		26 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/5814efa5-d41d-4a89-b176-1cc26fae87cd-models.bin
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f69553b05af5a0ceb41da787865e39b6d4ef733411344e10cedc7f49df379085

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
5814efa5-d41d-4a89-b176-1cc26fae87cd
age
3347
x-guploader-uploadid
ADPycdumCfhLsTuLzp6vRl-car1yYo7zUE1gU_jFddZXUA0RVhFCFZGbSpMVhd7FRikD4xUbbudxboHVBk93HYG-ur3SzA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/x-binary
content-length
19147
last-modified
Tue, 26 Jul 2022 06:05:34 GMT
server
cloudflare
etag
"a7d88df3f1b8a8cee6f3b65c54c0e74f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Brd9mQ==, md5=p9iN8/G4qM7m87ZcVMDnTw==
x-goog-generation
1658815534675998
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
19147
accept-ranges
bytes
cf-ray
73212632ad4fbc03-FRA
expires
Thu, 28 Jul 2022 21:50:22 GMT
geoip
api.permutive.com/v2.0/ 		245 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
23279cd5dd692a5fd837775e96b76f0ed45fe66b77550db36398242aeaaa573e

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
via
1.1 google
watson
api.permutive.com/v2.0/ 		398 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
364e7ad67fc556f22d62c7f18d1d464f5a3a7041044048ce40ba5cc41f52d956

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
via
1.1 google
ats.js
ats.rlcdn.com/ 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: reve.leafmedia.io
URL: https://reve.leafmedia.io/wellandgood.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-127.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
gzip
etag
W/"148e21f812b555a13b2a9c6b616141f4"
age
68045
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Thu, 28 Jul 2022 05:55:44 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via
1.1 437caaa82b2f94aeac2747f293235378.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
VIE50-C2
content-type
application/x-javascript
x-amz-cf-id
YDybW8ZDMeD-PgC3Kio05PpI7YcX6dbulGDiY43hvOwq8EjLzScQiw==
config
c.amazon-adsystem.com/cdn/prod/ 		248 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3066&u=https%3A%2F%2Fwww.wellandgood.com
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:34:01 GMT
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server
Server
age
728
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P6
content-length
248
x-amz-cf-id
1c38ck_cA3RGRoh270rlzoKwoMbWei3FbX96mTRo3jrr52tAf6CZfQ==
183706-49930413793406.js
js-sec.indexww.com/ht/p/ 		175 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183706-49930413793406.js
Requested by
Host: reve.leafmedia.io
URL: https://reve.leafmedia.io/wellandgood.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6fb4beecaeaf75b625e2b79c1b127d29a0cd3b036ac026ddbabc9e56769104d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 22:46:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jul 2022 22:41:29 GMT
Server
Apache
ETag
"da4820-2bada-5e4e53c0ad929"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3419
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
48686
Expires
Thu, 28 Jul 2022 23:43:08 GMT
htv-jwplayer.min.js
js-sec.indexww.com/htv/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/htv/htv-jwplayer.min.js
Requested by
Host: reve.leafmedia.io
URL: https://reve.leafmedia.io/wellandgood.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
95477b33fe2f81052e244a609a52023398d8d342ea13f823476206bd78bbd592

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Unused62
8096267
Date
Thu, 28 Jul 2022 22:46:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Apr 2021 19:18:03 GMT
Server
Apache
ETag
"d8070c-8e57-5bf52ac560b47"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
11570
p.js
cdn.parsely.com/keys/wellandgood.com/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/wellandgood.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
f6071ada704c319b2c37c71ca6973a41d3a5b3d3f7ea8cf1c22ad44622e8b0e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
public
date
Thu, 28 Jul 2022 07:11:07 GMT
content-encoding
gzip
last-modified
Tue, 16 Feb 2021 16:53:29 GMT
server
nginx
age
56114
etag
W/"602bf889-10715"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
L4IB6Rf8nrgi8Ik6YtKzfBSAuM09g1ygvKxSGvv8snrbb3RpwO-OcA==
expires
Fri, 29 Jul 2022 07:10:55 GMT
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=wif1vuz&ht=tk&f=13464.13465.13466.13467.13468.13469.13470.13471.13472.13473.13474.13475.24425.24426.24427.34517.39510.39511.39512.39513.39514.39515.39516.39517.39518.39519.39520.39521.39522.39523.39524.39525.39526.39527&a=46370450&app=typekit&e=css
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/css/main-2016.d0707aa61b7617728047.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4868 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
e96e81b1-60c4-4746-99f4-183b5fbcb8b6
https://www.wellandgood.com/ 		226 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.wellandgood.com/e96e81b1-60c4-4746-99f4-183b5fbcb8b6
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fba5010755edf3d96256ee823a925a1a011d34ce24200275ae96766d21aee0ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
231517
a725dd84-96cf-4aec-a247-bc650a3f40be
https://www.wellandgood.com/ 		20 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.wellandgood.com/a725dd84-96cf-4aec-a247-bc650a3f40be
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2e676ef127a750c94fd9504bf8f008e8a5ed00d206bfd84d325511a8f3db372

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
20393
jsdiagnostic
pixel.adsafeprotected.com/ 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_m&anid:928482&sessionId:1efd7290-45da-7405-005d-8807f6ffd45b
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:09 GMT
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
ba0a883821fdf9a29a45b98041b35afe0d4229f043bc7901a03c4fe7f9e1df4d

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
via
1.1 google
id
googleads.g.doubleclick.net/pagead/ Frame 35C8
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Wc1KC8Ref0M
Protocol
H3
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f89ac597ab315664bab9a05f9276c837edc0dacfe5d21dcf34ca48a183cf4ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 28 Jul 2022 22:46:09 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 35C8 		29 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:39:28 GMT
x-content-type-options
nosniff
age
401
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Jul 2022 22:54:28 GMT
pub
pixel.adsafeprotected.com/services/ 		292 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928482&slot=%7Bid:emailslider1-1,s:1.3,p:/6117/wellgood/emailslider1-1,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=8fee0ee5-79b0-8113-b85d-aa13bb198a77&url=https%253A%252F%252Fwww.wellandgood.com%252Fspice-jar-hack%252F%253Futm_source%253Dpurewow%2526utm_medium%253Dsyndication%2526utm_campaign%253Dsocial%2526utm_content%253DFinal%2526utm_term%253Dnational
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5d33fc21d9333baa102cfc84f38d85f681a45ae678155b56218c02e88b95e8e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
x-server-name
app08.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
bid
c.amazon-adsystem.com/e/dtb/ 		88 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3066&u=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&pid=5qp1GUXCgISVB&cb=0&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22emailslider1-1%22%2C%22s%22%3A%5B%221x3%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
dc23d4a40b943f9bcc774d75d645f9d9c75c3b1871331ad3f0043affd123d7f2
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
KEHZJDAJDBXG61A7JY0S
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
88
x-amz-cf-id
dI4R1ZK5A979cqyMFywPnXR2mdZbvpdWkgekYDxisqwAMTLsJErAew==
5814efa5-d41d-4a89-b176-1cc26fae87cd-models.bin
cdn.permutive.com/models/v2/ 		26 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/5814efa5-d41d-4a89-b176-1cc26fae87cd-models.bin
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f69553b05af5a0ceb41da787865e39b6d4ef733411344e10cedc7f49df379085

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
5814efa5-d41d-4a89-b176-1cc26fae87cd
age
3347
x-guploader-uploadid
ADPycdumCfhLsTuLzp6vRl-car1yYo7zUE1gU_jFddZXUA0RVhFCFZGbSpMVhd7FRikD4xUbbudxboHVBk93HYG-ur3SzA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/x-binary
content-length
19147
last-modified
Tue, 26 Jul 2022 06:05:34 GMT
server
cloudflare
etag
"a7d88df3f1b8a8cee6f3b65c54c0e74f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Brd9mQ==, md5=p9iN8/G4qM7m87ZcVMDnTw==
x-goog-generation
1658815534675998
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
19147
accept-ranges
bytes
cf-ray
73212633be45bc03-FRA
expires
Thu, 28 Jul 2022 21:50:22 GMT
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
ba0a883821fdf9a29a45b98041b35afe0d4229f043bc7901a03c4fe7f9e1df4d

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
via
1.1 google
watson
api.permutive.com/v2.0/ 		398 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
364e7ad67fc556f22d62c7f18d1d464f5a3a7041044048ce40ba5cc41f52d956

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
via
1.1 google
publisher:getClientId
ampcid.google.com/v1/ 		74 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
341 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FCN1P5XW0G&gtm=2oe7p0&_p=719730855&_z=ccd.v9B&cid=1419900786.1659048369&ul=en-us&sr=1600x1200&_s=1&sid=1659048369&sct=1&seg=0&dl=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&dt=A%20Genius%20Spice%20Jar%20Hack%20to%20Unclog%20It%20*Without*%20Shaking%20%7C%20Well%2BGood&en=page_view&_fv=1&_nsi=1&_ss=1&ep.pageview_type=standard&ep.scroll=0&ep.partner=non-branded
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FCN1P5XW0G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 28 Jul 2022 22:46:09 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 35C8 		63 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f6feb40e7c43c25bfc44925b9286907df5bcddf3b429e5e6ba3aa17821d69dbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
30125
x-xss-protection
0
remote.js
www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/ Frame 35C8 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74983bfb9a159887f14e49ddf837e1dfcc9707700d77c9caecfd1cc15d3d1a9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Wc1KC8Ref0M
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 14:50:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
114915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37767
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Jul 2023 14:50:54 GMT
ggKmfVxHReqVfUET6K9HMBuIhbMUIdcXmPmWX92-l1U.js
www.google.com/js/th/ Frame 35C8 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/ggKmfVxHReqVfUET6K9HMBuIhbMUIdcXmPmWX92-l1U.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8202a67d5c4745ea957d4113e8af47301b8885b31421d71798f9965fddbe9755
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 13:37:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
32928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13830
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 13:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jul 2023 13:37:21 GMT
embed.js
www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/ Frame 35C8 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b53587af6a12f7fad3bfad6b7b54c87e617be23251df237e82aab784bbdbc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Wc1KC8Ref0M
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 14:48:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
115033
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8109
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 00:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Jul 2023 14:48:56 GMT
46e4c89d-0df3-4d56-89d4-20a4fa379d5d
https://www.wellandgood.com/ 		226 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.wellandgood.com/46e4c89d-0df3-4d56-89d4-20a4fa379d5d
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fba5010755edf3d96256ee823a925a1a011d34ce24200275ae96766d21aee0ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
231517
l
use.typekit.net/af/07139b/000000000000000000016ea5/27/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/07139b/000000000000000000016ea5/27/l?fvd=n4&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/css/main-2016.d0707aa61b7617728047.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
dc3c744d2ca6bc91b1bd00359f8d73b7e2ff0c6f5312e8538423c40370faf67b

Request headers

Referer
https://www.wellandgood.com/
Origin
https://www.wellandgood.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
server
nginx
etag
"2fa83502b5498e6689a8b341f78aee2faa56ed10"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
45484
l
use.typekit.net/af/972118/000000000000000000016ea6/27/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/972118/000000000000000000016ea6/27/l?fvd=n7&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/css/main-2016.d0707aa61b7617728047.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
542e01bb8a65097f0a369a3432a5a9774e96fb17245afed7fa4de9793c1012e6

Request headers

Referer
https://www.wellandgood.com/
Origin
https://www.wellandgood.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
server
nginx
etag
"01c46faf900e1bc0876a7efccc32fcdc79cd638b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
59436
truncated
/ Frame 35C8 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
AKedOLQQ1XG-d0rizN6G3n3i6SUl7HCRap7mwvP-exNQ8g=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 35C8 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLQQ1XG-d0rizN6G3n3i6SUl7HCRap7mwvP-exNQ8g=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Wc1KC8Ref0M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ef53de8b2b15283e98691c30f3d8669877f03bdf7a3cf9d240870e9327c4a727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 19:43:53 GMT
x-content-type-options
nosniff
age
10936
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1218
x-xss-protection
0
server
fife
etag
"v21e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 14 Jun 2022 09:15:53 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/Wc1KC8Ref0M/ Frame 35C8 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/Wc1KC8Ref0M/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Wc1KC8Ref0M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80a::2016 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44f3dd0cf12dbf448ae06c7635ce070d570ef735e12f8234167683f900942018
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:43:30 GMT
x-content-type-options
nosniff
age
159
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34364
x-xss-protection
0
server
sffe
etag
"1574202205"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Jul 2022 00:43:30 GMT
b2c1acd4-4a31-465f-be62-59c1fd04c683
https://www.wellandgood.com/ 		20 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.wellandgood.com/b2c1acd4-4a31-465f-be62-59c1fd04c683
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2e676ef127a750c94fd9504bf8f008e8a5ed00d206bfd84d325511a8f3db372

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
20393
/
eum-red-saas.instana.io/ 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-red-saas.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.231.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-231-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 28 Jul 2022 22:46:10 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1659048369446&plid=20940721&idsite=wellandgood.com&url=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&sref=&sts=1659048369443&slts=0&title=A+Genius+Spice+Jar+Hack+to+Unclog+It+*Without*+Shaking+%7C+Well%2BGood&date=Thu+Jul+28+2022+22%3A46%3A09+GMT%2B0000+(GMT)&action=pageview&pvid=9128872&u=pid%3Dcf56fd10a4d8701d7cde9a3acf4f19a9
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 22:46:09 GMT
Cache-Control
no-cache
Last-Modified
Thursday, 28-Jul-2022 22:46:09 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
publishertag.js
static.criteo.net/js/ld/ 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183706-49930413793406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
644dd2ed36b51eb3577b9b87f7bb7421b0e9234d051983c4bf435e6d1a4aa097
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 20:59:32 GMT
server
nginx
etag
W/"62c89ab4-1dc2b"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 29 Jul 2022 22:46:09 GMT
rid
match.adsrvr.org/track/ 		63 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183706&gdpr=0
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
358f0e5b2691b247f6224be0fc51734cc71a3461b6c1781d84bf38d556be5264

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.wellandgood.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 27 Aug 2022 22:46:09 GMT
identity
api.rlcdn.com/api/ 		44 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
/
id.sv.rkdms.com/identity/ 		2 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=LEAFGROUP&sv_domain=www.wellandgood.com
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.23.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-23-242.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.wellandgood.com
date
Thu, 28 Jul 2022 22:46:09 GMT
access-control-allow-credentials
true
server
nginx/1.20.2
content-length
2
vary
Origin
content-type
application/json
publisher:getClientId
ampcid.google.de/v1/ 		3 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80b::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.wellandgood.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js?cb=31068698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wellandgood.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js?cb=31068698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=584182728860691&correlator=1102716462498535&eid=31068591%2C31068698%2C44761478%2C42531608%2C31062930&output=ldjh&gdfp_req=1&vrg=2022072102&ptt=17&impl=fifs&iu_parts=6117%2Cwellgood%2Cemailslider1-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x3&ifi=1&adks=3468210392&sfv=1-0-38&ecs=20220728&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%26id%3D12b3b06f-0ec7-11ed-a9e8-064a9e4ec701&eri=1&cust_params=permutive%3D%26lg_uuid%3D1359881609.798538534%26category%3Dgood_food%252Chealthy_cooking%26tags%3Dvideo%252Cfood_nutrition%252Chealthy_eating_tips%26vertical%3Dfood%26article_id%3D891407%26pagetype%3Darticle%26puid%3D74a83562-c4cc-4ecf-b0aa-1a638fa85a40%26ptime%3D1659048369231%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_7294_KW%252CIAS_8767_KW%252CIAS_809_KW%252CIAS_5445_KW&sc=1&cookie_enabled=1&abxe=1&dt=1659048369502&lmt=1659048369&dlt=1659048368649&idt=494&adxs=0&adys=600&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&frm=20&vis=1&psz=1600x5026&msz=0x-1&fws=516&ohw=1600&ga_vid=1419900786.1659048369&ga_sid=1659048370&ga_hid=719730855&ga_fc=true
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a1b236f6a30bc3540c05bfa894043a5b068bcacd148e30c24a360267aebf3e56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11248
x-xss-protection
0
google-lineitem-id
5480519500
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138386656614
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4C49 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js?cb=31068698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:09 GMT
expires
Fri, 28 Jul 2023 22:46:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
geo.privacymanager.io/ 		30 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 01:05:02 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront), 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
age
78067
x-amzn-requestid
a6da74bc-a100-43a4-9fe7-65d1fcc6d137
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62e1e0be-20d28c15005ccecf050b4c80;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA60-P3
x-amz-apigw-id
V9ANuGAYDoEF37g=
content-length
30
x-amz-cf-id
fMdd62WL6JrYuzOXrxKDSZES8zb-bCDkV0LQ1OUvq-laxSKKjEZFgw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
0.d6b92289e102bf291207.js
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/0.d6b92289e102bf291207.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/runtime.096697798900189d7507.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c7b22c1c6daf0bfa2a09e7e50a149e1bae74aa3b563e33fe92ec84e4723f91d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:21 GMT
etag
W/"62e083d5-17c46"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
35014
77.c92b74e9196696e5ad6d.js
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/77.c92b74e9196696e5ad6d.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/runtime.096697798900189d7507.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
174f53af26f08c078c4617d06c920e2b352cfdcade8e9748e9601759edbaf239

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:53 GMT
etag
W/"62e083f5-3a2a"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
5091
1.b15cc54ca3d403fe566c.js
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/ 		96 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/1.b15cc54ca3d403fe566c.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/runtime.096697798900189d7507.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3f3fad41e2ab8c726453ccecc4acbe1c460a8bd4bee4af1c914877b0e7ca6a95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:12 GMT
etag
W/"62e083cc-181ad"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
36692
4.3cdc834d338a8ee15479.js
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/4.3cdc834d338a8ee15479.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/runtime.096697798900189d7507.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c8f08a7a2892cf667cf697e3ce333b9a905d838dba41578dd09f499f03493da4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:34:12 GMT
etag
W/"62e08804-36a7"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
4978
72.279dc72511db50c77797.js
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/72.279dc72511db50c77797.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/runtime.096697798900189d7507.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
812cab4095834d5d12ea0a5ade93f06c8ad72120e359a01ce97143cd26ac441b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:32 GMT
etag
W/"62e083e0-ea0"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
1573
93.ed28f21dd354e24a9652.js
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/93.ed28f21dd354e24a9652.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/runtime.096697798900189d7507.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f226f0f57617243035dec97d421963075a5189512589e8e00e0696511db7729e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:37 GMT
etag
W/"62e083e5-20b3"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
3072
71.f7480063605caf1a3ca1.js
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/71.f7480063605caf1a3ca1.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/runtime.096697798900189d7507.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0b3a59d8681cb657bd89cc4d497d9aee2b69668b0c38b5f186ff572e1fd05de8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:53 GMT
etag
W/"62e083f5-1a3e"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
2274
92.56d7c085092046123fad.js
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/92.56d7c085092046123fad.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/runtime.096697798900189d7507.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
98afcb2fa3e3e9a2e7f4047603e61cc8c2caa0f2ccca2cfc263306aa8fcbfed6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:42 GMT
etag
W/"62e083ea-1fcb"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
2915
embed_lib_v1.0.6.css
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.6.css
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.132 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-132.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
10ab65
date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
vary
Accept-Encoding
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
zJ2Nyh55L+w+3gi0qlc5pw==
x-cache
TCP_MEM_HIT from a2-18-78-132.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=24
content-length
1334
x-tos-request-id
299337bb9d08aa4e-af5440c
x-tos-response-time
Wed, 29 Jun 2022 00:30:00 GMT
last-modified
Tue, 28 Jun 2022 18:16:54 GMT
server
nginx
etag
CL61udTg0PgCEAE=
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=2290073
access-control-allow-credentials
false
x-tt-trace-host
0125b7c4d52155b1e518f8e304d345d202a7161aade6a9025b3a3d1042f70ec5b43a1286fe1f792a312b97e59a6ede7c8a860616f82f350fcbbb5c8d49dc051eae771a9c5f63d5ca824ae0aa4bf6e6acabd5177e467f32549b99a60d0f7db61e9232ec340a1ea16db9ab89c9826c5b846f0cd612599837e87a2fda48212e2b30e1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
embed_lib_v1.0.6.js
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.6.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.132 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-132.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
014bb521cd7de2af704695868eb70d69317bc561dffb58b45727f25c548fd326

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
10ab66
date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
vary
Accept-Encoding
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
ama0tBGdYPEWx9TEMdTb6g==
x-cache
TCP_MEM_HIT from a2-18-78-132.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=27
content-length
4779
x-tos-request-id
5b4df2bb9d08fb74-af54016
x-tos-response-time
Wed, 29 Jun 2022 00:30:00 GMT
last-modified
Tue, 28 Jun 2022 18:16:54 GMT
server
nginx
etag
COPMudTg0PgCEAE=
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=2290046
access-control-allow-credentials
false
x-tt-trace-host
0125b7c4d52155b1e518f8e304d345d202a7161aade6a9025b3a3d1042f70ec5b47f1328828be4f80ea85f912f724606cb4f9741a545bdc71fbb892a56219ab64366ed867ffd2070b3a85d40735cc29a30bf6ab791a0fe670a3ffaa4371559086cb5bd742f2bb00e4b100b485bee086564703a6ef1cb3c3fc4ef52451cec6fd4d5
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
view
securepubads.g.doubleclick.net/pcs/ Frame B030 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv18gDifapEym8hoePUElq4u-534JNYD8n1eJq1TQE2xlRtCIKf_qDRXLEWnVHAUFJayioTkI--V4wfJwd9wSmHHAWbfTC_lUSLFIw8nH8e7pz8lH1K4pw2BHAiSz24u7JAEFQ3AnoU-6HgSWnF9NQJFHyUXAPYWvmZh7KQEviRngXmgcN6gj5R6SpqvqThUwseFmAroOw6o2kvWloEmnzn1iHI10la8IekARK38h65WXkWGYWrftI8FcgwFg41yBn5pBTQ_v9O7h1d-Cf4ZtNrtPrGEVnODOb7CpyMDbMaNhYk6_ozLygGfDledxvMz5jQRbMz5dP8QvZx0s4X-I3zN1u8kglxO5uclA&sai=AMfl-YRxy0A2h4E1uWiAXRPjS4F4AyvADeANt_URfoXbnrXWlGLmstDHIb6CPb5G3RsPGzn59bFzkHF4FJfpTl7nsO5MLSXhou0tlrydn9t3PiN_lwh3NfxWdaiGZOxuKMQz&sig=Cg0ArKJSzJuIe5dUYyggEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jul 2022 22:46:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 28 Jul 2022 22:46:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B030 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js?cb=31068698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43522
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658922152796835"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 22:46:09 GMT
quant.js
secure.quantserve.com/ 		118 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q356Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d60f6f17937b8ed0a18321076438f53d6bb0d62879d42d3832bd50aa7e91e18d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
etag
"kVQ9bYjc9nNVTXISAKx8jA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 04 Aug 2022 22:46:09 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q356Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d06c1d1f95928227b923f8e2b201da367b26a9f30cce47c39eb994bdc1120eea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
UvnqSva0MME0cgsFLPtBgA==
age
2434
vary
Accept-Encoding
content-length
7093
x-ms-lease-status
unlocked
last-modified
Wed, 27 Jul 2022 06:16:17 GMT
server
cloudflare
etag
0x8DA6F978409BF0F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8bd68976-901e-003e-6b87-a16ec7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
73212636cd4392a2-FRA
104860X1561639.skimlinks.js
s.skimresources.com/js/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/104860X1561639.skimlinks.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q356Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c05682f5b8d03be25dc58133c558bcce34b6a1d5574b5bb6d053a40bdb43c83c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 10:50:56 GMT
server
AmazonS3
x-amz-request-id
GTAK7P0WW4YDMRHS
etag
"3a573db1debb2f254e20b4c56c63b00b"
x-hw
1659048369.cds109.fr8.hn,1659048369.cds288.fr8.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
15692
x-amz-id-2
VDdrJk9RmWNSKH/tGXMLWzXNsRt04kwmOEm5VTJoUzIyIApP0PL7hgb2TYGOjxYtWcNQMjw7cYI=
a-01mt.min.js
b-code.liadm.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-01mt.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q356Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:cc00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
01fcce2e24b80e2062954fd9a2429e47527af8e72bbd014ea4c02a9dc060eeb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 01:26:44 GMT
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
age
76765
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
FRA60-P4
content-encoding
gzip
x-amz-cf-id
dMNQH0P9uuZeuSdjRz2CHqK6xnYqN0GN3ZsTHgBJ9XsMKhp5h0_cnQ==
wellandgood.js
static.narrativ.com/tags/ 		159 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.narrativ.com/tags/wellandgood.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-96.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23d96933a47a5b61d35f3e6307851e17787275abff56d691a94372fa4cfc002c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 22:23:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 26 Jul 2022 16:55:38 GMT
Server
AmazonS3
Age
1377
ETag
W/"0ced385de7581daa8c93bed6fae6e346"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA60-P2
X-Amz-Cf-Id
MtIwPfNf0-ovO2NclWW8gO5qd--Ld5g9a531UDN9Fg66CXhIDtayXQ==
leafgroup_ca5e0_wellgood.js
cdn-magiclinks.trackonomics.net/client/static/v2/ 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/leafgroup_ca5e0_wellgood.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:400:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
21b7013008e6dd2028d0c221a38dbb403ca0572c65484a302f03afa8282630f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:11:26 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 12:49:24 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
age
2314
etag
W/"17c8f-5e281775e65eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
B3n0AQCk4baWToxMdt-kjpEeukK1PTHM8hcryKX8xoNAd38Ku8NziA==
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
b
sb.scorecardresearch.com/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=19765212&ns__t=1659048369673&ns_c=UTF-8&c8=A%20Genius%20Spice%20Jar%20Hack%20to%20Unclog%20It%20*Without*%20Shaking%20%7C%20Well%2BGood&c7=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&c9=
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
DOhze66KgQ3f_SJ_BzuPT1Iw7XSwPFhRMozwhbVdhMQceO4LSZzIUQ==
x-cache
Miss from cloudfront
7.d899d620c6a0e323743c.js
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/7.d899d620c6a0e323743c.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/runtime.096697798900189d7507.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e6f73a11c6c0c6bc1adcecd491e53534343c5a0d8eec33383dfd4043020588a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:17:03 GMT
etag
W/"62e083ff-3ba8"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
5727
70.93c44b462c06bb1f7e54.js
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/70.93c44b462c06bb1f7e54.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/runtime.096697798900189d7507.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3f2262cddf7ff338195574d61ae346a60e7859ed56a4b64f8c13c36f67befc01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:15:47 GMT
etag
W/"62e083b3-26eb"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
3463
128.28e49b538ae4db0f8375.js
www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/ 		1021 B
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/128.28e49b538ae4db0f8375.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/wp-content/themes/wellgood-2016/assets/webpack/js/runtime.096697798900189d7507.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28a196fd41db3c09e628d5ce8487a266150d272c09f0b6d5db4b4268c79596bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 00:16:45 GMT
etag
W/"62e083ed-3fd"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
606
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=719730855&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&ul=en-us&de=UTF-8&dt=A%20Genius%20Spice%20Jar%20Hack%20to%20Unclog%20It%20*Without*%20Shaking%20%7C%20Well%2BGood&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAQCAC~&jid=702305480&gjid=493444633&cid=1419900786.1659048369&tid=UA-10597695-1&_gid=812548643.1659048370&_r=1&gtm=2wg7p05Q356Q&cg2=non-branded&cg3=0&cd8=&cd13=standard&cd14=0&cd15=non-branded&cd25=1600x7194&cd34=0&cd35=0&cd36=0&cm2=&z=290987155
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		394 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e40392e86c82f3bce196182c21ed8467cca4aea225e451db8fd16ca727fa52d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=719730855&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&ul=en-us&de=UTF-8&dt=A%20Genius%20Spice%20Jar%20Hack%20to%20Unclog%20It%20*Without*%20Shaking%20%7C%20Well%2BGood&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AdBlock&ea=adBlock%20off&_u=aCDACEABBAQCAC~&jid=&gjid=&cid=1419900786.1659048369&tid=UA-10597695-1&_gid=812548643.1659048370&gtm=2wg7p05Q356Q&cg1=article&cg2=non-branded&cg3=0&cd2=GA1.2.1419900786.1659048369&cd5=article&cd6=healthy_cooking&cd7=2022-07-26T08%3A00%3A28.000Z&cd8=2022-07-25T15%3A17%3A01.000Z&cd9=Maki%20Yazawa&cd10=healthy_eating_tips%2C%20food_and_nutrition%2C%20video&cd13=standard&cd14=0&cd15=non-branded&cd16=no-campaign&cd17=food&cd23=9&cd24=This%20Is%20the%20Last%20Thing%20You%20Should%20Do%20With%20a%20Clogged%20Jar%20of%20Spices&cd25=1600x5727&cd26=&cd27=&cd28=&cd29=&cd33=1359881609.798538534&cd34=0&cd35=0&cd36=0&cm1=2022-07-26T08%3A00%3A28.000Z&cm2=2022-07-25T15%3A17%3A01.000Z&z=1496453897
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 12:25:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37246
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 35C8 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 22:46:09 GMT
generate_204
www.youtube.com/ Frame 35C8 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?fA-fFg
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Wc1KC8Ref0M
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
7085876658711907626
www.tiktok.com/embed/v2/ Frame 3CB9 		89 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tiktok.com/embed/v2/7085876658711907626?lang=en-US&referrer=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational
Requested by
Host: lf16-tiktok-web.ttwstatic.com
URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.146 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-146.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
77b30e200fb01f4ae4192dd0be5c24c851a64b7690631dde41d90e03352ac0b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 28 Jul 2022 22:46:10 GMT
expires
Thu, 28 Jul 2022 22:46:10 GMT
pragma
no-cache
server
nginx
server-timing
cdn-cache; desc=MISS, edge; dur=95, origin; dur=115 inner; dur=107
strict-transport-security
max-age=31536000
x-akamai-request-id
3e66daf3.c27fc9
x-cache
TCP_MISS from a2-18-78-146.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-cache-remote
TCP_MISS from a23-55-235-20.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-origin-response-time
115,23.55.235.20
x-parent-response-time
210,2.18.78.146
x-tt-logid
20220728224609010191041019235873E0
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a688fff396f5aa5cb6c5fcbbef0894c1b6aac999bd4815b88562ac62cd2dbc695ba59b67a774b242d1cf1574a6c4091483b0a4024ee88f46c45c6c3554670447b8ee76172da9f230c77633f1add2180c54
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
pushly-sdk.min.css
cdn.p-n.io/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.css?domain_key=w6MKZpunTxnvC1ZppsdFZQENdmxfmGJqAPgz
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=w6MKZpunTxnvC1ZppsdFZQENdmxfmGJqAPgz&ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-124.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7471e3df1ba49ecc8acc2dc6d8c4c3619f1a8e094050bdb2432c1cb2548468d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 20:55:47 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 18:34:08 GMT
server
AmazonS3
age
6623
etag
W/"f3cd76bbdf477b890d940ce319bd1d16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
un7F295ylv8jgejlUWBRIYtywo1ek75Huudu39nhhuzTo81L1fZpkg==
related
www.wellandgood.com/wp-json/wellandgood/v1/parsely/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wellandgood.com/wp-json/wellandgood/v1/parsely/related?&limit=3&url=https:%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F&pub_date_start=2022-01-26
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e01d0cba4a7a44b21ced86c8ba8bf8b245688aeec22ae3e1df56efe505c76157
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-INSTANA-T
36eb84e96b55d18c
Accept
application/json, text/plain, */*
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
X-INSTANA-S
36eb84e96b55d18c
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
X-INSTANA-L
1,correlationType=web;correlationId=36eb84e96b55d18c

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
allow
GET
server-timing
intid;desc=25e40def1f12d33b
accept-ranges
bytes
x-robots-tag
noindex
link
<https://www.wellandgood.com/wp-json/>; rel="https://api.w.org/"
content-length
1265
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
truncated
/ Frame B030 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bb66fbb8c4160a2a326c9fc9a16b771659635b68a50a6d2601ed033427a1d77

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 13B1 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928482&campId=1x3&pubId=4591704940&chanId=22073381215&placementId=5480519500&pubCreative=138386656614&pubOrder=2346107983&cb=1321063359&custom=article&custom2=good_food,healthy_cooking&adsafe_par&impId=12b3b06f-0ec7-11ed-a9e8-064a9e4ec701&custom3=purewow
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3bf22b7fa281d4f2dac3205709cb01c562f6039f3714171b9af5ab92918ef9d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:09 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B030 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIVXQFJqUNnjBVinFGAcuIiXhb_pItJvugy4cUdYMALzYy7z1sdU043Qp93lmZ-A-isXyns1UG8JHo6Bj0xCLY2QJlQxCSKlu_LdYV6xY1Rfhl_9eUPDWO9GLJ6mBA1r61PzmNWqrdotlTGRRRgs1ZKOt6IpsjXPBHxTrHcGMGmLk6LXGH93T3Z56iqPmesFQrlf8pPfXfQzkTY4f4KIRUMKYoYLNcrPEYybIRw1j0fj-gGq_FMA4mxZeyUsHO0e5jzFB6K9sTHyrpRIO8socJ9czNmS71C4vqVJBJ932tF8pYnnG0U-hLLvRQT0soPuQHYz9dOoHm_QybTZTRWA&sai=AMfl-YSXqkTyO4n-Kqsq6rANysJnfuT7sdNCHPrsn8BJ7l5fDtZr6As9NMj5rEfjie2KqR72Bg2HIlKUFa8O1QAL_SOFQtApXxDOUFS86uLre11Lycp68r-I1a2joqD_h1EJ&sig=Cg0ArKJSzDye7eQaqBSxEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jul 2022 22:46:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 28 Jul 2022 22:46:09 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10597695-1&cid=1419900786.1659048369&jid=702305480&gjid=493444633&_gid=812548643.1659048370&_u=YCDACEAABAQCAC~&z=1335043318
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 28 Jul 2022 22:46:09 GMT
content-type
text/plain
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
966db0da-7941-4068-91c4-0caec98fd691.json
cdn.cookielaw.org/consent/966db0da-7941-4068-91c4-0caec98fd691/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/966db0da-7941-4068-91c4-0caec98fd691/966db0da-7941-4068-91c4-0caec98fd691.json
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ada0d47c48a1db77ff5f5b26a062a5d674dbab3cd1a62c6f7c7c75448a4436
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
G2JBNbTRf43dD0QvCsfWrQ==
age
4640
vary
Accept-Encoding
content-length
1223
x-ms-lease-status
unlocked
last-modified
Wed, 12 Aug 2020 20:32:33 GMT
server
cloudflare
etag
0x8D83EFED7A9B0B8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2dbcf5ff-301e-00ff-7ae7-29e57e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
732126387fe09a15-FRA
expires
Fri, 29 Jul 2022 02:46:10 GMT
rules-p-4dIM5nVs2rFio.js
rules.quantcount.com/ 		96 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-4dIM5nVs2rFio.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:2800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68b89a9edab14c8b4b0b39255f6dbb5ff4e74be710295bc204824d062290e88a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:04:43 GMT
content-encoding
gzip
age
2493
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Fri, 22 Jul 2022 15:57:35 GMT
server
AmazonS3
etag
W/"4f7d8b97da65f50e2ceb3e9652aea8fe"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
VIE50-P1
x-amz-cf-id
-i2gB3j06jXKO6DD4RmyotCSJ3a95T-D3TOSfK9PTb5nQ3L3nCg5sA==
session.html
events.release.narrativ.com/api/v0/ Frame 9DDD 		713 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://events.release.narrativ.com/api/v0/session.html
Requested by
Host: static.narrativ.com
URL: https://static.narrativ.com/tags/wellandgood.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.183.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-183-121.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
70b7c68911dbbc2b3afd1b035f8f8d7755de89d8085e9a0b61e8c9414a1331e8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
private, max-age=7776000, must-revalidate, proxy-revalidate
content-length
713
content-type
text/html; charset=utf-8
date
Thu, 28 Jul 2022 22:46:10 GMT
server
nginx/1.22.0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-bam-build-version
3cc9cdf6453c90dae2fb825003656c66dcb3afc7
x-bam-env
release
x-robots-tag
none
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=719730855&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&ul=en-us&de=UTF-8&dt=A%20Genius%20Spice%20Jar%20Hack%20to%20Unclog%20It%20*Without*%20Shaking%20%7C%20Well%2BGood&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Related%20Content&ea=related_content_impression&el=https%3A%2F%2Fwww.wellandgood.com%2Fno-knife-pineapple-hack%2F%2Chttps%3A%2F%2Fwww.wellandgood.com%2Fjamaican-jerk-seasoning%2F&_u=aCDACEABBAQCAC~&jid=&gjid=&cid=1419900786.1659048369&tid=UA-10597695-1&_gid=812548643.1659048370&gtm=2wg7p05Q356Q&cg1=article&cg2=non-branded&cg3=0&cd2=GA1.2.1419900786.1659048369&cd5=article&cd6=healthy_cooking&cd7=2022-07-26T08%3A00%3A28.000Z&cd8=2022-07-25T15%3A17%3A01.000Z&cd9=Maki%20Yazawa&cd10=healthy_eating_tips%2C%20food_and_nutrition%2C%20video&cd13=standard&cd14=0&cd15=non-branded&cd16=no-campaign&cd17=food&cd23=9&cd24=This%20Is%20the%20Last%20Thing%20You%20Should%20Do%20With%20a%20Clogged%20Jar%20of%20Spices&cd25=1600x6761&cd26=&cd27=&cd28=&cd29=&cd33=1359881609.798538534&cd34=0&cd35=0&cd36=0&cm1=2022-07-26T08%3A00%3A28.000Z&cm2=2022-07-25T15%3A17%3A01.000Z&z=2037754667
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 12:25:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37247
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Stocksy_txp7d085a05isR300_Small_2092472-425x285.jpg
www.wellandgood.com/wp-content/uploads/2022/06/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wellandgood.com/wp-content/uploads/2022/06/Stocksy_txp7d085a05isR300_Small_2092472-425x285.jpg
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c7eb8892373973f4babf75de56b6733e2dc4af6f1422403cb7b679473434857c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
last-modified
Wed, 15 Jun 2022 22:02:17 GMT
accept-ranges
bytes
etag
"62aa56e9-9a73"
content-length
39539
content-type
image/jpeg
Stocksy_txp1e3bfb40YEN300_Small_3523450-425x285.jpg
www.wellandgood.com/wp-content/uploads/2022/03/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wellandgood.com/wp-content/uploads/2022/03/Stocksy_txp1e3bfb40YEN300_Small_3523450-425x285.jpg
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:180::3fae Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
071ec8646c15156029c8d64c5d3f427cf61a3d75a89d676ccf54cc3a98c5c986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
last-modified
Mon, 28 Mar 2022 21:10:58 GMT
accept-ranges
bytes
etag
"62422462-d623"
content-length
54819
content-type
image/jpeg
pub
pixel.adsafeprotected.com/services/ 		354 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928482&slot=%7Bid:horizontal1-1,ss:%5B728.90,970.250%5D,p:/6117/wellgood/horizontal1-1,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=8fee0ee5-79b0-8113-b85d-aa13bb198a77&url=https%253A%252F%252Fwww.wellandgood.com%252Fspice-jar-hack%252F%253Futm_source%253Dpurewow%2526utm_medium%253Dsyndication%2526utm_campaign%253Dsocial%2526utm_content%253DFinal%2526utm_term%253Dnational
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6d0bb294dbc97f2ff9d7c04b62fc5a1798d7f733b4d42a9a026cdc1da4b5850c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
x-server-name
app01.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3066&u=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&pid=5qp1GUXCgISVB&cb=1&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22horizontal1-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%5D&cfgv=3&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
RE26W8S07QDS95YP9K0V
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
2_N_24qWS7yuFnzMYJ80-3PVSNnnjpaytc-G6oa_YqqlSGR46K7hPg==
pub
pixel.adsafeprotected.com/services/ 		548 B
784 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928482&slot=%7Bid:inline1-1,ss:%5B640.250,728.90%5D,p:/6117/wellgood/inline1-1,t:display%7D&slot=%7Bid:inline1-2,ss:%5B640.250,728.90%5D,p:/6117/wellgood/inline1-2,t:display%7D&slot=%7Bid:inline1-3,ss:%5B640.250,728.90%5D,p:/6117/wellgood/inline1-3,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=8fee0ee5-79b0-8113-b85d-aa13bb198a77&url=https%253A%252F%252Fwww.wellandgood.com%252Fspice-jar-hack%252F%253Futm_source%253Dpurewow%2526utm_medium%253Dsyndication%2526utm_campaign%253Dsocial%2526utm_content%253DFinal%2526utm_term%253Dnational
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3f99bee62b18a54519aa568e139b7a5b1f8d91ffa23e63adf845662eea30aced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
x-server-name
app04.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3066&u=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&pid=5qp1GUXCgISVB&cb=2&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22inline1-1%22%2C%22s%22%3A%5B%22640x250%22%2C%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22inline1-2%22%2C%22s%22%3A%5B%22640x250%22%2C%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22inline1-3%22%2C%22s%22%3A%5B%22640x250%22%2C%22728x90%22%5D%7D%5D&cfgv=3&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
1G7T0TWGJ4NHQZMF25Z3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
kpmiDCGIXrb0S53zOTOPECxBeuZ0NYDaz1ZVSzJmQFaprXidyK5xjw==
pub
pixel.adsafeprotected.com/services/ 		345 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928482&slot=%7Bid:rightrail1-1,ss:%5B300.250,300.600%5D,p:/6117/wellgood/rightrail1-1,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=8fee0ee5-79b0-8113-b85d-aa13bb198a77&url=https%253A%252F%252Fwww.wellandgood.com%252Fspice-jar-hack%252F%253Futm_source%253Dpurewow%2526utm_medium%253Dsyndication%2526utm_campaign%253Dsocial%2526utm_content%253DFinal%2526utm_term%253Dnational
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d018a4bc6732706871e85ac4ee0c9a6b3b10947daa364c8eb4282be8daf1fd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
x-server-name
app07.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3066&u=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&pid=5qp1GUXCgISVB&cb=3&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22rightrail1-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%5D&cfgv=3&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
NXAWXKCJVQTKHA8WXG21
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
50VdZNaYKXmERAcJtYoG8ieVNF4dDivqSPYb5xX73D6TyYmNYMlxBA==
pub
pixel.adsafeprotected.com/services/ 		335 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928482&slot=%7Bid:outstream1-1,s:640.360,p:/6117/wellgood/outstream1-1,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=8fee0ee5-79b0-8113-b85d-aa13bb198a77&url=https%253A%252F%252Fwww.wellandgood.com%252Fspice-jar-hack%252F%253Futm_source%253Dpurewow%2526utm_medium%253Dsyndication%2526utm_campaign%253Dsocial%2526utm_content%253DFinal%2526utm_term%253Dnational
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
871962197e9fb61e803e2a930df41c20dc6ed5884d6eb74c05b6ac3928c52bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
x-server-name
app03.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3066&u=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&pid=5qp1GUXCgISVB&cb=4&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22outstream1-1%22%2C%22s%22%3A%5B%22640x360%22%5D%7D%5D&cfgv=3&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
RT1N9KWFAQEGCHV0NAP1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
nPTtnqScv4tUoiPigdqgfJFUJigfvUcn_FTFsTnMYqVgRnzQakSdrA==
robots.txt
t.skimresources.com/api/v2/ Frame B6B5 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.08703665059000465
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=4.991218654021642
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=4.991218654021642
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
sync-container.js
b-code.liadm.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01mt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:cc00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
content-encoding
gzip
etag
W/"ae5e94de938b0387eda6df8f20da811a"
last-modified
Tue, 10 May 2022 11:48:07 GMT
server
AmazonS3
age
2539213
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
date
Thu, 14 Jul 2022 02:44:09 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
dTGoI9lnHbvR3T4lcQiPPazx3EbfhEZd3NoR2kCnrjubYUzJWW-IZw==
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10597695-1&cid=1419900786.1659048369&jid=702305480&_u=YCDACEAABAQCAC~&z=296001159
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10597695-1&cid=1419900786.1659048369&jid=702305480&_u=YCDACEAABAQCAC~&z=296001159
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cast_sender.js
www.gstatic.com/eureka/clank/103/ Frame 35C8 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/103/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 14:25:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15123
x-xss-protection
0
last-modified
Mon, 02 May 2022 15:04:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 29 Jul 2022 14:25:23 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 35C8 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ef67d7cfae1be7b2e008445315f9e6047387723de195b5ceb7239d35d113547d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 28 Jul 2022 22:46:10 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.wellandgood.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js?cb=31068698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wellandgood.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js?cb=31068698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		411 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=584182728860691&correlator=2285002024203284&eid=31068591%2C31068698%2C44761478%2C42531608%2C31062930&output=ldjh&gdfp_req=1&vrg=2022072102&ptt=17&impl=fifs&iu_parts=6117%2Cwellgood%2Cnative1-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=2&adks=3063435689&sfv=1-0-38&ecs=20220728&fsapi=false&prev_scp=rfrsh%3D0&eri=1&cust_params=permutive%3D%26lg_uuid%3D1359881609.798538534%26category%3Dgood_food%252Chealthy_cooking%26tags%3Dvideo%252Cfood_nutrition%252Chealthy_eating_tips%26vertical%3Dfood%26article_id%3D891407%26pagetype%3Darticle%26puid%3D74a83562-c4cc-4ecf-b0aa-1a638fa85a40%26ptime%3D1659048369231%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_7294_KW%252CIAS_8767_KW%252CIAS_809_KW%252CIAS_5445_KW&sc=1&cookie=ID%3D86af9604f05e86f5-22db7623e0cd00e2%3AT%3D1659048369%3AS%3DALNI_MZOzg5hYbrDJ2Sku9yOr7bHw8Nvyg&abxe=1&dt=1659048370127&lmt=1659048370&dlt=1659048368649&idt=494&adxs=650&adys=3190&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&frm=20&vis=1&psz=730x0&msz=730x0&fws=4&ohw=1600&psts=AGkb-H8pdd3kJ9PMIcm_G5sPhge7D6jQahVc96yAshlCsm91x-GPOXVDKmPiL4nVC5edfpaVJDb38FF8EyOfNDy6qGIFreSZnQ&ga_vid=1419900786.1659048369&ga_sid=1659048370&ga_hid=719730855&ga_fc=true
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
26cd7bf031d710c443f801d30b5f5c5400e5736cc39d79e172f935cddcff91f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
222
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=584182728860691&correlator=4264294375857218&eid=31068591%2C31068698%2C44761478%2C42531608%2C31062930&output=ldjh&gdfp_req=1&vrg=2022072102&ptt=17&impl=fifs&iu_parts=6117%2Cwellgood%2Cbrandmetrics1-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&adks=2574392102&sfv=1-0-38&ecs=20220728&ists=1&fsapi=false&eri=1&cust_params=permutive%3D%26lg_uuid%3D1359881609.798538534%26category%3Dgood_food%252Chealthy_cooking%26tags%3Dvideo%252Cfood_nutrition%252Chealthy_eating_tips%26vertical%3Dfood%26article_id%3D891407%26pagetype%3Darticle%26puid%3D74a83562-c4cc-4ecf-b0aa-1a638fa85a40%26ptime%3D1659048369231%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_7294_KW%252CIAS_8767_KW%252CIAS_809_KW%252CIAS_5445_KW&sc=1&cookie=ID%3D86af9604f05e86f5-22db7623e0cd00e2%3AT%3D1659048369%3AS%3DALNI_MZOzg5hYbrDJ2Sku9yOr7bHw8Nvyg&abxe=1&dt=1659048370139&lmt=1659048370&dlt=1659048368649&idt=494&adxs=800&adys=5854&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&frm=20&vis=1&psz=1280x0&msz=1280x0&fws=4&ohw=1600&psts=AGkb-H8pdd3kJ9PMIcm_G5sPhge7D6jQahVc96yAshlCsm91x-GPOXVDKmPiL4nVC5edfpaVJDb38FF8EyOfNDy6qGIFreSZnQ&ga_vid=1419900786.1659048369&ga_sid=1659048370&ga_hid=719730855&ga_fc=true
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a6d745bbbc241154ea7906d27edca4104f861213bb9929e8f2fa5c689b69a32e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2550
x-xss-protection
0
google-lineitem-id
5646666602
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138343855768
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.skimresources.com/api/ 		177 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
56a710f38cb6bf9c79a7f61b9037e9c2ebdd7b68d4f8d9459b3007481f5703fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.wellandgood.com
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
/
eum-red-saas.instana.io/ 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-red-saas.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.231.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-231-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 28 Jul 2022 22:46:10 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		153 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
73212639db239a0f-FRA
access-control-allow-headers
Content-Type
main.19.8.335.js
static.adsafeprotected.com/ Frame 13B1 		193 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.335.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928482&campId=1x3&pubId=4591704940&chanId=22073381215&placementId=5480519500&pubCreative=138386656614&pubOrder=2346107983&cb=1321063359&custom=article&custom2=good_food,healthy_cooking&adsafe_par&impId=12b3b06f-0ec7-11ed-a9e8-064a9e4ec701&custom3=purewow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca8f5b527f7b05cc197be6a570581130a8c18cbb7fc102c5818cce3fa7a199b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 15:55:57 GMT
content-encoding
gzip
age
24613
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 28 Jul 2022 07:03:33 GMT
server
AmazonS3
etag
W/"74598d65d04c1983f5c3b79a038ac65b"
vary
Accept-Encoding
x-amz-version-id
QcdRgQdWB6J1rHL.kt_hpInWIdvckEYm
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
OgiF6AQBYGho5VDBYQmzQeqqUyJVsv-1y7FKPoJMistTwrQbEUWJIQ==
ads
securepubads.g.doubleclick.net/gampad/ 		415 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=584182728860691&correlator=2662252494739431&eid=31068591%2C31068698%2C44761478%2C42531608%2C31062930&output=ldjh&gdfp_req=1&vrg=2022072102&ptt=17&impl=fifs&iu_parts=6117%2Cwellgood%2Coutstream1-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=640x360&ifi=4&adks=3994470996&sfv=1-0-38&ecs=20220728&fsapi=false&prev_scp=rfrsh%3D0%26amznbid%3D2%26amznp%3D2%26id%3D13266ed2-0ec7-11ed-8493-0a6fa201f3de%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60&eri=1&cust_params=permutive%3D%26lg_uuid%3D1359881609.798538534%26category%3Dgood_food%252Chealthy_cooking%26tags%3Dvideo%252Cfood_nutrition%252Chealthy_eating_tips%26vertical%3Dfood%26article_id%3D891407%26pagetype%3Darticle%26puid%3D74a83562-c4cc-4ecf-b0aa-1a638fa85a40%26ptime%3D1659048369231%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_7294_KW%252CIAS_8767_KW%252CIAS_809_KW%252CIAS_5445_KW&sc=1&cookie=ID%3D86af9604f05e86f5-22db7623e0cd00e2%3AT%3D1659048369%3AS%3DALNI_MZOzg5hYbrDJ2Sku9yOr7bHw8Nvyg&abxe=1&dt=1659048370165&lmt=1659048370&dlt=1659048368649&idt=494&adxs=330&adys=1848&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&frm=20&vis=1&psz=730x0&msz=730x0&fws=4&ohw=1600&psts=AGkb-H8pdd3kJ9PMIcm_G5sPhge7D6jQahVc96yAshlCsm91x-GPOXVDKmPiL4nVC5edfpaVJDb38FF8EyOfNDy6qGIFreSZnQ&ga_vid=1419900786.1659048369&ga_sid=1659048370&ga_hid=719730855&ga_fc=true
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6c20dc7b276fe2d57ba4a4750566f3c23cdc053115ed64df55d5224eb76a23d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
221
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		215 KB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=584182728860691&correlator=2338921461606330&eid=31068591%2C31068698%2C44761478%2C42531608%2C31062930&output=ldjh&gdfp_req=1&vrg=2022072102&ptt=17&impl=fifs&iu_parts=6117%2Cwellgood%2Cinline1-1%2Cinline1-2%2Cinline1-3&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=640x250%7C728x90%2C640x250%7C728x90%2C640x250%7C728x90&ifi=5&adks=816106064%2C3699372572%2C47082881&sfv=1-0-38&ecs=20220728&fsapi=false&prev_scp=rfrsh%3D0%26amznbid%3D2%26amznp%3D2%7Crfrsh%3D0%26amznbid%3D2%26amznp%3D2%7Crfrsh%3D0%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3D%26lg_uuid%3D1359881609.798538534%26category%3Dgood_food%252Chealthy_cooking%26tags%3Dvideo%252Cfood_nutrition%252Chealthy_eating_tips%26vertical%3Dfood%26article_id%3D891407%26pagetype%3Darticle%26puid%3D74a83562-c4cc-4ecf-b0aa-1a638fa85a40%26ptime%3D1659048369231%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_7294_KW%252CIAS_8767_KW%252CIAS_809_KW%252CIAS_5445_KW&sc=1&cookie=ID%3D86af9604f05e86f5-22db7623e0cd00e2%3AT%3D1659048369%3AS%3DALNI_MZOzg5hYbrDJ2Sku9yOr7bHw8Nvyg&abxe=1&dt=1659048370174&lmt=1659048370&dlt=1659048368649&idt=494&adxs=330%2C330%2C330&adys=2013%2C4367%2C4891&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4%7C5%7C6&ucis=5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&frm=20&vis=1&psz=640x50%7C640x50%7C640x50&msz=640x30%7C640x30%7C640x30&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&psts=AGkb-H8pdd3kJ9PMIcm_G5sPhge7D6jQahVc96yAshlCsm91x-GPOXVDKmPiL4nVC5edfpaVJDb38FF8EyOfNDy6qGIFreSZnQ&ga_vid=1419900786.1659048369&ga_sid=1659048370&ga_hid=719730855&ga_fc=true
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4b080c85fdea39030ddad0a53615d418819c68412c0f8a087f44a93a7985a921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67070
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
arj
demandmedia-d.openx.net/w/1.0/
Redirect Chain
  • https://demandmedia-d.openx.net/w/1.0/arj?auid=539505649&aus=300x250%2C300x600&ju=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campa...
  • https://demandmedia-d.openx.net/w/1.0/arj?cc=1&auid=539505649&aus=300x250%2C300x600&ju=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_...
231 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demandmedia-d.openx.net/w/1.0/arj?cc=1&auid=539505649&aus=300x250%2C300x600&ju=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._B9lP9QIk&cache=1659048370181&gdpr_consent=&gdpr=0&us_privacy=
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1d59bf0b49c57cd82ff4e87f2650c96010b286e9280c987298e01543b29b8966

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.wellandgood.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 google
server
OXGW/0.0.0
location
https://demandmedia-d.openx.net/w/1.0/arj?cc=1&auid=539505649&aus=300x250%2C300x600&ju=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._B9lP9QIk&cache=1659048370181&gdpr_consent=&gdpr=0&us_privacy=
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cygnus
htlb.casalemedia.com/ 		30 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=346202
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75a53d7bf56b15993633fa6dc67039e544c4c70fc37ad324cb14675f574aaea0

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vn9kXd74fVfHqM9f3VHudkCYb8C4oNwpq7BMn0EMW6HP13AckTJDGzTnBMUC1a1W5%2BaJckbt%2Ft120bNq4GZbUzyLfOrQjrZl%2BHpykYANBXePOiHGyLB1QuAAI4hFAkZFKye28Hbg"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7321263a1e98693f-FRA
expires
0
prebid
ib.adnxs.com/ut/v3/ 		138 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
95a79a3aa2e44f7589b8eec7214d959a111a65320ef4dadcab25b564b7a1a222
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 28 Jul 2022 22:46:10 GMT
X-Proxy-Origin
217.114.218.26; 217.114.218.26; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
c2d215ac-86e7-41be-be3c-30ffe9de536e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.wellandgood.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a969573017474fdfa8ffe1362e50015&pos=hunker_dw_rr-1_300x600&secure=1&us_privacy=
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
25874e15e2929c0f872c5304912348ceec3bd87051ef2c2d674b6437e617399e

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a969573017474fdfa8ffe1362e50015&pos=hunker_dw_rr-1_300x250&secure=1&us_privacy=
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
6437b9c4b74b01f68156bcded9505562462d78d8e4a1f3bc7238013651743349

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
content-length
62
fastlane.json
fastlane.rubiconproject.com/a/api/ 		259 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8737&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&p_screen_res=1600x1200&site_id=164310&zone_id=787208&kw=rp.fastlane&tk_flint=index&rand=0.48490112138610986&gdpr=0&gdpr_consent=&alt_size_ids=10
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
51c4ed990a2f0517e58d523e68c6380444ffbc31753abaaf04795f86cfbbb7a8

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 28 Jul 2022 22:46:10 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.wellandgood.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
259
Expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
ssc.33across.com/api/v1/ 		0
0
cdb
bidder.criteo.com/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=125&profileId=154&cb=76094365053
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
btlr.sharethrough.com/t6oivhQt/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=7Ec3zcNLnUwyZopheoVzHogA&bidId=_A7LBBxmc&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1659048370187&secure=true&consent_required=false&consent_string=
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.125.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-125-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.wellandgood.com
date
Thu, 28 Jul 2022 22:46:10 GMT
access-control-allow-credentials
true
vary
Origin
bid
krk.kargo.com/api/v1/ 		2 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v1/bid?json=%7B%22sessionId%22%3A%225f63cad2-8f54-4fc7-a26a-9d2b7c245b20%22%2C%22timeout%22%3A1000%2C%22adSlotIDs%22%3A%5B%22915bc194-ad01-4ad3-afca-b86df3d33d62%22%5D%2C%22timestamp%22%3A1659048370187%2C%22userIDs%22%3A%7B%22kargoID%22%3A%22%22%2C%22clientID%22%3A%22%22%2C%22tdID%22%3A%22%22%2C%22idlEnv%22%3A%22%22%2C%22crbIDs%22%3A%7B%7D%2C%22optOut%22%3Afalse%2C%22usp%22%3A%22%22%2C%22gdpr%22%3A%7B%22consent%22%3A%22%22%2C%22applies%22%3Afalse%2C%22version%22%3A2%2C%22addtlConsent%22%3A%22%22%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.8.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-8-16.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 28 Jul 2022 22:46:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.wellandgood.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
tiktok-embed.module.43f6d443181ebb5a246c.js
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/ Frame 3CB9 		983 KB
315 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/tiktok-embed.module.43f6d443181ebb5a246c.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7085876658711907626?lang=en-US&referrer=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-142.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8825a11d00047c6335a99b17916099594a686eb51495d36a8f0119ae441a3ec2

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
167e18
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
bOalq1co+bZMPqo7wwQG8A==
x-cache
TCP_MEM_HIT from a2-18-78-142.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
STANDARD
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=9
x-tos-request-id
4d968bdefd50b1cd62defd50-ad9158c
x-tos-response-time
Mon, 25 Jul 2022 20:30:08 GMT
last-modified
Mon, 25 Jul 2022 20:02:41 GMT
server
nginx
etag
"6ce6a5ab5728f9b64c3eaa3bc30406f0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=2324589
access-control-allow-credentials
false
x-tt-trace-host
010375ce72d07a7982991919f8b598fb9edddb0585ffa24c1c1694f1cc38af7e9c2ececf7f0e06ef0f1b275f50d122425cb66cd16dad40b96864e0ab949761103894e47f70929d7087f267ff25eeb30405e906787e23d16d4d90750905267cf1c29a5bd1da006fd65120f9898f999bf0da
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
vendors~home.module.282f5dc94439f1e88048.js
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/ Frame 3CB9 		161 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/vendors~home.module.282f5dc94439f1e88048.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7085876658711907626?lang=en-US&referrer=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-142.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
19e6949ea062c02e8b0bb94ef12e1ddf60f60f41fa133fabbdbde647a468ded9

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
167e1b
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
LisF39Pc3eTpesceTQ/9pw==
x-cache
TCP_MEM_HIT from a2-18-78-142.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
STANDARD
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
x-tos-request-id
b2d080defd51142b62defd51-abd2e42
x-tos-response-time
Mon, 25 Jul 2022 20:30:09 GMT
last-modified
Mon, 25 Jul 2022 20:02:41 GMT
server
nginx
etag
"2e2b05dfd3dcdde4e97ac71e4d0ffda7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=2324556
access-control-allow-credentials
false
x-tt-trace-host
014f6d9399ca8e41cc130977e74eef306b5f89267dc29a24a5a299c2ef60f35091c3a47cca567dabfe570c8fc1ce206aad3716c04437833145a7a1dbab2ae94cca3ad4183d233322446b218014a9fd690e955ed6cd4da784f56658c78540d67d9aca09c3cda29f4d26f4422ef63406e0c1
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
home.module.41de904f804a1f9687f9.js
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/ Frame 3CB9 		85 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/home.module.41de904f804a1f9687f9.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7085876658711907626?lang=en-US&referrer=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-142.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
67f23c1e9b00ea763eaa0b54ec1c368a0cccc5288e97ebf451888ff802ed07a1

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
167e19
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
nZsp4oQ0U/lhVcv/OkoLxw==
x-cache
TCP_MEM_HIT from a2-18-78-142.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
STANDARD
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
22555
x-tos-request-id
2726f0defd517b3e62defd51-abd4b52
x-tos-response-time
Mon, 25 Jul 2022 20:30:09 GMT
last-modified
Mon, 25 Jul 2022 20:02:41 GMT
server
nginx
etag
"9d9b29e2843453f96155cbff3a4a0bc7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=2324607
access-control-allow-credentials
false
x-tt-trace-host
014f6d9399ca8e41cc130977e74eef306b5f89267dc29a24a5a299c2ef60f3509150702be0b4334903ccba70030ebe7a5f4aacc494ca885c705cabc436577e02bda5852973960fff124668d75ea9e110b1ca061f55940b54f01dfc2eeae1531534d0de17345252ac1aeb5d13fec403f08f
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
94ef58882326450eb366d1611c264901.image
p16-sign.tiktokcdn-us.com/tos-useast5-p-0068-tx/7f5acc955be044d7aa5b7e7ce7594f71_1649809225~tplv-dmt-logom:tos-useast5-p-0000-tx/ Frame 3CB9 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign.tiktokcdn-us.com/tos-useast5-p-0068-tx/7f5acc955be044d7aa5b7e7ce7594f71_1649809225~tplv-dmt-logom:tos-useast5-p-0000-tx/94ef58882326450eb366d1611c264901.image?x-expires=1659067200&x-signature=UVQ7fxgODBHGefJLq5eoGyNL8yM%3D
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7085876658711907626?lang=en-US&referrer=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.235.136 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-235-136.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
b46cc45e4a152e5e323da05160d99439fe25580079d8a3eb5c85a32071c0009d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-tt-trace-id
00-207a5f9910622fb2f6a786462e5904d1-207a5f9910622fb2-01
nw-session-id
202204130112120101130060371D0F6153r2p7t41ff
x-powered-by
ImageX
x-cache
TCP_HIT from a23-55-235-132.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=152
x-length
86760
content-length
86760
last-modified
Wed, 13 Apr 2022 01:12:12 GMT
server
nginx
x-tt-logid
202204130112120101130060371D0F6153
x-response-date
Wed, 13 Apr 2022 01:12:12 GMT
content-type
image/jpeg
access-control-allow-origin
*
nw-session-trace
2022-04-13T01:12:12.29114457Z 150
cache-control
max-age=30889723
x-tt-trace-host
01614ef17500e0326a313547bc28457577477d0ba084f57f10d50e504af63d949e7bc131e99eca4c511f6ce052c4548518696350dde3347aaefcfe598ace82b5660ec4944b2c1a8ccb68a0ea633165621a80bfc8f5bc3c8c5f022018d0e463c4f8e6df6f2f88e426daad5f50391f4a5acf2918d26241b6f633a4e536dad1288670
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
795de365eb2d49425812daada1c1b55b09b572032bed00e5f15cb01574671a26

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
via
1.1 google
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
21685b549994ffcd30456fea173ebaa3e5b631e41be63080236b2964d70db754

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
via
1.1 google
arj
demandmedia-d.openx.net/w/1.0/
Redirect Chain
  • https://demandmedia-d.openx.net/w/1.0/arj?auid=539505649&aus=728x90%2C970x250&ju=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campai...
  • https://demandmedia-d.openx.net/w/1.0/arj?cc=1&auid=539505649&aus=728x90%2C970x250&ju=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_c...
231 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://demandmedia-d.openx.net/w/1.0/arj?cc=1&auid=539505649&aus=728x90%2C970x250&ju=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._3xo5tFgv&cache=1659048370201&gdpr_consent=&gdpr=0&us_privacy=
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5c2b45e8e88eb5acc0922ddae23f488d892d3607834805ede14ea56b0e62dc46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.wellandgood.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
215
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 google
server
OXGW/0.0.0
location
https://demandmedia-d.openx.net/w/1.0/arj?cc=1&auid=539505649&aus=728x90%2C970x250&ju=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._3xo5tFgv&cache=1659048370201&gdpr_consent=&gdpr=0&us_privacy=
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v1
btlr.sharethrough.com/t6oivhQt/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=qd5P4JkHy9rMZw26xCAexYVX&bidId=_MTDbrc0c&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1659048370201&secure=true&consent_required=false&consent_string=
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.125.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-125-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.wellandgood.com
date
Thu, 28 Jul 2022 22:46:10 GMT
access-control-allow-credentials
true
vary
Origin
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a969573017474fdfa8ffe1362e50015&pos=hunker_dw_hor-1_970x250&secure=1&us_privacy=
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
85033a69ec6b1d95870dcf59f895dbb9af5ff69fc84f48a4ec0215746b3b1c8b

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a969573017474fdfa8ffe1362e50015&pos=hunker_dw_hor-1_728x90&secure=1&us_privacy=
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
d6188e3561763f4300f2460a7def5b11ab0f64e8fa17fff88a7790fdc6ff7845

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
content-length
62
cdb
bidder.criteo.com/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=125&profileId=154&cb=51943791541
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ 		258 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8737&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&p_screen_res=1600x1200&site_id=164310&zone_id=787220&kw=rp.fastlane&tk_flint=index&rand=0.845997601319757&gdpr=0&gdpr_consent=&alt_size_ids=57
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b60e253dbebb1bca6dad6be45c0b5c1dbb40f15b0a79cbf8b62a0404afd2bef5

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 28 Jul 2022 22:46:10 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.wellandgood.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
258
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		23 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
713202157e2eddb55a2572f047f901179fdb6a3060228861fda1f9cc2ba2b9f3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 28 Jul 2022 22:46:10 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.26; 217.114.218.26; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
91a8e3f5-8350-4718-b729-222c6c0ceb4d
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.wellandgood.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		0
0
cygnus
htlb.casalemedia.com/ 		30 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=346202
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0711e412d82a72d6edcc78cfb50cc49d65203f8db066eec0d1c6691defee3a0

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfX64s0UU%2F7VSNPJTRxwCwlmnNGN5ZtsQzhQHppexPgco8fgYu9ZFCSnQ0GxpSBPD%2F47NmyjGYwMGI5GtaPlFTSxgNIKMhfSSD0wUWI9W8Gv8m5PEHOdHfkwTnkSpabEyg11flL1"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7321263a1e9a693f-FRA
expires
0
pixel;r=370900059;labels=Category-All.healthy_cooking.%2CWellandgood.Category.healthy_cooking.%2CWellandgood.Author.Maki%20Yazawa%2CWellandgood.Partner.non-branded%2C_campaign.branded.Wellandgood.n...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=370900059;labels=Category-All.healthy_cooking.%2CWellandgood.Category.healthy_cooking.%2CWellandgood.Author.Maki%20Yazawa%2CWellandgood.Partner.non-branded%2C_campaign.branded.Wellandgood.non-branded.no-campaign.WEB-traffic%2CWellandgood.pagetype.WEB;source=gtm;rf=0;a=p-4dIM5nVs2rFio;url=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational;uht=2;fpan=1;fpa=P0-812600861-1659048370209;pbc=;ns=0;ce=1;qjs=1;qv=40d1d9f5-20220725143430;cm=;gdpr=0;ref=;d=wellandgood.com;dst=0;et=1659048370209;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.A%20Genius%20Spice%20Jar%20Hack%20to%20Unclog%20It%20*Without*%20Shaking%20%7C%20Well%2BGood%2Cdescription.This%20genius%20TikTok%20trick%20shows%20how%20to%20unclog%20your%20spice%20jar%20in%20seconds%20without%20v%2Curl.https%3A%2F%2Fwww%252Ewellandgood%252Ecom%2Fspice-jar-hack%2F%2Csite_name.Well%2BGood%2Cimage.https%3A%2F%2Fwww%252Ewellandgood%252Ecom%2Fwp-content%2Fuploads%2F2022%2F07%2FStocksy_txp002031316kT300
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
browser.maliva.js
sf16-scmcdn-va.ibytedtos.com/goofy/slardar/fe/sdk/ Frame 3CB9 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-scmcdn-va.ibytedtos.com/goofy/slardar/fe/sdk/browser.maliva.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7085876658711907626?lang=en-US&referrer=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.145 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d8f0da692d5b20c73608a496011b6119e73051f0bb8ccb20408c46f9cff62d06

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
3b6482
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
vary
Accept-Encoding
x-expires-ms
1657988074196
content-md5
vqzazdKkqwz9CHjMnW+RAw==
x-cache
TCP_MEM_HIT from a2-18-78-145.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-bdcdn-cache-status
TCP_MISS
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=110
content-length
19328
x-tos-request-id
a31805d2e3e9cf4b62d2e3e9-abd2e42
x-tos-response-time
Sat, 16 Jul 2022 16:14:33 GMT
last-modified
Tue, 05 Jul 2022 06:51:18 GMT
server
nginx
etag
CPy/yryU4fgCEAE=
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=1531697
access-control-allow-credentials
false
x-tt-trace-host
017413c8c81343750c3550eb80fb15e85729ada1155e29be0456ca6c6d928f9e3eacb57cb8105a782f5de4345dc70e0c01702df32a350b75cf7658295dd11560e304e4fbdaedf082a944f910df0016fd349441a023413e0dc095f1a918d9d79f4c3b31d6a20bd90b74813d8ce44e6d82d8
accept-ranges
bytes
access-control-allow-headers
*
browser.maliva.js
sf16-short-va.bytedapm.com/slardar/fe/sdk-web/ Frame 3CB9 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7085876658711907626?lang=en-US&referrer=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cf288797ec1093660a169b6155571f93eac9be459c73ccb15add2002a25ac4c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
b4a31c3
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
br
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
3u7B5f+CkONMEMFW0hhBgg==
x-cache
TCP_MEM_HIT from a2-16-186-5.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-parent-response-time
613,23.3.89.5
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length
14833
x-tos-request-id
e13576d4d857399862d4d857-abc2167
x-tos-response-time
Mon, 18 Jul 2022 03:49:43 GMT
last-modified
Mon, 18 Jul 2022 03:46:34 GMT
server
nginx
x-tt-trace-id
00-0f6e1bab105e2d334c37580602fb049c-0f6e1bab105e2d33-01
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=300
access-control-allow-credentials
false
x-tt-trace-host
012dcceefbcad8b9364e931ad1e796e1398e874c8a217b28b0bacd8fcbd7161635a2442558b3c5ffbc368ae35e19f2840f421790cc6ecd226c3c84ae2e4c64be11ddea4a83a7cbf54c299169963d0b1022f1110046dcb5ea099321d76ed5dceb74771b1ebc697cf3eaff5f56de05ff888d2e06e8817698e4567ce1d9887b4aa7ce3e1a0d48c7a612f83ec9739d8218b696
timing-allow-origin
*
access-control-allow-headers
*
expires
Thu, 28 Jul 2022 22:51:10 GMT
truncated
/ Frame 1289 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a90032fac3af5ce5b761bcde2e73b3da2d1c396ac475f3acb1a7e7c22e2927a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1659048370252&aid=a-01mt&se=e30&duid=5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b&tna=v2.4.0&pu=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewo...
  • https://rp4.liadm.com/j?dtstmp=1659048370252&aid=a-01mt&se=e30&duid=5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b&tna=v2.4.0&pu=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurew...
48 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1659048370252&aid=a-01mt&se=e30&duid=5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b&tna=v2.4.0&pu=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&ext__pubcid=2b7bd0a2-9454-432d-91a1-9deea9527fc1&wpn=lc-bundle&c=PHRpdGxlPkEgR2VuaXVzIFNwaWNlIEphciBIYWNrIHRvIFVuY2xvZyBJdCAqV2l0aG91dCogU2hha2luZyB8IFdlbGwrR29vZDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlRoaXMgZ2VuaXVzIFRpa1RvayB0cmljayBzaG93cyBob3cgdG8gdW5jbG9nIHlvdXIgc3BpY2UgamFyIGluIHNlY29uZHMgd2l0aG91dCB2aWdvcm91c2x5IHNoYWtpbmcgaXQgd2hhdHNvZXZlci4iPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy53ZWxsYW5kZ29vZC5jb20vc3BpY2UtamFyLWhhY2svIj48aDEgY2xhc3M9InRleHQtaDEtLWFydGljbGUgbXQtMCBtYi1bMjVweF0iPgogICAgICAgIFRoaXMgSXMgdGhlIExhc3QgVGhpbmcgWW91IFNob3VsZCBEbyBXaXRoIGEgQ2xvZ2dlZCBKYXIgb2YgU3BpY2VzICAgICAgPC9oMT4&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojk%3D&n3pc=true
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Server
107.21.19.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-19-116.compute-1.amazonaws.com
Software
/
Resource Hash
c45d5ae50379b451d1bbf397c61515a702e74c8aff8680a946681217894bcf81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:11 GMT
x-pixel-event-id
1c98d8c4-93a1-4ba9-9954-2d96565ebfa8
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
null
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
1fe99d8fc7d6cc25
request-time
1
content-length
48
x-content-type-options
nosniff

Redirect headers

date
Thu, 28 Jul 2022 22:46:10 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
location
https://rp4.liadm.com/j?dtstmp=1659048370252&aid=a-01mt&se=e30&duid=5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b&tna=v2.4.0&pu=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&ext__pubcid=2b7bd0a2-9454-432d-91a1-9deea9527fc1&wpn=lc-bundle&c=PHRpdGxlPkEgR2VuaXVzIFNwaWNlIEphciBIYWNrIHRvIFVuY2xvZyBJdCAqV2l0aG91dCogU2hha2luZyB8IFdlbGwrR29vZDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlRoaXMgZ2VuaXVzIFRpa1RvayB0cmljayBzaG93cyBob3cgdG8gdW5jbG9nIHlvdXIgc3BpY2UgamFyIGluIHNlY29uZHMgd2l0aG91dCB2aWdvcm91c2x5IHNoYWtpbmcgaXQgd2hhdHNvZXZlci4iPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy53ZWxsYW5kZ29vZC5jb20vc3BpY2UtamFyLWhhY2svIj48aDEgY2xhc3M9InRleHQtaDEtLWFydGljbGUgbXQtMCBtYi1bMjVweF0iPgogICAgICAgIFRoaXMgSXMgdGhlIExhc3QgVGhpbmcgWW91IFNob3VsZCBEbyBXaXRoIGEgQ2xvZ2dlZCBKYXIgb2YgU3BpY2VzICAgICAgPC9oMT4&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojk%3D&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://www.wellandgood.com
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
96a93282a234f014
request-time
0
content-length
0
x-content-type-options
nosniff
/
v19-web-newkey.tiktokcdn.com/88081651b19951b31673fe2149ae769d/62e36619/video/tos/maliva/tos-maliva-ve-0068c799-us/02273bd02dd8474f88c179c747ef64c6/ Frame 3CB9 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://v19-web-newkey.tiktokcdn.com/88081651b19951b31673fe2149ae769d/62e36619/video/tos/maliva/tos-maliva-ve-0068c799-us/02273bd02dd8474f88c179c747ef64c6/?a=1988&ch=0&cr=0&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C0&cv=1&br=2248&bt=1124&btag=80000&cs=0&ds=3&ft=lcLrKHJ9Myq8ZKwB5we2Nyz3yl7Gb&mime_type=video_mp4&qs=0&rc=ZDZkPGU8M2g0OzY5OzhmNUBpamppNDQ6ZjY0PDMzZzczNEBjNC1iMWBgNTMxNTYxYV8yYSNncF9ncjRnYl9gLS1kMS9zcw%3D%3D&l=20220728224609010191041019235873E0
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7085876658711907626?lang=en-US&referrer=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.113 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5409a40f13947aad7a649655c874dda059224524f48475e9afea434782dfdee3

Request headers

Referer
https://www.tiktok.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 28 Jul 2022 22:46:10 GMT
Via
http/1.1 ats-prod-19 (va2 [cMsSfW]), 1.1 varnish, 1.1 varnish
x-tt-trace-tag
id=19;cdn-cache=hit;type=static
Age
211444
X-Cache
TCP_MISS, HIT, HIT
Content-Range
bytes 0-1165935/1165936
X-Cache-Hits
1, 0
server-timing
inner; dur=112, cdn-cache;desc=hit, edge;dur=1
Content-Length
1165936
X-Served-By
cache-iad-kiad7000109-IAD, cache-vie6362-VIE
X-Storagegw-Request-Id
2022072612020601018905003933C74F3F
Accept-Ranges
bytes
Last-Modified
Tue, 19 Apr 2022 13:59:55 GMT
Cache-Control
max-age=15552000
X-Timer
S1659048370.355600,VS0,VE1
content-type
video/mp4
Access-Control-Allow-Origin
*
X-Storagegw-Response-Time
Tue, 26 Jul 2022 12:02:06 GMT
Connection
keep-alive
x-tt-trace-host
01a9ddb17325c97ffad75650b892cda3073549c48a2d6b3ed9b8dd29a507636c98f6b4d91b9b3a14d1266281a4ed96f0afd2b7321b9be3d0ba7c7d15ec23b332ce027d622e85c2673a99ffc31e96d6cfffcc117e26a444fa2dc9e3bb2275f9ac3deed50fd286c0a26713d3f8790287484af166330681aa182e0888a043fcda6a6b749887a842d4bcd7864ed80668ecbf42
x-response-cache
edge_hit
BD-Request-Id
e5b619f3ff2cea39ed74df0a91340b69
Expires
Sun, 22 Jan 2023 12:02:06 GMT
/
v19-web-newkey.tiktokcdn.com/88081651b19951b31673fe2149ae769d/62e36619/video/tos/maliva/tos-maliva-ve-0068c799-us/02273bd02dd8474f88c179c747ef64c6/ Frame 3CB9 		53 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://v19-web-newkey.tiktokcdn.com/88081651b19951b31673fe2149ae769d/62e36619/video/tos/maliva/tos-maliva-ve-0068c799-us/02273bd02dd8474f88c179c747ef64c6/?a=1988&ch=0&cr=0&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C0&cv=1&br=2248&bt=1124&btag=80000&cs=0&ds=3&ft=lcLrKHJ9Myq8ZKwB5we2Nyz3yl7Gb&mime_type=video_mp4&qs=0&rc=ZDZkPGU8M2g0OzY5OzhmNUBpamppNDQ6ZjY0PDMzZzczNEBjNC1iMWBgNTMxNTYxYV8yYSNncF9ncjRnYl9gLS1kMS9zcw%3D%3D&l=20220728224609010191041019235873E0
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7085876658711907626?lang=en-US&referrer=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.113 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.tiktok.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 28 Jul 2022 22:46:10 GMT
Via
http/1.1 ats-prod-19 (va2 [cMsSfW]), 1.1 varnish, 1.1 varnish
x-tt-trace-tag
id=19;cdn-cache=hit;type=static
Age
211444
X-Cache
TCP_MISS, HIT, HIT
Content-Range
bytes 0-1165935/1165936
X-Cache-Hits
1, 0
server-timing
inner; dur=112, cdn-cache;desc=hit, edge;dur=0
Content-Length
1165936
X-Served-By
cache-iad-kiad7000109-IAD, cache-vie6365-VIE
X-Storagegw-Request-Id
2022072612020601018905003933C74F3F
Accept-Ranges
bytes
Last-Modified
Tue, 19 Apr 2022 13:59:55 GMT
Cache-Control
max-age=15552000
X-Timer
S1659048370.355834,VS0,VE0
content-type
video/mp4
Access-Control-Allow-Origin
*
X-Storagegw-Response-Time
Tue, 26 Jul 2022 12:02:06 GMT
Connection
keep-alive
x-tt-trace-host
01a9ddb17325c97ffad75650b892cda3073549c48a2d6b3ed9b8dd29a507636c98f6b4d91b9b3a14d1266281a4ed96f0afd2b7321b9be3d0ba7c7d15ec23b332ce027d622e85c2673a99ffc31e96d6cfffcc117e26a444fa2dc9e3bb2275f9ac3deed50fd286c0a26713d3f8790287484af166330681aa182e0888a043fcda6a6b749887a842d4bcd7864ed80668ecbf42
x-response-cache
edge_hit
BD-Request-Id
e5b619f3ff2cea39ed74df0a91340b69
Expires
Sun, 22 Jan 2023 12:02:06 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.4.0/ 		324 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.4.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d165f84e466f4d1c4e4840e7bddf5e6e0114e114cf2c555078c40719498430dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OXmd51EQ9oHx+DG8SQeJEg==
age
8678
vary
Accept-Encoding
content-length
68972
x-ms-lease-status
unlocked
last-modified
Thu, 13 Aug 2020 04:48:11 GMT
server
cloudflare
etag
0x8D83F44153EEB2B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
625fc948-a01e-0132-01cf-11c663000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7321263a4f3692a2-FRA
segment
api.permutive.com/adv/v2/ 		14 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
sca.17.5.12.js
static.adsafeprotected.com/ Frame FBFA 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
6358297
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
hVIFfBty1KyH8O7isY-eQcCvqrndOVra8Ihapdwx7YFM_jD1al-1vg==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928482&campId=1x3&pubId=4591704940&chanId=22073381215&placementId=5480519500&pubCreative=138386656614&pubOrder=2346107983&cb=1321063359&custom=article&custom2=good_food,healthy_cooking&adsafe_par&impId=12b3b06f-0ec7-11ed-a9e8-064a9e4ec701&custom3=purewow&adsafe_url=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.wellandgood.com%2F&adsafe_type=f&adsafe_jsinfo=,id:e5f29576-c682-5e50-ed7c-7172a7a46eb5,c:jHLgiC,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-885bc694d-66nbq,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.621.1.3,am:i,cc:0.621.1.3,piv:100,obst:0,th:0,reas:,mu:10000,br:c,an:n,oam:0,scm:publ1.grpm1,mtim:152,mot:0,app:0,maw:0,fm:tcVnT1V+11%7C12%7C13%7C14*.928482%7C141%7C15%7C16%7C17%7C18%7C19,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:176,oid:130f16f2-0ec7-11ed-bb17-429aef8f6df4,v:19.8.335,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-167-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
104860X1561639.js
m.skimresources.com/widget/code/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.skimresources.com/widget/code/104860X1561639.js
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/104860X1561639.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-35.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76ed669f2cd1ffb34e33115fcdace186497ede69afb730e4e0cf9c56f716bac0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
tNC2qKhZaxj7d6p8PNFHwI1nxyn4bNr_
content-encoding
gzip
last-modified
Mon, 16 Aug 2021 08:37:09 GMT
server
AmazonS3
age
2815
etag
W/"495c20f39658223d95ce4c8c16949cd4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Thu, 28 Jul 2022 22:01:24 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
9jC9AMTXgSpCHokasQR0djwnitplNAeP16bNwKgHMrQZVcihKtakMQ==
page
t.skimresources.com/api/v2/ 		22 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
events
bidder.criteo.com/csm/ 		0
220 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
events
bidder.criteo.com/csm/ 		0
220 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 28 Jul 2022 22:46:09 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928482&asId=e5f29576-c682-5e50-ed7c-7172a7a46eb5&tv=%7Bc:jHLgjh,pingTime:0,time:216,type:pf,im:%7BpBlk:193%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:3,t:175%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:216,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:175,wc:0.0.1600.1200,ac:0.621.1.3,am:i,cc:0.621.1.3,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B61~100%5D,as:%5B61~1.3%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tcVnT1V+11%7C12%7C13%7C14*.928482%7C141%7C15%7C16%7C17%7C18%7C19,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6252:7b4f:105f:a05f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928482&asId=e5f29576-c682-5e50-ed7c-7172a7a46eb5&tv=%7Bc:jHLgju,pingTime:-2,time:229,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:245,beZ:246,mfA:397,cmA:398,inA:399,inZ:403,prA:403,prZ:408,si:421,poA:421,bl:438,poZ:438,cmZ:438,mfZ:438,loA:462,loZ:465,ltA:474,ltZ:474,mdA:246,mdZ:354%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:3,t:175%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:229,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:175,wc:0.0.1600.1200,ac:0.621.1.3,am:i,cc:0.621.1.3,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B74~100%5D,as:%5B74~1.3%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tcVnT1V+11%7C12%7C13%7C14*.928482%7C141%7C15%7C16%7C17%7C18%7C19,idMap:14*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/6117/wellgood/emailslider1-1_0,google_ads_iframe_/6117/wellgood/emailslider1-1_0__container__,emailslider1-1%5D,sinceFw:53,readyFired:true%7D&br=c
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6252:7b4f:105f:a05f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
en.json
cdn.cookielaw.org/consent/966db0da-7941-4068-91c4-0caec98fd691/338b731a-cb25-4a75-9d5a-af476ae6cd28/ 		80 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/966db0da-7941-4068-91c4-0caec98fd691/338b731a-cb25-4a75-9d5a-af476ae6cd28/en.json
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c793a9121a8a6862bf2895573474174c9ed70e2e7ebd2be1f15ed04f1ba00dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
EO9pL4eoKf6iBwSSGAl3ZA==
age
2354
vary
Accept-Encoding
content-length
17101
x-ms-lease-status
unlocked
last-modified
Wed, 12 Aug 2020 20:34:39 GMT
server
cloudflare
etag
0x8D83EFF23049943
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5b7bedf6-001e-0152-05e9-108341000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7321263afa959a15-FRA
expires
Fri, 29 Jul 2022 02:46:10 GMT
segment
api.permutive.com/adv/v2/ 		14 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=false&k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
session.gif
events.release.narrativ.com/api/v0/ 		0
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.release.narrativ.com/api/v0/session.gif?uid_bam=1781389623484259232
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.183.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-183-121.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
x-bam-build-version
3cc9cdf6453c90dae2fb825003656c66dcb3afc7
date
Thu, 28 Jul 2022 22:46:10 GMT
server
nginx/1.22.0
x-robots-tag
none
x-bam-env
release
strict-transport-security
max-age=63072000; includeSubDomains; preload
usage
api.permutive.com/v2.0/tpd/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/tpd/usage?k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
server
Permutive
vary
Origin
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
via
1.1 google
browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.144 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-origin
https://www.tiktok.com
access-control-max-age
600
access-control-request-method
POST,GET,OPTIONS
cache-control
public, max-age=600
content-encoding
gzip
content-length
379
content-type
application/json; charset=utf-8
date
Thu, 28 Jul 2022 22:46:10 GMT
server
nginx
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=8 inner; dur=1
upstream-caught
1659048370802879
vary
Accept-Encoding Origin
x-akamai-request-id
251bb3f5.94acc8
x-cache
TCP_MISS from a2-18-78-144.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-cache-remote
TCP_MISS from a23-223-34-29.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-origin-response-time
10,23.223.34.29
x-parent-response-time
103,2.18.78.144
x-tt-logid
2022072822461001019021907800A097D8
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a61c67eb26dac760f4498635010ff9eb37f6517045d229dba6997267252b14a5f7550f275fff367fa33b632592edf67c55ea454f5f1b570162dd241e7a390283e8ce9281a835650ca4d912edb5fdb9a1e4
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame 3CB9 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1
Requested by
Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.144 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
992fc5e3239eb0126bb47e09e0e96325c30c9f8af4518d2c3536df879cf76a4d

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

x-akamai-request-id
1851029c.94ad14
date
Thu, 28 Jul 2022 22:46:10 GMT
access-control-request-method
POST,GET,OPTIONS
vary
Accept-Encoding, Origin
upstream-caught
1659048370941301
x-cache
TCP_MISS from a2-18-78-144.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-parent-response-time
114,2.18.78.144
server-timing
cdn-cache; desc=MISS, edge; dur=102, origin; dur=12, inner; dur=0
content-encoding
gzip
content-length
378
server
nginx
x-cache-remote
TCP_MISS from a23-223-34-40.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-logid
202207282246100102230731370E9DBE9A
access-control-max-age
600
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tiktok.com
cache-control
public, max-age=600
x-origin-response-time
12,23.223.34.40
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a61c67eb26dac760f4498635010ff9eb378d33a4b4b93aed7b5b7044becf99746a9b9d1e0707260285633a827bbed6acd881f072f381c039517a996f64994930ac78bcb7065933f289550e82770d578ef6
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/6.4.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.4.0/assets/otCenterRounded.json
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4002d856e575601b351be144c9d7e4e6977286644fede72a7de1638844722aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Tu8YiIaOgix+MxFaJm0r8g==
age
2927
vary
Accept-Encoding
content-length
2778
x-ms-lease-status
unlocked
last-modified
Thu, 13 Aug 2020 04:48:04 GMT
server
cloudflare
etag
0x8D83F4410FE7D03
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6fa2df93-c01e-0166-7300-022ce9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7321263b7b179a15-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.4.0/assets/ 		61 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.4.0/assets/otPcCenter.json
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ks8d5YTomxp0YggJVomz8A==
age
24453409
vary
Accept-Encoding
content-length
14901
x-ms-lease-status
unlocked
last-modified
Thu, 13 Aug 2020 04:48:04 GMT
server
cloudflare
etag
0x8D83F4410E34EE2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
8d2fd4e3-701e-0112-026c-c4aaaf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7321263b7b189a15-FRA
pd
eu-u.openx.net/w/1.0/ Frame C651 		668 B
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183706-49930413793406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4ca3273a9158ab3c3f53c39e73e1c632cf81ab6c3922a38bcbe7ed4f36d4d325

Request headers

Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
421
content-type
text/html
date
Thu, 28 Jul 2022 22:46:10 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
eu-u.openx.net/w/1.0/ Frame 31F3 		668 B
720 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183706-49930413793406.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4ca3273a9158ab3c3f53c39e73e1c632cf81ab6c3922a38bcbe7ed4f36d4d325

Request headers

Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
421
content-type
text/html
date
Thu, 28 Jul 2022 22:46:10 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usage
api.permutive.com/v2.0/tpd/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/tpd/usage?k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
server
Permutive
vary
Origin
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
via
1.1 google
sdk_setting
mon-va.byteoversea.com/slardar/ Frame 3CB9 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/slardar/sdk_setting?bid=tiktok_web_embed
Requested by
Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.144 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8adac6241184a9d876bba7e9dce27b03ff7820df837a3b20526e192176cb72bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
208e1f41.94acc9
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-223-34-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
upstream-caught
1659048370806291
x-cache
TCP_MISS from a2-18-78-144.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-parent-response-time
113,2.18.78.144
server-timing
cdn-cache; desc=MISS, edge; dur=98, origin; dur=15, inner; dur=5
content-length
721
server
nginx
x-tt-logid
20220728224610010192049141159C43F3
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tiktok.com
x-origin-response-time
15,23.223.34.13
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a61c67eb26dac760f4498635010ff9eb37a6a4603359c9f29654dd6a03a3d52e5b95dbd6c4520f0137f8df60db075f0fbd9cb1fc1492d016d5ad59ffd3798f68c1a4f946ea0c94e9b620e174357f5aa262
access-control-allow-credentials
true
webid
mcs-va.tiktok.com/v1/user/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs-va.tiktok.com/v1/user/webid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin
https://www.tiktok.com
Access-Control-Max-Age
1800
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Thu, 28 Jul 2022 22:46:10 GMT
Expires
Thu, 28 Jul 2022 22:46:10 GMT
Pragma
no-cache
Server
nginx
Server-Timing
inner; dur=3 cdn-cache; desc=MISS, edge; dur=1, origin; dur=89
X-Akamai-Request-ID
1f9c4b77
X-Cache
TCP_MISS from a23-36-160-80.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
X-Origin-Response-Time
89,23.36.160.80
X-Tt-Logid
2022072822461001018909102114C63DED
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a68fd45789576fbe565da786dacde60efe94311dd4483ce29298f5a224edb4d6518b4a0f9768c6ebfe637f3f2cab20ec000e963b3afc22db47c0b74c099256b2e8
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
webid
mcs-va.tiktok.com/v1/user/ Frame 3CB9 		58 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs-va.tiktok.com/v1/user/webid
Requested by
Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
641885d8631d8b5f664fe4f215e71d09d1bd130db8193fd7635491b4d729799d

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

X-Akamai-Request-ID
e81db0a2.1f9c4b91
Date
Thu, 28 Jul 2022 22:46:11 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
X-Cache
TCP_MISS from a23-36-160-80.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
X-Parent-Response-Time
97,23.36.160.80
Server-Timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=8, inner; dur=6
Content-Length
58
Cache-Control
max-age=0, no-cache, no-store
Server
nginx
Pragma
no-cache
X-Cache-Remote
TCP_MISS from a104-78-78-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
X-Tt-Logid
2022072822461001019205113021CD0DC8
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, PUT, POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.tiktok.com
Connection
keep-alive
X-Origin-Response-Time
9,104.78.78.4
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a6b3feecf58ff0056ca6f94e01c3a01263cdd8543fe7bcec882cfbc6606eda65a4da477cbebec63cedc1e8e172bb40726142e90bb54c2b54f4a93fca5b04e5d7c66d97ab4f9435e62ef5abab0c54b1d03e
Access-Control-Allow-Credentials
true
Expires
Thu, 28 Jul 2022 22:46:11 GMT
otTCF.js
cdn.cookielaw.org/scripttemplates/6.4.0/ 		77 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.4.0/otTCF.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.4.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23b0e020be2d75338ac646ce3260b5dc427a1b2827f05f4d6da94b6e4bc1c017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
avjJfHkcET8BwXxpOOqT6A==
age
3417
vary
Accept-Encoding
content-length
14653
x-ms-lease-status
unlocked
last-modified
Thu, 13 Aug 2020 04:48:10 GMT
server
cloudflare
etag
0x8D83F441468AF0E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d1faf3da-201e-010a-04cf-11873a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7321263c185892a2-FRA
/
events.release.narrativ.com/api/v0/publishers/1221/impressions/page_impression/ 		2 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.release.narrativ.com/api/v0/publishers/1221/impressions/page_impression/?uid_bam=1781389623484259232
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.183.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-183-121.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
{"uid_bam":"1781389623484259232","BAMX_Opt_Out":""}
Referer
https://www.wellandgood.com/
X-Howl-Pixel-Version
wellandgood
X-BAM-Params
{"uid_bam":"1781389623484259232","BAMX_Opt_Out":""}
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

x-bam-build-version
3cc9cdf6453c90dae2fb825003656c66dcb3afc7
date
Thu, 28 Jul 2022 22:46:10 GMT
server
nginx/1.22.0
x-bam-env
release
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.wellandgood.com
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-robots-tag
none
content-length
2
/
events.release.narrativ.com/api/v0/publishers/1221/impressions/page_impression/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.release.narrativ.com/api/v0/publishers/1221/impressions/page_impression/?uid_bam=1781389623484259232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.183.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-183-121.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
accept,content-type,x-bam-params,x-howl-pixel-version
Access-Control-Request-Method
POST
Origin
https://www.wellandgood.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
accept, content-type, x-bam-params, x-howl-pixel-version
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://www.wellandgood.com
allow
OPTIONS, POST
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 28 Jul 2022 22:46:10 GMT
server
nginx/1.22.0
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
x-bam-build-version
3cc9cdf6453c90dae2fb825003656c66dcb3afc7
x-bam-env
release
x-robots-tag
none
sd
eu-u.openx.net/w/1.0/ Frame C651
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fe6e62e3-11b3-4f00-bc3f-e869d72b62ca
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fe6e62e3-11b3-4f00-bc3f-e869d72b62ca
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 28 Jul 2022 22:46:11 GMT
Server
MT3 4475 c1dc35a master nrt-pixel-x15 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fe6e62e3-11b3-4f00-bc3f-e869d72b62ca
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 28 Jul 2022 22:46:10 GMT
sd
us-u.openx.net/w/1.0/ Frame C651
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=uQMPxb4ACMSiBF3BvQVHwb8HC8OiBl2Q7lIh97AA
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=uQMPxb4ACMSiBF3BvQVHwb8HC8OiBl2Q7lIh97AA
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=uQMPxb4ACMSiBF3BvQVHwb8HC8OiBl2Q7lIh97AA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame C651
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3678105027151190802
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3678105027151190802
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3678105027151190802
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame C651 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=c6589523-1de7-3d89-5b9f-4c9b1691c097&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C651 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWEzNzQ2ZTktZDQ5MC02MzJkLTRlN2YtMTYyMmRjNzMwZWY3
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C651
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEQ7R8oU-Rl-HQYSpLT4KZE&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEQ7R8oU-Rl-HQYSpLT4KZE&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEQ7R8oU-Rl-HQYSpLT4KZE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 31F3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2f8662e3-11b3-4b00-b6b2-eb54679f5733
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2f8662e3-11b3-4b00-b6b2-eb54679f5733
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 28 Jul 2022 22:46:11 GMT
Server
MT3 4475 c1dc35a master nrt-pixel-x2 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2f8662e3-11b3-4b00-b6b2-eb54679f5733
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 28 Jul 2022 22:46:10 GMT
sd
us-u.openx.net/w/1.0/ Frame 31F3
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=uQMPxb4ACMSiBF3BvQVHwb8HC8OiBl2Q7lIh97AA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=uQMPxb4ACMSiBF3BvQVHwb8HC8OiBl2Q7lIh97AA
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=uQMPxb4ACMSiBF3BvQVHwb8HC8OiBl2Q7lIh97AA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 31F3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8026249967148130779
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8026249967148130779
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8026249967148130779
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 31F3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=c6589523-1de7-3d89-5b9f-4c9b1691c097&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 31F3 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWEzNzQ2ZTktZDQ5MC02MzJkLTRlN2YtMTYyMmRjNzMwZWY3
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 31F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEQ7R8oU-Rl-HQYSpLT4KZE&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEQ7R8oU-Rl-HQYSpLT4KZE&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=580a6f60-86e2-4595-a0c0-ad5aca08360e&gdpr=0&gdpr_consent=&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEQ7R8oU-Rl-HQYSpLT4KZE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/ 		326 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d66b4370c15f415951a8572980b216ebec4308d6de3c51f0f289f5a13e01426
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
uCoZFg2/5Pu1JDx/zLTXiA==
age
6690
vary
Accept-Encoding
content-length
47337
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jul 2022 18:16:56 GMT
server
cloudflare
etag
0x8DA70C55AD9929D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7d9f2190-001e-017b-30af-a2f503000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7321263c7bef9a15-FRA
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928482&asId=e5f29576-c682-5e50-ed7c-7172a7a46eb5&tv=%7Bc:jHLgny,time:481,type:e,im:%7BpWait:24%7D,env:%7Bar:e5f29576-c682-5e50-ed7c-7172a7a46eb5.3%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:481,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:175,wc:0.0.1600.1200,ac:0.621.1.3,am:i,cc:0.621.1.3,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B326~100%5D,as:%5B326~1.3%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tcVnT1V+11%7C12%7C13%7C14*.928482%7C141%7C15%7C16%7C17%7C18%7C19,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6252:7b4f:105f:a05f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
container.html
eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5D3B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js?cb=31068698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:09 GMT
expires
Fri, 28 Jul 2023 22:46:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A8B3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js?cb=31068698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:09 GMT
expires
Fri, 28 Jul 2023 22:46:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FFD1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js?cb=31068698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:09 GMT
expires
Fri, 28 Jul 2023 22:46:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
l
use.typekit.net/af/294d74/00000000000000000001210a/27/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/294d74/00000000000000000001210a/27/l?fvd=n6&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4841 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ad58112939029f0882fe1ab489370b7233ab955e606a967a5c26e49f9770e324

Request headers

Referer
https://www.wellandgood.com/
Origin
https://www.wellandgood.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
server
nginx
etag
"cdfed53411b845948f1d5f638218c920a19feb0f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26180
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928482&asId=e5f29576-c682-5e50-ed7c-7172a7a46eb5&tv=%7Bc:jHLgr3,pingTime:-10,time:698,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuMTM0IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1659048370853%7C%7Cf10081d70e94f472fc5c2432e64d3925%7C%7Cdf92c9cff360bda3eafa3e94d6152ec7%7C%7C70fc6fd1c82e984fc6f2ac1b740e3cba%7C%7Cd114e31f3dada8b575142edc931704fc%7C%7C6972874b0c50d727fa8ca1ba26c7b76b%7C%7Caf0bfa6bce0c45b9c13be29d4c28deec%7C%7Cd388c6957a6367033f8707adb2fdb889%7C%7C1629390669,env:%7Bgcd2:%7Bappl:1,cnst:na%7D%7D%7D
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6252:7b4f:105f:a05f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8E06 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKm1AIQlZHVAhjkyK7OATAB&v=APEucNXf4dCMmLrIumf76_-NF3VbfNIo1su8KxP9XnnsZaxq6HfgI6d33Vtmh-zr0GuazNpSG9_omrpj586qlCylaXO_VGlksA
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/ Frame 5D3B 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/abg_lite_fy2021.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c44b7ac3b0fb4895714ee8a35ed0a452b849df7759ee470ed8a7455ed15270f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 21:37:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9504
x-xss-protection
0
server
cafe
etag
17733382080043146658
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Aug 2022 21:37:02 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/elements/html/ Frame 5D3B 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:11:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2058
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2628
x-xss-protection
0
server
cafe
etag
1103433747108554897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Aug 2022 22:11:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5D3B 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuwP58red3wJd0yihyE6EzZfsDA9V7P8kHUCSKRkU7SD2r1QLDvN3aOz-BM-MTulnjaJ56TBrxVdqqMKM0xvj65Rqj8r7DqFeuodyUBAdtF_BGeOtzqY7HJRA8Ux92aCVRRrVkUYtxB44qs4QY4Qz0e0fJS2rAxendOv-037bF9sZ9JV-58_L4UfCVG9H-QQaWn6TkAcbKmVm0CiV-UcB3BzfETxXEgFyfCYX3HrWjlJKjYjs-_dmWDsFHfVxAdLbbngDyyinXuigK0V3U7Uih7o7zvLzhCyHRmG8KB8rJRdJ6uzH_3rZXFm4nnz8_TA2spb-cO6IW9KZBVqVyCJPvWAJm5H1AwkA95aZ0iAbkGWGfoakOX5p9u-MtHUJ0xcbbxn07w7-EeLSbCS4XJuBu3g9Ocz7PVHmug2YxIcGT5H6Om2mZj1-bcEp0Y76fqYls1YJgi3c4JHJnF3Pi25mhHMr7SisQBsa8Bb3CwdyYXlji_zP0QoPCY-t3ZCzNFW3jMdSd0OBX7-RwycMc_Hw4TL6r0WLFuUs-lClKz4FYCVxd1Z-2fIdnzmVp7i0QMeJMdGfXeQFOP0F5GSG65ZtUT5a1k6CuNBgWR0qzOKFFeCABBXFq6T-v9O4fDla3QW2kHh05O9SpU--LmBFhUDfLwnmB95KraGhlTaHSONvFGASjiX2SPhPjNWrSf5k_MNosNbov4cHULD_Krx-ms3ExIMWPz_ON182KaaJtiZypTaQDpusG004-VAHcHd8GZsqF74BNg1dzRMdVRCZaoIzI2M52lJk_IKbfZPUidpoRj4AsKTTtNAeBrSEE0-pBiyKJlrMrl3pCB9P_ywPc8wo6nTE2Wg-T9_1U9tf3OlIA47rsrgVfATIOgB2ZhbOUgMp7GA_3Qi-vLEYTYliLR7awgY4a0Uvh1vZmq3lpvaKutg2oYKluACBj3h-WgTig67uap56OhHBGGSLN1lYQL-0gbR643tkCruzBTtZL7CKC_OwMvzxbwMJYQcJcVEaaw2wup8q9n2L1-u48H5o5vgQjX7cbbLLnBJTx30MkcYpZpXi2mTvXSqTH2KEk-wvq8KK5rtF1D7TGnNZimyH-oWhyd5rg_yBb8eBi1SILYURvT7C_TeYLcyLdRLM-2OxwvixeJMpq4C9FkWZY1y_qaWJLLJ2ktyhJU90BqDB3uh6UUQhRF9umYNA-1VnWt2QpzfNkGX5zfGaLmXfM&sai=AMfl-YTndgbqFmBIUqsr4KUqfFeDz_erk-l4CjuIV5KRbqnPvBcLayP1Iclsx_WmT0pflq2Uk_DNNDl4V4H4zHL-EL8YBBQCk8Ck7WMPHlF8aUk8e-RfcW5WwHLtFL5d7sqeNHcMoFzhV0vqrA2AnRyfa50Fh-QF_GDz7yXV-BB1G2o80u095zEUgqeVMLdMlhAZGJ10kwSy4Oc-jPuuM4fYnNQ2jmEpFAECDKl1728EYvJXziw0kqUHpwPl5EFzMpbYVWb9Shdr1mdlQ2L7r13TrQaoV7tCC9Kg5ONc4ncP3ILN&sig=Cg0ArKJSzKYmahCTQOI2EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220727.06593&adurl=
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 28 Jul 2022 22:46:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5D3B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 09:42:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jul 2023 09:42:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D3B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A0MX149cdsJcVnfhMtXA_TsQgQ7P2vHgOw3EhNsmSquLl1t2iUQ6vcObb1a1XEWX1-sj3OxXdudkFBz6eGtrr2f4aGQQ-_fndnc6IfN8_0ajJhZrs
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 5D3B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Aug 2022 22:27:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 5D3B 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1628
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Aug 2022 22:19:02 GMT
l
www.google.com/ads/measurement/ Frame 5D3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgm6AGFXxizKxR-JJTfoU77Uhxqt77MqqT8Wc31JTAITyCZGA0MX4wYmXAL_HyolU02ZmC
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5D3B 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43522
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658922152796835"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 22:46:10 GMT
4941100262478566050
s0.2mdn.net/simgad/ Frame 5D3B 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4941100262478566050
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21c941a3087386fbe29bc1716dd441b303369ba2d5707656a6548ddf0af59940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 16:59:19 GMT
x-content-type-options
nosniff
age
107211
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87320
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 14:37:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jul 2023 16:59:19 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 18C4 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhiSkfPFATAB&v=APEucNW3fezdMDQYJrZSf7bFCuCg9zmyLoW0OTTz8ZBRf-7ulaUywySJCT3ATEd2VN-qnQqLklojXgJ74QfeLGuVL57VYlW4fw
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/ Frame A8B3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/abg_lite_fy2021.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c44b7ac3b0fb4895714ee8a35ed0a452b849df7759ee470ed8a7455ed15270f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 21:37:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9504
x-xss-protection
0
server
cafe
etag
17733382080043146658
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Aug 2022 21:37:02 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/elements/html/ Frame A8B3 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:11:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2058
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2628
x-xss-protection
0
server
cafe
etag
1103433747108554897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Aug 2022 22:11:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A8B3 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6dSh5-zk1dkNN-ztXzUJNZ9wGYxKa2f1Q6UKxMvo5EYyuGG_rDhcqNcilJ6XNxfxfFFq2LVQtxlG3rhnMUxt5h1jaHZN_ku9Grc6k7kN6Rnavf55axn138ptu6bS7GuBax7KMQu0IQqiSZ_rbs-s7-QADTaln5_lksGAkG0uYsjNloKI4t5ZAIqlPHDzQA51rMbVjSpdW44HzoFQ12UAFYRv6KLSrC4wtt66JNgQBkhNdhztIwnKn8kQ7DjeAQepHMKCe7xm0TK2uiKX361ilnV7YyGHdfM_ys8tca9-V4Q2fnIfIhkEDZMrw_tu1RejKgeN6fkalKuqHn3h8JJ3_NHFmpftul5XBE4jpG4bSWPC2RPOtL71byK78Z3hx0NIXtFWacYaGQaOny8irhe07c6qewJanDYXfuTrlDtD2Q2FYYY4rhco7EukGKogpBIbiYrq5Me0W1tBT2s64LtYtPWMysOfFuzCwXaiKel0h3kD70_8WtaQd0Azn-95AJVIO0EPaZGdGQOZAbgaeD5ctBdolaIjaCOjJTLb5htzKJm-d53GTEaV1WLCCqx8XTLOBwvjaWUUSW8fH8b8qgOaf0aTl52L1msoX55eGXv9Aw1D6Vltf3w07_gd_n_DzxG2-U8RII7m2QeqsNaBUXJJ_h0QPNHcpsCGFuDMLWn31CWGmZnIz_LB3KzVLiu2BW0ZUav8BpjC82kiOSNNNiWutx2LgnyaFaM5YaJy1J9ZR-24gUWGUE7EalNejJSxXr93ZFwUcFfix7af_xJiNmaAU483JEhWmk4RILLoZqXzVeyuCBXAKM76FNY3DNdgrVNEjHCPDR8ekC1p5Ch3OnF33cFKLvMpa3fjbtCF6LJa4dcL8RaQkZiHwdDlFuwE0_WUct3ltW6955QPzQFjnIAr3WUmtd60iXsEOz4PKUgeINh1KVD_ZOvz82dw3QM1i6hgSlnkOuPoGl2wLOSyDt2nNvTvpe1gH1ZyNxYhOZTiHb38TalwlKbdX14O7Y-XLhV4euLs_rKuqwNm-MNjzqrtdhaJpT_KsobAV3ao5I2MfZse0OMWRLco7UDBAklU4LDgtvCC-VgEjrDTy2bSNyFof5NH1lZbe5Swh0XpDqnZYPIvhFcBx2-orTE--9hPDy0_9r6i9oOAz5w4JLWdp86bMLTA8ATL01frpzmmJ2KLnm-quzbO1gif_YUaP&sai=AMfl-YRa2ajK4qZ3PNSskIwaRmnKrf9QQh18HYQTYBLzH--iaL5ObyYrlsgVfi6BdihvXXHKbIDIvR7UoJRhosiCEdyPbUqt1q-OfWM7kmkFIk8i6Be4Jba8f68I46V4jkvQpBPfQG5u_e7avuVbhndSimi3JT6VV0y1zH7WykBCQrnyZ7PZNK8ObpVTMh2kK84oYFjtrADokf6Ymx-khbqoK4HGsXg6E66l1CbVQAjBGUYbWVy3dJso_YXRg8OTSFfxW6Q50-GmDjI6Ehkx3OjgDqj6yQQnuyrv0KG-g2OrXefu&sig=Cg0ArKJSzHSu5FAmNeSdEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220727.45934&adurl=
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 28 Jul 2022 22:46:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A8B3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 09:42:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jul 2023 09:42:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A8B3 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DNOGD11PBGaNF6iFZKDt9BWzexMp5-U3Mk86tzXSRmGG50HvSlk7Jw4r2Ve2YJ2KHjLH_8WvVhPLiamvb-pYhlMvmJgqTEh2BIEdkeIVyS4NlWs1w
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame A8B3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Aug 2022 22:27:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame A8B3 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1628
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Aug 2022 22:19:02 GMT
l
www.google.com/ads/measurement/ Frame A8B3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTaTgTS2StzVL81P4Ah4Ov-UZ_57fQ2exBEXaarhaP63UbD6epjIbfCziEoUw9j1OCKEj7L
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A8B3 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43522
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658922152796835"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 22:46:10 GMT
2544518687422621343
s0.2mdn.net/simgad/ Frame A8B3 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2544518687422621343
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e03964fe5507d5faf9021215910cd365c8b031fb4a72c65dc0d1dafea32492c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 05:25:02 GMT
x-content-type-options
nosniff
age
321668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41628
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:51:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jul 2023 05:25:02 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FC2D 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhiSkfPFATAB&v=APEucNUttb6QLzGGnGHF0kiTT9wa0tVLCPmqLoBqtVMr2cBiuV8h9S-zkt5oA4fWWDowgXJk5Ftv-EOvZjumGJd7um0DWDZrMg
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
2544518687422621343
s0.2mdn.net/simgad/ Frame FFD1 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2544518687422621343
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e03964fe5507d5faf9021215910cd365c8b031fb4a72c65dc0d1dafea32492c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 05:25:02 GMT
x-content-type-options
nosniff
age
321668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41628
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:51:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Jul 2023 05:25:02 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/ Frame FFD1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/abg_lite_fy2021.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c44b7ac3b0fb4895714ee8a35ed0a452b849df7759ee470ed8a7455ed15270f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 21:37:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9504
x-xss-protection
0
server
cafe
etag
17733382080043146658
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Aug 2022 21:37:02 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/elements/html/ Frame FFD1 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220727/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:11:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2058
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2628
x-xss-protection
0
server
cafe
etag
1103433747108554897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Aug 2022 22:11:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FFD1 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxyFIRf-JCUfuEBHYaSqHfK9yuQWiCWfEBjApf9yewlEjc9OZuv3KH5s24Nu4cN5DoAZPMwJY8ZG9Gi8yxLSshRiOQMjidRchmrPMEAxClYlqYisF1_vQhow_Ovfr1bGwyM0fClNIAsbHgjDJKwVLis3rS_hQoPi6akFRLBW_nQr-LeCXVGZOmqPYNJIAoYRDpjbvfMXJqoH1_7v1qC9Ew2kyj2pFKQEcqocRr1o0vy_1nGV0cppRPcOg3kMpepSHDWL88-BephOZaFa8PCPuBoELePyoh76z7SuuTTfFBVPgWd0K56LoSHRyFRXf8JCwsYFDwXQ8ZbL4IMR19Rcl2DNRPuG7QBgfHfsEgXlLvj8n2dZipdo1cbG1fSxwWj9ltxAeBfHIlUHZoAYbOddgsKNt6S1cDw7dw_3ScAA4iPA2voWJr4f6RWnIIjldh66oi-2CL54TcNsjOcypFAjyBsVatl9GFKBSUJc_F6hYvnPP0tUiDelzAyIdIgEplGW_BiXvY4790ffDoCG-63vVC6AwnWzmoApat2cAvcvjt9w5qFBHaAiBblyEFyhl2fyNEDenENZUUns4fB221Vuex1y8B38-cybwS8nlB_nWAchGLiYmPFBM15dAuQO-KGGC6CQD02AtJuxna44-Wi1Ln1F7g0s2_zuO76dLFHrcPpC4ydgkgex0fROXABB-NNw-BFxjbeivq064OyXzNIkjAsYzUSG7soUde8M80ptYZna2PqYZpSE_TCg4dOFqtCwT9hZUje4dWVvXKAY0jmTBbYLdSAjgea9WB0CcevsRHOfjS0B3KTPDX2rZ8gExQYNXAhEKoheg8JedYxH5MOuBA-rxJ5eCSrEHsL-jHPNzo8vicNI-bHzc44B8TyXU5MqbdRnOWA2oXP18opP8Oz6DMZLqGeuQifJ1ETAkRUdKFhKB5KrAOSzd1ztLv5KfXhICKTmWejS-mCmRAWOx834cxMe3jnjQpv7GtALm6koxoG_xrTGVx3zLJmGU7lCCWs0jMBlT0zEA1xSghejuJkrvWMopQ9fCu4PUi2kXiPxTBuAKV7Uya7th1cUc7FESO0ja54rWf8mHo_xKCrgPTRS-v4saHG95EiGnQHpTIronDopkjCXWg4-DMFNoywUloJH88CsxxJ3zlafP3JOhqqm4yPDlQ96htVy5JthreKZbtmbN1MImyCNTaAuyq&sai=AMfl-YS0uWLfvNNtCC20dzs73_hDSF04O0HODueM9uiq9OdqEmJDlhsWcecxMuywOru9aUOKiyZxnertSvLVjuSgWLuYt9vyxw-mJBEfoYX16B0DOUPrj3KHzVk660eaJ4s4-SzOXOiB2TmI9VYHhK6EkVAsRn6Sw8BxcGsjjSdCf7fc4Ev4zNizllVl_4EYH0K0QhqGJCa1rHJXJV9QL8rHE61un246VSoYAiY3Pj4IaDcqU-l2SOzXmj7X8ub2fF_Y6KIST7nFjrDjRGR_w8M3ysD1L6W4RVePRYRRE4O-HYMw&sig=Cg0ArKJSzPiSb9GtkChYEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220727.76541&adurl=
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 28 Jul 2022 22:46:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FFD1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 09:42:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jul 2023 09:42:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FFD1 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ba-NTsg1lE1HIpewOBYhePL-AOviOcCaHx4WA_xnFbbOYRovK0wel1YXGwfj_vWMDnOGguBV7x0lWfD8l7xCm8k7hu9XBihpnwfGKl-9QJKoPQZMk
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame FFD1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Aug 2022 22:27:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame FFD1 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1628
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Aug 2022 22:19:02 GMT
l
www.google.com/ads/measurement/ Frame FFD1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9P1hb2KyiLyPFMRw52ssoybxYbcky4vmTAMYbEODFhP15u7o3TLvEBIP4TI9Bbg-0TUfc
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FFD1 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43522
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658922152796835"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 22:46:10 GMT
monitors.3.7.0.maliva.js
sf16-scmcdn-va.ibytedtos.com/goofy/slardar/fe/sdk/plugins/ Frame 3CB9 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-scmcdn-va.ibytedtos.com/goofy/slardar/fe/sdk/plugins/monitors.3.7.0.maliva.js
Requested by
Host: sf16-scmcdn-va.ibytedtos.com
URL: https://sf16-scmcdn-va.ibytedtos.com/goofy/slardar/fe/sdk/browser.maliva.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.145 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5802e36d8bf3a9f7e45c24f5137220a203818ed3255f6c1e0bd49f48afe35df1

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
3b65dd
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
x-expires-ms
1657872669260
content-md5
SIcGIpSOLRvkvh5oLanx4A==
x-cache
TCP_MEM_HIT from a2-18-78-145.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-bdcdn-cache-status
TCP_HIT
x-parent-response-time
4,23.204.146.61
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
12634
x-tos-request-id
e942c6ca3ae606ed-abf361d
x-tos-response-time
Sun, 10 Jul 2022 02:35:18 GMT
last-modified
Tue, 05 Jul 2022 06:51:18 GMT
server
nginx
etag
CPCoy7yU4fgCEAE=
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=964129
access-control-allow-credentials
false
x-tt-trace-host
013f174820fde118d931504f7adcede78b29667a33f4ac529760fb79ebe9c6788e1f06e33e0f1d389747c4858613d0dd3b53312280fd638aff316ad1509316156aa9a4c9813125db4b4d4e0711bb879291df259e6bf81aae845f0ffb3d750a889f6ade4531629d5bae363a31a3c240a6a092ffe2d95ff7cf721ef6ce8031752ebe
access-control-max-age
86400
accept-ranges
bytes
access-control-allow-headers
*
gzip-server
KFC
sentry.3.7.0.maliva.js
sf16-scmcdn-va.ibytedtos.com/goofy/slardar/fe/sdk/plugins/ Frame 3CB9 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-scmcdn-va.ibytedtos.com/goofy/slardar/fe/sdk/plugins/sentry.3.7.0.maliva.js
Requested by
Host: sf16-scmcdn-va.ibytedtos.com
URL: https://sf16-scmcdn-va.ibytedtos.com/goofy/slardar/fe/sdk/browser.maliva.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.145 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3d2e0bcc9b9a8f6ae25ac83e168e0b76b93de7bc7e12b8b693605e2f22d30ee

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
3b65de
date
Thu, 28 Jul 2022 22:46:10 GMT
content-encoding
gzip
vary
Accept-Encoding
x-expires-ms
1657872564036
content-md5
23e/j6eInPO6WR9BmM0E2A==
x-cache
TCP_MEM_HIT from a2-18-78-145.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length
30964
x-tos-request-id
527fffcfb7bf10b762cfb7bf-abf3f17
x-tos-response-time
Thu, 14 Jul 2022 06:29:20 GMT
last-modified
Tue, 05 Jul 2022 06:51:18 GMT
server
nginx
etag
CKXLy7yU4fgCEAE=
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=1323864
access-control-allow-credentials
false
x-tt-trace-host
0126a3d216aca05667ea78d21d148a763b9c8651e27addbbe281485e722264670546ceaec097fc3996dacd45b617e425bea8dee678e5b0cd557c5aead1c9cd8c0430568d46e8911a803292336381d92cdd566d5a085cad3a9571d1edbf00f8985f62c6d4c35a122c20d5f35d536f00c8b534ed50fa31d0970ddd8323bb8fb8d553
accept-ranges
bytes
access-control-allow-headers
*
gzip-server
KFC
activeview
pagead2.googlesyndication.com/pcs/ Frame B030 		42 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVLc_6aU_4GZPKTI-cWT4oY3elvQV8x2vLX997JGD6H-bNv0_83u28M9OC5LMc9izNnrbeOpWbm2TYhWgLGlnDgxunsnWLc4PlAYdgFZU1PXLQOOVX&sig=Cg0ArKJSzHiw99izlUGwEAE&id=lidar2&mcvt=1010&p=621,0,624,1&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220727&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3468210392&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659048369639&rpt=279&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img-embed-logo-colorful-6e578f33c94fb378e31eb676c51d6ac2.svg
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/images/ Frame 3CB9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/images/img-embed-logo-colorful-6e578f33c94fb378e31eb676c51d6ac2.svg
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-142.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6820dc5a852a390b26eaa791f6f9f9b976fa0ba6c17412089b25946d7d9de99c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
168018
date
Thu, 28 Jul 2022 22:46:11 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
blePM8lPs3jjHrZ2xR1qwg==
x-cache
TCP_MEM_HIT from a2-18-78-142.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
Standard
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
1134
x-tos-request-id
136fa7c82b18fcd3-abd4d68
x-tos-response-time
Fri, 08 Jul 2022 13:03:20 GMT
last-modified
Wed, 06 Jul 2022 00:23:56 GMT
server
nginx
etag
"6e578f33c94fb378e31eb676c51d6ac2"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=828992
access-control-allow-credentials
false
x-tt-trace-host
0183bad3fcee2ec872b4872ee9049ef3a2d284ae2814efa1c9eb857712903167b2f69cc649d0e48011f9c7857da95afbbff9f763fc317c81f647097d90b1869ffc7acc8dbda14ffa93454160ace29e81774c1d897c909cb6f103f777a3d780d9cc7a640404a070b62dd1fd278dfcb16b762dde96af25fd3e8750da8cc25a4427d6892a018e0fc7642ae9fb00297a24bb3181ae32620ae1b198160008b80e34c4e9
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
b61981790607547e2f0bbf36f601fd92~c5_100x100.jpeg
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ Frame 3CB9 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/b61981790607547e2f0bbf36f601fd92~c5_100x100.jpeg?x-expires=1659218400&x-signature=pmumj8l78gBxLRvaVWfbTBxLqGU%3D
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
329a1b12f194f01c9648d132014e0a9089e43accd7e70817532727b4f9687aa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
20d35946.14b4a135
date
Thu, 28 Jul 2022 22:46:11 GMT
x-crop-loc
(0,0)-(634,634)
x-tt-trace-tag
id=16;cdn-cache=miss;type=static
nw-session-id
2022071517380301019021921503EC70E59vn8p21df
x-powered-by
ImageX
x-cache
TCP_MISS from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-parent-response-time
3,23.54.207.36
server-timing
cdn-cache; desc=MISS, edge; dur=3, origin; dur=0, inner; dur=1
x-length
3134
content-length
3134
server
nginx
akamai-mon-iucid-del
971653
last-modified
Fri, 15 Jul 2022 17:38:03 GMT
x-cache-remote
TCP_HIT from a184-25-50-175.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-logid
2022071517380301019021921503EC70E5
x-response-date
Fri, 15 Jul 2022 17:38:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-07-15T17:38:03.407940024Z 72
cache-control
max-age=30394359
x-tt-trace-host
01eeccc4e493fbb8313052ff79e2bc88989b8710feb278bd84d0f23f274cdb56d407a917a9309789f33bd6fdcfbb2d882051f184a05e6b448bae332e652d79fb864bf84ac6f2757c4589cc68f045b3f6f0828a428ee692d12da3543b8229fe1e9d882952c4375182697facd18e4fa2d65f
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
img-embed-banner-comment-d1335fb135de82a0a6b923df2e515c06.svg
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/images/ Frame 3CB9 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/images/img-embed-banner-comment-d1335fb135de82a0a6b923df2e515c06.svg
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-142.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5f5beabf59a0f4c1c28f05dd34047cd1f401f146b85eebbaa7ab8d971f075e64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
168019
date
Thu, 28 Jul 2022 22:46:11 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
0TNfsTXegqCmuSPfLlFcBg==
x-cache
TCP_MEM_HIT from a2-18-78-142.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
Standard
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length
498
x-tos-request-id
fa072bbe1694288a-ad9159b
x-tos-response-time
Thu, 30 Jun 2022 21:33:08 GMT
last-modified
Wed, 29 Jun 2022 01:42:40 GMT
server
nginx
etag
"d1335fb135de82a0a6b923df2e515c06"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=2501200
access-control-allow-credentials
false
x-tt-trace-host
01753b5d5c4c488def02df34f4eb5825740d97425be15f97138bc31e22906d801682658fdc09d3ba7923b89d810b38ac1c903bf445faa96a037532bc0b8b5d968ab909c272fe1eee3ccfa07abe1f231f48c292049bb8a322ad73cd452ec25777e67f94b7603807927c9269ce0a06b8141a674d22fe79a87b382cc19ef42e1a61c375cec587ea4e1a9768384a14456c9d04
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
img-embed-music-26847fc3f0c6f8b667c268b0c0a2bd0f.svg
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/images/ Frame 3CB9 		647 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/images/img-embed-music-26847fc3f0c6f8b667c268b0c0a2bd0f.svg
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-142.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d858782d53337cb280fd29487a8c25544984a1abc8619d4fc3535e4458101d1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
16801a
date
Thu, 28 Jul 2022 22:46:11 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
JoR/w/DG+LZnwmiwwKK9Dw==
x-cache
TCP_MEM_HIT from a2-18-78-142.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
Standard
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length
647
x-tos-request-id
c57265be15c1d481-abf38a2
x-tos-response-time
Thu, 30 Jun 2022 21:29:37 GMT
last-modified
Wed, 29 Jun 2022 01:42:40 GMT
server
nginx
etag
"26847fc3f0c6f8b667c268b0c0a2bd0f"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=2463673
access-control-allow-credentials
false
x-tt-trace-host
01cd9eabec6b37e779c68e008c930419262c839eb6f95a2725e962c3f267923e8411b95756642c56cfb19513cc0d943de8f8e37890c53b938dcf64fdf94f1d81d735146a7c14a26035845a88189dbb25dbb124f716017f3c4f496aacaaa9781fc3d7c556e10a7c46cbc18e515e3541841446dd85c166dfcbd3c29e1dbe34ebfec2
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
sofiapro-regular.otf
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/ Frame 3CB9 		155 KB
156 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/sofiapro-regular.otf
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-142.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e145b1a56b822a1f604021905dc0c661a5447c13a569b6424be2abc8c140b668

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
167fcc
date
Thu, 28 Jul 2022 22:46:11 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
83df79xiq+PWX4rXEbw2eg==
x-cache
TCP_MEM_HIT from a2-18-78-142.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-parent-response-time
2,23.33.32.213
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
158708
x-tos-request-id
4f6324581ae69bb1-af54d25
x-tos-response-time
Thu, 14 Apr 2022 13:00:22 GMT
last-modified
Tue, 29 Mar 2022 06:30:26 GMT
server
nginx
etag
"f3775fefdc62abe3d65f8ad711bc367a"
x-tos-storage-class
Standard
access-control-allow-methods
GET,POST
content-type
application/font-sfnt
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=2047360
access-control-allow-credentials
false
x-tt-trace-host
011d849d85798fdb1402e7231ba70b5e8bd31dd8ce77874435e90a183a8037727ca750ce968ef776189b68ac60989f86d5dbce55df9f6fe4ff2bff2012b34d4b2deb546c6fdcacd21da37a7f5ae6e98ab571475eef403f3b39a834b65a23df5d156602215babd69684675c4b28d634195837f0c314c1f954aabae86e1168ab3e97
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
Proxima-Nova-Semibold.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/ Frame 3CB9 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/Proxima-Nova-Semibold.woff2
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-142.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
76680efd61dc1f00144c9af7adb317cc0642fe53282525e7e35806a12e74a084

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
167fcf
date
Thu, 28 Jul 2022 22:46:11 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
Sio5a2TUlhXk5hdYEjB9Lg==
x-cache
TCP_MEM_HIT from a2-18-78-142.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
Standard
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
20400
x-tos-request-id
6a1298486842f0fc-af54b12
x-tos-response-time
Sat, 02 Apr 2022 15:14:10 GMT
last-modified
Tue, 29 Mar 2022 06:30:26 GMT
server
nginx
etag
"4a2a396b64d49615e4e6175812307d2e"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=1179925
access-control-allow-credentials
false
x-tt-trace-host
0174bc0ae904049ba49cc797c7e13e4e65b31984a57298184c4f5220b8b383ef8105bf583f6b4c3bac0ac7fb5764a42270213a3ced76f2c5a1f52aa74bdde8100d4a777ecd57cffc35e61c55ccdf58c03f2972ee9994098f8db40b0d56d0a1f858c75ce1c0ebe4d04162ad988118ee8bc68bc08495c966f9bf39fc905d90378139
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
Proxima-Nova-Regular.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/ Frame 3CB9 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/Proxima-Nova-Regular.woff2
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-142.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
29a734dbe0c87dca942095cf4038b7a2519fb48ff2e06d1f49b8d8854493ac35

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
167fd0
date
Thu, 28 Jul 2022 22:46:11 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
SvWbAmfbEyPKXZVTcUBHkw==
x-cache
TCP_MEM_HIT from a2-18-78-142.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
Standard
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
21908
x-tos-request-id
96bc26597f0e68e3-af544a3
x-tos-response-time
Fri, 15 Apr 2022 14:19:58 GMT
last-modified
Tue, 29 Mar 2022 06:30:26 GMT
server
nginx
etag
"4af59b0267db1323ca5d955371404793"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=376272
access-control-allow-credentials
false
x-tt-trace-host
015326c8867eb28787b79d544becbbb2ca95e8d6bb5e2d57db49f116c17d13ad4eb7537d0bb200c151418cfd4c71fc25eaaccb784e98410c9ba225f31805bed1d233da853ec1be055a86de6890d44a6f8053bac5d793b4f1a39c6b399304d62e94ae0cb4e480a7e0dccaf318d835cf89bc850bba2f3f866a98a37a9074ff7b8d57
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
truncated
/ Frame 5D3B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c4f3e03304c71b84e2a89a4a521b9086f39722f154c19943865ff079f25b088

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
common-monitors.1.1.0.js
sf16-short-va.bytedapm.com/slardar/fe/sdk-web/plugins/ Frame 3CB9 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/plugins/common-monitors.1.1.0.js
Requested by
Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6aa10ccb8a9db0309d0df8b93e8d9bad03d814791f17f1cc2e12f2319ee694de

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
b4a33f5
date
Thu, 28 Jul 2022 22:46:11 GMT
content-encoding
gzip
vary
Accept-Encoding
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
WI3Pow5jZS3EhWLnAhGO3A==
x-cache
TCP_MEM_HIT from a2-16-186-5.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=65
content-length
7021
x-tos-request-id
e4e152d4d85c24aa62d4d85c-abf3fd3
x-tos-response-time
Mon, 18 Jul 2022 03:49:48 GMT
last-modified
Mon, 18 Jul 2022 03:46:34 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=300
access-control-allow-credentials
false
x-tt-trace-host
01daf6b0870d24f58e5e4fe819efd0cf29ddf80918403bf8233798dbbd6b2207d37a68430d37fe9a40b72fc09c57a0fd61ba25d5ccbe9929d9c7e3785be130928aceb960c75ae400178c2a2e4f2fd19aba1e7712395a2c7929e470990661f9ed74896907d09f91ab9b2fe75a0f2f724989
timing-allow-origin
*
access-control-allow-headers
*
expires
Thu, 28 Jul 2022 22:51:11 GMT
truncated
/ Frame A8B3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc6b5f0f34b56137046ce7f2bbafc10daca71689824b12c89b4c90903befb24c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
/
vmweb-va.byteoversea.com/service/2/abtest_config/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vmweb-va.byteoversea.com/service/2/abtest_config/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-88.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type,Content-Length, Authorization, Accept,X-Requested-With
Access-Control-Allow-Methods
PUT,POST,GET,DELETE,OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
60
Content-Type
application/json; charset=utf-8
Date
Thu, 28 Jul 2022 22:46:11 GMT
Expires
Thu, 28 Jul 2022 22:46:11 GMT
Pragma
no-cache
Server
nginx
Server-Timing
cdn-cache; desc=MISS, edge; dur=95, origin; dur=4 inner; dur=2
X-Akamai-Request-ID
e31e776c.15460ddc
X-Cache
TCP_MISS from a2-16-187-84.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
X-Cache-Remote
TCP_MISS from a23-220-104-14.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
X-Origin-Response-Time
4,23.220.104.14
X-Parent-Response-Time
99,2.16.187.84
X-Tt-Logid
202207282246110101921621300C9E2E10
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a6288f4124e9087bfc3599391a37fce19b450c51f9e7869e34f05dec0facc066af702815eef77774b003f56d6e287c133e2f34d8c0a68b31b046ef655bc1733d2cb97913160aa1a819aac2627cbb272fc8
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
/
vmweb-va.byteoversea.com/service/2/abtest_config/ Frame 3CB9 		122 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vmweb-va.byteoversea.com/service/2/abtest_config/
Requested by
Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-88.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b1e8ab98fc0b04e97cad45711fe06e4c794dbef4f0e6916d16e3ed913b5ac210

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

X-Akamai-Request-ID
e37b11ad.15460e47
Date
Thu, 28 Jul 2022 22:46:11 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
X-Cache
TCP_MISS from a2-16-187-84.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
X-Parent-Response-Time
92,2.16.187.84
Server-Timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=5, inner; dur=3
Content-Length
122
Cache-Control
max-age=0, no-cache, no-store
Server
nginx
Pragma
no-cache
X-Cache-Remote
TCP_MISS from a23-220-104-14.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
X-Tt-Logid
202207282246110101921621300C9E2E1C
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
PUT,POST,GET,DELETE,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Origin-Response-Time
6,23.220.104.14
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a6288f4124e9087bfc3599391a37fce19b450c51f9e7869e34f05dec0facc066af702815eef77774b003f56d6e287c133eef49d668be61dbc0d0cb897730ec4ab467061d3bf40015859fa254eb6522ca18
Access-Control-Allow-Headers
Content-Type,Content-Length, Authorization, Accept,X-Requested-With
Expires
Thu, 28 Jul 2022 22:46:11 GMT
truncated
/ Frame FFD1 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dc4de88129a4052830558b2aaac7220beba246a368a63da9b748d798b6cfabe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame FFD1 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxyFIRf-JCUfuEBHYaSqHfK9yuQWiCWfEBjApf9yewlEjc9OZuv3KH5s24Nu4cN5DoAZPMwJY8ZG9Gi8yxLSshRiOQMjidRchmrPMEAxClYlqYisF1_vQhow_Ovfr1bGwyM0fClNIAsbHgjDJKwVLis3rS_hQoPi6akFRLBW_nQr-LeCXVGZOmqPYNJIAoYRDpjbvfMXJqoH1_7v1qC9Ew2kyj2pFKQEcqocRr1o0vy_1nGV0cppRPcOg3kMpepSHDWL88-BephOZaFa8PCPuBoELePyoh76z7SuuTTfFBVPgWd0K56LoSHRyFRXf8JCwsYFDwXQ8ZbL4IMR19Rcl2DNRPuG7QBgfHfsEgXlLvj8n2dZipdo1cbG1fSxwWj9ltxAeBfHIlUHZoAYbOddgsKNt6S1cDw7dw_3ScAA4iPA2voWJr4f6RWnIIjldh66oi-2CL54TcNsjOcypFAjyBsVatl9GFKBSUJc_F6hYvnPP0tUiDelzAyIdIgEplGW_BiXvY4790ffDoCG-63vVC6AwnWzmoApat2cAvcvjt9w5qFBHaAiBblyEFyhl2fyNEDenENZUUns4fB221Vuex1y8B38-cybwS8nlB_nWAchGLiYmPFBM15dAuQO-KGGC6CQD02AtJuxna44-Wi1Ln1F7g0s2_zuO76dLFHrcPpC4ydgkgex0fROXABB-NNw-BFxjbeivq064OyXzNIkjAsYzUSG7soUde8M80ptYZna2PqYZpSE_TCg4dOFqtCwT9hZUje4dWVvXKAY0jmTBbYLdSAjgea9WB0CcevsRHOfjS0B3KTPDX2rZ8gExQYNXAhEKoheg8JedYxH5MOuBA-rxJ5eCSrEHsL-jHPNzo8vicNI-bHzc44B8TyXU5MqbdRnOWA2oXP18opP8Oz6DMZLqGeuQifJ1ETAkRUdKFhKB5KrAOSzd1ztLv5KfXhICKTmWejS-mCmRAWOx834cxMe3jnjQpv7GtALm6koxoG_xrTGVx3zLJmGU7lCCWs0jMBlT0zEA1xSghejuJkrvWMopQ9fCu4PUi2kXiPxTBuAKV7Uya7th1cUc7FESO0ja54rWf8mHo_xKCrgPTRS-v4saHG95EiGnQHpTIronDopkjCXWg4-DMFNoywUloJH88CsxxJ3zlafP3JOhqqm4yPDlQ96htVy5JthreKZbtmbN1MImyCNTaAuyq&sai=AMfl-YS0uWLfvNNtCC20dzs73_hDSF04O0HODueM9uiq9OdqEmJDlhsWcecxMuywOru9aUOKiyZxnertSvLVjuSgWLuYt9vyxw-mJBEfoYX16B0DOUPrj3KHzVk660eaJ4s4-SzOXOiB2TmI9VYHhK6EkVAsRn6Sw8BxcGsjjSdCf7fc4Ev4zNizllVl_4EYH0K0QhqGJCa1rHJXJV9QL8rHE61un246VSoYAiY3Pj4IaDcqU-l2SOzXmj7X8ub2fF_Y6KIST7nFjrDjRGR_w8M3ysD1L6W4RVePRYRRE4O-HYMw&sig=Cg0ArKJSzPiSb9GtkChYEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=201&vt=11&dtpt=200&dett=2&cstd=0&cisv=r20220727.76541&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jul 2022 22:46:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 5D3B 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuwP58red3wJd0yihyE6EzZfsDA9V7P8kHUCSKRkU7SD2r1QLDvN3aOz-BM-MTulnjaJ56TBrxVdqqMKM0xvj65Rqj8r7DqFeuodyUBAdtF_BGeOtzqY7HJRA8Ux92aCVRRrVkUYtxB44qs4QY4Qz0e0fJS2rAxendOv-037bF9sZ9JV-58_L4UfCVG9H-QQaWn6TkAcbKmVm0CiV-UcB3BzfETxXEgFyfCYX3HrWjlJKjYjs-_dmWDsFHfVxAdLbbngDyyinXuigK0V3U7Uih7o7zvLzhCyHRmG8KB8rJRdJ6uzH_3rZXFm4nnz8_TA2spb-cO6IW9KZBVqVyCJPvWAJm5H1AwkA95aZ0iAbkGWGfoakOX5p9u-MtHUJ0xcbbxn07w7-EeLSbCS4XJuBu3g9Ocz7PVHmug2YxIcGT5H6Om2mZj1-bcEp0Y76fqYls1YJgi3c4JHJnF3Pi25mhHMr7SisQBsa8Bb3CwdyYXlji_zP0QoPCY-t3ZCzNFW3jMdSd0OBX7-RwycMc_Hw4TL6r0WLFuUs-lClKz4FYCVxd1Z-2fIdnzmVp7i0QMeJMdGfXeQFOP0F5GSG65ZtUT5a1k6CuNBgWR0qzOKFFeCABBXFq6T-v9O4fDla3QW2kHh05O9SpU--LmBFhUDfLwnmB95KraGhlTaHSONvFGASjiX2SPhPjNWrSf5k_MNosNbov4cHULD_Krx-ms3ExIMWPz_ON182KaaJtiZypTaQDpusG004-VAHcHd8GZsqF74BNg1dzRMdVRCZaoIzI2M52lJk_IKbfZPUidpoRj4AsKTTtNAeBrSEE0-pBiyKJlrMrl3pCB9P_ywPc8wo6nTE2Wg-T9_1U9tf3OlIA47rsrgVfATIOgB2ZhbOUgMp7GA_3Qi-vLEYTYliLR7awgY4a0Uvh1vZmq3lpvaKutg2oYKluACBj3h-WgTig67uap56OhHBGGSLN1lYQL-0gbR643tkCruzBTtZL7CKC_OwMvzxbwMJYQcJcVEaaw2wup8q9n2L1-u48H5o5vgQjX7cbbLLnBJTx30MkcYpZpXi2mTvXSqTH2KEk-wvq8KK5rtF1D7TGnNZimyH-oWhyd5rg_yBb8eBi1SILYURvT7C_TeYLcyLdRLM-2OxwvixeJMpq4C9FkWZY1y_qaWJLLJ2ktyhJU90BqDB3uh6UUQhRF9umYNA-1VnWt2QpzfNkGX5zfGaLmXfM&sai=AMfl-YTndgbqFmBIUqsr4KUqfFeDz_erk-l4CjuIV5KRbqnPvBcLayP1Iclsx_WmT0pflq2Uk_DNNDl4V4H4zHL-EL8YBBQCk8Ck7WMPHlF8aUk8e-RfcW5WwHLtFL5d7sqeNHcMoFzhV0vqrA2AnRyfa50Fh-QF_GDz7yXV-BB1G2o80u095zEUgqeVMLdMlhAZGJ10kwSy4Oc-jPuuM4fYnNQ2jmEpFAECDKl1728EYvJXziw0kqUHpwPl5EFzMpbYVWb9Shdr1mdlQ2L7r13TrQaoV7tCC9Kg5ONc4ncP3ILN&sig=Cg0ArKJSzKYmahCTQOI2EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=227&vt=11&dtpt=226&dett=2&cstd=0&cisv=r20220727.06593&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jul 2022 22:46:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1EF7 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
65079
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 04:41:32 GMT
expires
Fri, 28 Jul 2023 04:41:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A8B3 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6dSh5-zk1dkNN-ztXzUJNZ9wGYxKa2f1Q6UKxMvo5EYyuGG_rDhcqNcilJ6XNxfxfFFq2LVQtxlG3rhnMUxt5h1jaHZN_ku9Grc6k7kN6Rnavf55axn138ptu6bS7GuBax7KMQu0IQqiSZ_rbs-s7-QADTaln5_lksGAkG0uYsjNloKI4t5ZAIqlPHDzQA51rMbVjSpdW44HzoFQ12UAFYRv6KLSrC4wtt66JNgQBkhNdhztIwnKn8kQ7DjeAQepHMKCe7xm0TK2uiKX361ilnV7YyGHdfM_ys8tca9-V4Q2fnIfIhkEDZMrw_tu1RejKgeN6fkalKuqHn3h8JJ3_NHFmpftul5XBE4jpG4bSWPC2RPOtL71byK78Z3hx0NIXtFWacYaGQaOny8irhe07c6qewJanDYXfuTrlDtD2Q2FYYY4rhco7EukGKogpBIbiYrq5Me0W1tBT2s64LtYtPWMysOfFuzCwXaiKel0h3kD70_8WtaQd0Azn-95AJVIO0EPaZGdGQOZAbgaeD5ctBdolaIjaCOjJTLb5htzKJm-d53GTEaV1WLCCqx8XTLOBwvjaWUUSW8fH8b8qgOaf0aTl52L1msoX55eGXv9Aw1D6Vltf3w07_gd_n_DzxG2-U8RII7m2QeqsNaBUXJJ_h0QPNHcpsCGFuDMLWn31CWGmZnIz_LB3KzVLiu2BW0ZUav8BpjC82kiOSNNNiWutx2LgnyaFaM5YaJy1J9ZR-24gUWGUE7EalNejJSxXr93ZFwUcFfix7af_xJiNmaAU483JEhWmk4RILLoZqXzVeyuCBXAKM76FNY3DNdgrVNEjHCPDR8ekC1p5Ch3OnF33cFKLvMpa3fjbtCF6LJa4dcL8RaQkZiHwdDlFuwE0_WUct3ltW6955QPzQFjnIAr3WUmtd60iXsEOz4PKUgeINh1KVD_ZOvz82dw3QM1i6hgSlnkOuPoGl2wLOSyDt2nNvTvpe1gH1ZyNxYhOZTiHb38TalwlKbdX14O7Y-XLhV4euLs_rKuqwNm-MNjzqrtdhaJpT_KsobAV3ao5I2MfZse0OMWRLco7UDBAklU4LDgtvCC-VgEjrDTy2bSNyFof5NH1lZbe5Swh0XpDqnZYPIvhFcBx2-orTE--9hPDy0_9r6i9oOAz5w4JLWdp86bMLTA8ATL01frpzmmJ2KLnm-quzbO1gif_YUaP&sai=AMfl-YRa2ajK4qZ3PNSskIwaRmnKrf9QQh18HYQTYBLzH--iaL5ObyYrlsgVfi6BdihvXXHKbIDIvR7UoJRhosiCEdyPbUqt1q-OfWM7kmkFIk8i6Be4Jba8f68I46V4jkvQpBPfQG5u_e7avuVbhndSimi3JT6VV0y1zH7WykBCQrnyZ7PZNK8ObpVTMh2kK84oYFjtrADokf6Ymx-khbqoK4HGsXg6E66l1CbVQAjBGUYbWVy3dJso_YXRg8OTSFfxW6Q50-GmDjI6Ehkx3OjgDqj6yQQnuyrv0KG-g2OrXefu&sig=Cg0ArKJSzHSu5FAmNeSdEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=222&vt=11&dtpt=221&dett=2&cstd=0&cisv=r20220727.45934&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jul 2022 22:46:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EA9E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
65079
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 04:41:32 GMT
expires
Fri, 28 Jul 2023 04:41:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A8B3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BlMLWshHjYtTiDaWX9u8Piau9kAkAAAAAOAHgBAI
Requested by
Host: eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
URL: https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
list
mcs-va.tiktok.com/v1/ Frame 3CB9 		7 B
1001 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs-va.tiktok.com/v1/list
Requested by
Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

X-MCS-AppKey
566f58151b0ed37e
Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

X-Akamai-Request-ID
1f9c4bdf
Date
Thu, 28 Jul 2022 22:46:11 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
X-Cache
TCP_MISS from a23-36-160-80.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
Server-Timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=89
Content-Length
7
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Server
nginx
X-Tt-Logid
2022072822461101019205514502C76BF0
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, PUT, POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.tiktok.com
Connection
keep-alive
X-Origin-Response-Time
89,23.36.160.80
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a68fd45789576fbe565da786dacde60efe52011f6165e30b502c3347b34b29109ecaf0306cdcbf49000b5b89f557c02695b27a4ff3e53572c7430adfae91622964
Access-Control-Allow-Credentials
true
Expires
Thu, 28 Jul 2022 22:46:11 GMT
list
mcs-va.tiktok.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs-va.tiktok.com/v1/list
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mcs-appkey
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type,x-mcs-appkey
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin
https://www.tiktok.com
Access-Control-Max-Age
1800
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Thu, 28 Jul 2022 22:46:11 GMT
Expires
Thu, 28 Jul 2022 22:46:11 GMT
Pragma
no-cache
Server
nginx
Server-Timing
inner; dur=2 cdn-cache; desc=MISS, edge; dur=0, origin; dur=90
X-Akamai-Request-ID
1f9c4bb0
X-Cache
TCP_MISS from a23-36-160-80.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
X-Origin-Response-Time
90,23.36.160.80
X-Tt-Logid
2022072822461101019205514502C76BE0
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a68fd45789576fbe565da786dacde60efe52011f6165e30b502c3347b34b29109e3ef96c283943c7ba00fadef7eb0342f0574c4d2926720f2753434066d0a3f49b
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 24F4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
65079
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 04:41:32 GMT
expires
Fri, 28 Jul 2023 04:41:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
list
mcs-va.tiktok.com/v1/ Frame 3CB9 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs-va.tiktok.com/v1/list
Requested by
Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

X-Akamai-Request-ID
86fdf21.1f9c4bed
Date
Thu, 28 Jul 2022 22:46:11 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
X-Cache
TCP_MISS from a23-36-160-80.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
X-Parent-Response-Time
89,23.36.160.80
Server-Timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=3, inner; dur=2
Content-Length
7
Cache-Control
max-age=0, no-cache, no-store
Server
nginx
Pragma
no-cache
X-Cache-Remote
TCP_MISS from a23-220-104-24.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
X-Tt-Logid
2022072822461101018907107014C92C22
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, PUT, POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.tiktok.com
Connection
keep-alive
X-Origin-Response-Time
3,23.220.104.24
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a6a821db892c157b385b7e893f0f35ec6ab73ff44f1d7ea4acdab5b70e268ac3282ef18637664a1c04110cadf0ef79f44c9d2b9b36dc4911f91aa3e8c325fb0b8f6a625f0dd309e0e843bd10c81b36e2ef
Access-Control-Allow-Credentials
true
Expires
Thu, 28 Jul 2022 22:46:11 GMT
list
mcs-va.tiktok.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs-va.tiktok.com/v1/list
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin
https://www.tiktok.com
Access-Control-Max-Age
1800
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Thu, 28 Jul 2022 22:46:11 GMT
Expires
Thu, 28 Jul 2022 22:46:11 GMT
Pragma
no-cache
Server
nginx
Server-Timing
inner; dur=1 cdn-cache; desc=MISS, edge; dur=1, origin; dur=88
X-Akamai-Request-ID
1f9c4bd5
X-Cache
TCP_MISS from a23-36-160-80.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
X-Origin-Response-Time
88,23.36.160.80
X-Tt-Logid
2022072822461101018909102114C63E0D
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a68fd45789576fbe565da786dacde60efe94311dd4483ce29298f5a224edb4d651f2b06d50af306da1650c2251b405115f712b1c7f7fbb92403b7481657de26d23
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
a-01mt
i.liadm.com/s/c/ Frame B71E 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-01mt?s=&cim=&ps=true&ls=true&duid=5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.237.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-237-222.compute-1.amazonaws.com
Software
/
Resource Hash
cf4196501b7e2f1bc0581d9aa367a7863d7fdbc10eb81a3e82964263d374b4d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
672
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Jul 2022 22:46:11 GMT
ETag
1.61803398874
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
baker
sli.wellandgood.com/ 		19 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sli.wellandgood.com/baker?dtstmp=1659048371178
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 28 Jul 2022 22:46:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Expires
Thu, 28 Jul 2022 22:46:11 GMT
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
headerstats
as-sec.casalemedia.com/ 		0
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=346202&u=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&v=3
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUaM2DMTNuKMHzX%2BgBy9EgVUvNJr15UwoNxratFkA8w0eNHj%2BASqcazDtM3pMt4GoC%2FIhtx8riIHhZjvZLXjEIDGnd8a9dDYl5mGC4N6XOsbU7DqTFsjfFdj6NWanVcFToNS6u7LJnE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73212640681d9128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js
pagead2.googlesyndication.com/bg/ Frame 1EF7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 09:51:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
219274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13903
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jul 2023 09:51:37 GMT
4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js
pagead2.googlesyndication.com/bg/ Frame EA9E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 09:51:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
219274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13903
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jul 2023 09:51:37 GMT
4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js
pagead2.googlesyndication.com/bg/ Frame 24F4 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 09:51:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
219274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13903
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jul 2023 09:51:37 GMT
headerstats
as-sec.casalemedia.com/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=346202&u=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&v=3
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BknHv6qUioh3biLdBmTiobj019SZUqR0rEL%2FiJZWON4bEzVfZe9bPwRrv4nOIaIK4uUrvm4oGsnvtK%2F9C6q1Pc4cRYsef3NOTh451scrWHO6tSGTzQhfYwBovjgIu0IRh6Y131KGh4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73212640681e9128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928482&asId=e5f29576-c682-5e50-ed7c-7172a7a46eb5&tv=%7Bc:jHLgzw,pingTime:1,time:1223,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:3,t:175%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1223,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:175,wc:0.0.1600.1200,ac:0.621.1.3,am:i,cc:0.621.1.3,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1069~100%5D,as:%5B1069~1.3%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:257,fm:tcVnT1V+11%7C12%7C13%7C14*.928482%7C141%7C15%7C16%7C17%7C18%7C19,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6252:7b4f:105f:a05f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928482&asId=e5f29576-c682-5e50-ed7c-7172a7a46eb5&tv=%7Bc:jHLgzx,pingTime:1,time:1224,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:3,t:175%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1224,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:175,wc:0.0.1600.1200,ac:0.621.1.3,am:i,cc:0.621.1.3,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1069~100%5D,as:%5B1069~1.3%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:257,fm:tcVnT1V+11%7C12%7C13%7C14*.928482%7C141%7C15%7C16%7C17%7C18%7C19,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6252:7b4f:105f:a05f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928482&asId=e5f29576-c682-5e50-ed7c-7172a7a46eb5&tv=%7Bc:jHLgzx,pingTime:1,time:1224,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:3,t:175%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1224,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:175,wc:0.0.1600.1200,ac:0.621.1.3,am:i,cc:0.621.1.3,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1069~100%5D,as:%5B1069~1.3%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:257,fm:tcVnT1V+11%7C12%7C13%7C14*.928482%7C141%7C15%7C16%7C17%7C18%7C19,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6252:7b4f:105f:a05f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA9E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlMLWshHjYtTiDaWX9u8Piau9kAkAAAAAOAHgBAI&bg=!KimlKW3NAAacadVKvGk7ACkAdvg8WtpkfZwGmsiO3uSNvLyPDesZlG78pmhYwi6cbHSiy7yg8Sl5CgIAAAChUgAAAAJoAQeZAuPl3_RdrWvdBp8zS55YR3KyosXRdv_4naHEGpKy8UCAo9KKVUzf5fbxSwUpOKomz0ONzxIII_ABiF0kZB26cL8lIu9OVzQdtCTv-Xwg8M_DMkeLQ5n90plAQmTK8QGnj8gm9mPnrWnQAsiqiLycOroTEf_oguovsDiiS-WWXRfzMKf4AT22nO8tiZFeDhvMRsu3RzFcw02VdwUcxU5Q1p4ksnCirM40m-GXAvORqkg_XllgDRjD_tyoS_Ft2kpuPi2AdUC4-LRmtKDJDMLn42ebsp5sd0MEAmS-cBJO82AtTI_oHRp6vUlheJxDPGTWeOyc97XAnLxGbxQvl9Kmo99w8B-CguKFN1-ZVSQsV4thUX6m0eB7HQcfgmsSLdXxqlFrkezQjS4F8YvD5AOqzyyGVC8U13XzAKsI5tN9LZMD0QDuipIknCMlvEJWmWGQfKQMvrioC30-E2rl_nXq5FZcxAFPVJVRLXorTjuO5uUyw_HC9KaWoiXpRGeR--ScSBKkND4SZWgC1iOzfR_MYePoOt-Wc-9yn4MiRf8t2jv3jYnmvld7m6ixr1MQTSNhOfHlq2Dp-AjFPsqAcuCTkjOPnobhuA5Gstm4Tp2D4X1-XsnWEDUIYWV9wdUDtX1YGlTfohVfXC56E6kc4VVjOej62TCmAvCsHkqF57JQFGSZqHX6IxYpDsBKUNJyIOgD8_QGbVSWvLrIODMzDwrtagxxdBveOuSCKHkp8vuuhMyGh7epiVhYZFLhPi8VzNgIjZw14bsqkfnhhuQt8eupE-MrOpDua7Jy_QvWa7Z7H6if1Jw-wE1RpP-LQOeaZrebI6PzVtnCGCyHb2sHnvUTZ4xsHQBDMinmOwHDT9uqznD6b1ZSbi-WdjD9MdywFE12BgQ6QGX7sYqX0glyAft_pWwrhe2fYimE4HWfuDIMz3LZOmWOPxLntukfj58n-C6EF9faiuGk4t12WAYzauoBxBA1QhH8
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EF7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0xN6shHjYtPiDaWX9u8Piau9kAkAAAAAOAHgBAI&bg=!rK-lr-vNAAacadVKvGk7ACkAdvg8Wp-S4y-EQ3XwAvb8atUPKRETMxtpFtrirpTK4RlE0INJovBDiQIAAADBUgAAAAFoAQeZAvNYCvSIdHZXGaKRjSXhCHheljb5d5ZtlPqAIkCWX5n4IIBrSamj2cn8QpgsbCDV0DYgGdeaUDi-B_tzvJFfbx9FjxmxD_fHEcRAjyBvfIIgfZjE_6svbx2Y_owC8_3yk-eb3Jl_wmYPt3-8bhVj_Gxa2KIz1PtmTczemsNTUn13oc74FhvKWZItdInm5KSRZTjkDhSzAN3SeIe-r5MqgAljY5WNaANGWHyWK88WixsA8D9tdD6-XALpXpSex-pCYCUIGp11VqbivWESw98vf9pPTqLBqDsjbLHUl2GUloWAdL4Td-64op4uYMT8dJDFUEeNwpRGYhl5qCCNF7UpefcwPOCuOtRbB5fOYpHIeDj7PLuAMB4-81pmMyLoHc6k0jp9tuAOKyIkS0yfsUaaV6OMfMNn81gshJriMbE27h2j4BAPgGRHAbrJj7Pr6LN-Dzgl0nDMgLJNyhjkbh9mFClONujhDbyuFYAMhYde5wgr_92BydX5-8HfmwoO9Omkf07PlEExHVIwyQ2JyRfRgk8ITKt2mV-SCLnz_DtnYUpcuYo7mV1zOCC81x3ryy3-cwnjZjtTtPY_q6xYxquLaUGL964lXtKFcJtU3gqwjyzD-Y2tgV2_l-aBIgbuehyqhucSkJAIk9jqwzaX1yc6Hl1jmrYj02twU_s9hYPYgQsoACG7IERj7p416i6y7YE64qOVspmC4-UQwn6Xff05Fj9CBhzU8foHmhGrjHnthp6MtycAlSJ4g7Xj2uflDtqzhD5xC5DNe3e0HbF2CoqewusG9brxCxGowy1gpSJkBnBk1HJaK8_6ajUpGW7OFbHzUQK6iXAvI7w5cEz6a8pFBxwgm3XZgkyDC-tgibG9C5xvDHEpUyPIH--kCmTwXA70QFDtIqGMWIy-edmV-brgH9dwSbC6ArAA8zEkfv6XcrzF97zhyUrFtmz4EhlQi0uPXpP8V9seVJ4LBwbZnZKH1qYOp95qpaebXD7cjZ0lL20N-u6fiw
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		801 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
1f1969c0811ea580eeaa5ab2fe9c74882b8f1ccaa4d12b130840199c85c59e7d

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:11 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
277
via
1.1 google
gen_204
pagead2.googlesyndication.com/pagead/ Frame 24F4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdTLkshHjYtXiDaWX9u8Piau9kAkAAAAAOAHgBAI&bg=!DQ6lDkrNAAacadVKvGk7ACkAdvg8WkZr7bZmm7v0Xf0y7OYjfs9seT9E7ZMObNrQ1Es22AVzGG3ZEwIAAACoUgAAAANoAQeZAvXSyjiJpUyDvMKCgmhJzEfsonwZDdSs0O2PEo2zItVc5D4pYc9n4efMfZNuTElLJYhjWERRDS_4rR3YNuBC44dwWX4MZkW3SQOG4cNhDnxNhJTv--atU91iKF77iKsOdsHc_2REKVquqmyrADgQBts0kBSjTu1wOoRgVtJFg82y58vZ14QU-TeypWdhfxyRHPEkDiyOC2nYIU9ZsM79207NUFPasTTdZLJtW_cIt7Lf5BBhk92gdjyf0WQ9-vrB0zHc395EwJfu5aWAGQ_rIe1ht5Q52Fcc-2LZ_oY5nuMT7ZBVz9qzZkv0pXOPhEDbuoRgSSv-oz2uIf3CwBU_Mw8zjnyEtuphO9epTr5EShUEEbuk9bq7kzOuSlGE0V787l-UfYYFNAf5XR0dp8PpCsYE1sRmz94inUZG7OwRLUVNBOVWwgD0aTYlcDrRLWzXskdBTgYS-fYjW3Rs_4jiiH0sQV_rUpWLO5Jofh31KqQNA0YoO2gYld2UcZHaMU8nPX9sk1EQ7nSmkOhJHihWMJd5reGdUzQL_3be9IagU3udDhcOWILOOeTahgmy61YH7viKjjea5T_s7Hm2eQ3D5iTThy7_5RXUPIBLX1qptzlfUMKjeEyYfJxfO6tKcOWoRCyGvJjcw9iDBqIDsa73KYTcvObGTTZQEyPWfO-FLFMXAt05niiVw1OBjJKjCCkkwZAWfnfWN9F2d24WeU7aCF9x69nfD60pMSfFfHt-pyYmnDOQuQ_83LYAMSX4UYRXAobktqqqKjaOtHOiBOOHb4lQ_OHlqYZWi1-Yk1An2tCYLnlhO2xTHeeLRiolWl_mJn8kc3vsWekyMV2ECNwIzEs51NIzekt9iZwGJb3GKrG8wjrgKjMCG5wLXRP0yQgDWpWA4S3pumE9k3NqoZSsAjsscXCdtQ1GmKWHnsI3gGtBoi5LupWz13D-ZELHe_9PF5Xxux0alN733msih8iw-HYUANepCkcNSTz_esVYNnfILGnlcn4R
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		801 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
51d0125c09a51f3e29e6af5b0a7eb7bdb70ec251ed35f08459cefd3604b41a33

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 28 Jul 2022 22:46:11 GMT
content-encoding
gzip
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.wellandgood.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
via
1.1 google
/
www.tiktok.com/api/recommend/embed_videos/ Frame 3CB9 		25 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.tiktok.com/api/recommend/embed_videos/?aid=1284&count=24&secUid=MS4wLjABAAAA4CMxkRjKkd3rRBv4IlGu0_d5CZaAjphay1Lbpd16jY6h0Q0riJDnXHiWx4kqZ3MR&lang=en-US
Requested by
Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.146 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-146.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5345701b5336160f61a652a41acff02371c55d4d7c9ba2dff8f01024997a2801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/embed/v2/7085876658711907626?lang=en-US&referrer=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
491462ce.c28511
strict-transport-security
max-age=31536000
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-18-78-146.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
1168,2.18.78.146
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=1074, inner; dur=1067
protocol
json
content-length
6345
server
nginx
pragma
no-cache
x-cache-remote
TCP_MISS from a23-55-235-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-logid
20220728224611010192167206075766ED
date
Thu, 28 Jul 2022 22:46:12 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
1074,23.55.235.4
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a688fff396f5aa5cb6c5fcbbef0894c1b6cb91a5f663f752f33df5290b210bb0ed9229c9b99f7d5a8f6d852f7a5f06462a6443ee47b024d57647e7566200b26457fbd0b622605bec09f8a8f11de50519a7
expires
Thu, 28 Jul 2022 22:46:12 GMT
list
mcs-va.tiktok.com/v1/ Frame 3CB9 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://mcs-va.tiktok.com/v1/list
Requested by
Host: lf16-tiktok-common.ibytedtos.com
URL: https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/tiktok-embed.module.43f6d443181ebb5a246c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
list
mcs-va.tiktok.com/v1/ Frame 3CB9 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://mcs-va.tiktok.com/v1/list
Requested by
Host: lf16-tiktok-common.ibytedtos.com
URL: https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/tiktok-embed.module.43f6d443181ebb5a246c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
list
mcs-va.tiktok.com/v1/ Frame 3CB9 		7 B
1001 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs-va.tiktok.com/v1/list
Requested by
Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

X-Akamai-Request-ID
1f9c4c89
Date
Thu, 28 Jul 2022 22:46:11 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
X-Cache
TCP_MISS from a23-36-160-80.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
Server-Timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=89
Content-Length
7
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Server
nginx
X-Tt-Logid
2022072822461101018909102114C63E33
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, PUT, POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.tiktok.com
Connection
keep-alive
X-Origin-Response-Time
90,23.36.160.80
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a68fd45789576fbe565da786dacde60efe94311dd4483ce29298f5a224edb4d651f35a898e95ac2c48ea711e8c0745f2b911367851493856f9d11a6879919f3560
Access-Control-Allow-Credentials
true
Expires
Thu, 28 Jul 2022 22:46:11 GMT
list
mcs-va.tiktok.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs-va.tiktok.com/v1/list
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin
https://www.tiktok.com
Access-Control-Max-Age
1800
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Thu, 28 Jul 2022 22:46:11 GMT
Expires
Thu, 28 Jul 2022 22:46:11 GMT
Pragma
no-cache
Server
nginx
Server-Timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=4 inner; dur=2
X-Akamai-Request-ID
2ace20f9.1f9c4c0f
X-Cache
TCP_MISS from a23-36-160-80.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
X-Cache-Remote
TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
X-Origin-Response-Time
4,23.220.104.7
X-Parent-Response-Time
90,23.36.160.80
X-Tt-Logid
202207282246110101890731320ACC45A5
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a6a821db892c157b385b7e893f0f35ec6a9cc2c921d114770e1ae955f552addc9b4687354706da07a4008ca3d81d591b4941bb6095a621f58588fde2d721638641457b9eb23c7e617012a5e1d69f73cde0
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
log_event
www.youtube.com/youtubei/v1/ Frame 35C8 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/240bde48/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/Wc1KC8Ref0M
X-YouTube-Client-Version
1.20220726.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtWNGJoZkFpaGswSSiwo4yXBg%3D%3D
X-YouTube-Ad-Signals
dt=1659048368947&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C730%2C411&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 28 Jul 2022 22:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 28 Jul 2022 22:46:11 GMT
7d65aeeb50c54467b78354583ce96796
i.liadm.com/s/e/a-01mt/0/ Frame B71E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01mt%2F0%2F7d65aeeb50c54467b78354583ce96796%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&26f167b1-9318-41f1-ba9f-f61...
  • https://i.liadm.com/s/e/a-01mt/0/7d65aeeb50c54467b78354583ce96796?mpid=7156&muid=2f8662e3-11b3-4b00-b6b2-eb54679f5733
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-01mt/0/7d65aeeb50c54467b78354583ce96796?mpid=7156&muid=2f8662e3-11b3-4b00-b6b2-eb54679f5733
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01mt?s=&cim=&ps=true&ls=true&duid=5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
52.20.237.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-237-222.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 22:46:11 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Thu, 28 Jul 2022 22:46:11 GMT
Server
MT3 4475 c1dc35a master nrt-pixel-x17 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/a-01mt/0/7d65aeeb50c54467b78354583ce96796?mpid=7156&muid=2f8662e3-11b3-4b00-b6b2-eb54679f5733
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 28 Jul 2022 22:46:10 GMT
generic
match.adsrvr.org/track/cmf/ Frame B71E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01mt?s=&cim=&ps=true&ls=true&duid=5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
52164
i.liadm.com/s/ Frame B71E
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=26f167b1-9318-41f1-ba9f-f61af5215323&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=26f167b1-9318-41f1-ba9f-f61af5215323&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=8ab99147-39e2-4f58-8d7d-6690a98675fe
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=26f167b1-9318-41f1-ba9f-f61af5215323
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=8ab99147-39e2-4f58-8d7d-6690a98675fe
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent&bsw_custom_parameter=8ab99147-39e2-4f58-8d7d-6690a98675fe
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f5377ddf-fb75-47d2-b778-5741ca78e744&user_group=1&ssp=liveintent&bsw_param=8ab99147-39e2-4f58-8d7d-6690a98675fe
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=8ab99147-39e2-4f58-8d7d-6690a98675fe
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=8ab99147-39e2-4f58-8d7d-6690a98675fe
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01mt?s=&cim=&ps=true&ls=true&duid=5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
52.20.237.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-237-222.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 22:46:11 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
//i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=8ab99147-39e2-4f58-8d7d-6690a98675fe
Date
Thu, 28 Jul 2022 22:46:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
7d65aeeb50c54467b78354583ce96796
i.liadm.com/s/e/a-01mt/0/ Frame B71E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=26f167b1-9318-41f1-ba9f-f61af5215323&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01mt%2F0%2F7d65aeeb50c54467b78354583ce96796%3Fmpid%3D82775%26muid%3D%2...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=26f167b1-9318-41f1-ba9f-f61af5215323&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01mt%2F0%2F7d65aeeb50c54467b78354583ce96796%3Fmp...
  • https://i.liadm.com/s/e/a-01mt/0/7d65aeeb50c54467b78354583ce96796?mpid=82775&muid=76309656343925400890216846639799129148
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-01mt/0/7d65aeeb50c54467b78354583ce96796?mpid=82775&muid=76309656343925400890216846639799129148
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01mt?s=&cim=&ps=true&ls=true&duid=5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
52.20.237.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-237-222.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 22:46:11 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

DCS
dcs-prod-irl1-2-v037-068401fd5.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
P/rwSpXRS4I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://i.liadm.com/s/e/a-01mt/0/7d65aeeb50c54467b78354583ce96796?mpid=82775&muid=76309656343925400890216846639799129148
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
live_intent_sync
x.dlx.addthis.com/e/ Frame B71E
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=26f167b1-9318-41f1-ba9f-f61af5215323
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=26f167b1-9318-41f1-ba9f-f61af5215323&rd=Y
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=26f167b1-9318-41f1-ba9f-f61af5215323&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01mt?s=&cim=&ps=true&ls=true&duid=5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:12 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 28 Jul 2022 22:46:12 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=26f167b1-9318-41f1-ba9f-f61af5215323&rd=Y
pragma
no-cache
date
Thu, 28 Jul 2022 22:46:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Thu, 28 Jul 2022 22:46:12 GMT
/
trc.taboola.com/sg/liveintent/1/cm/ Frame B71E 		43 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/liveintent/1/cm/
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01mt?s=&cim=&ps=true&ls=true&duid=5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 28 Jul 2022 22:46:11 GMT
via
1.1 varnish
server
nginx
x-timer
S1659048372.840336,VS0,VE9
x-served-by
cache-hhn4060-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
35004
i6.liadm.com/s/ Frame B71E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01mt?s=&cim=&ps=true&ls=true&duid=5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
2600:1f18:444a:4602:377c:45e6:1b19:7050 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 28 Jul 2022 22:46:12 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Date
Thu, 28 Jul 2022 22:46:12 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 28 Jul 2022 22:46:11 GMT
content-encoding
gzip
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
via
1.1 google
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=false&k=e4ecf9e0-0a2f-42d6-a720-8fff2402c221
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 28 Jul 2022 22:46:11 GMT
content-encoding
gzip
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
via
1.1 google
/
eum-red-saas.instana.io/ 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://eum-red-saas.instana.io/
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.231.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-231-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Thu, 28 Jul 2022 22:46:12 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
timing-allow-origin
*
Content-Length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022072102&st=env
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c87acd3b458eeaa8e974bc098138358dee634023dd0536bc235626abf7c0221
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jul 2022 22:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12025
x-xss-protection
0
syncframe
gum.criteo.com/ Frame A208 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.wellandgood.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6145
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:12 GMT
server-processing-duration-in-ticks
2044
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
analytics-1.5.12.min.js
cdn.keywee.co/dist/
Redirect Chain
  • https://cdn.keywee.co/dist/analytics.min.js
  • https://cdn.keywee.co/dist/analytics-1.5.12.min.js
22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Protocol
H2
Server
2600:9000:2490:9600:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 09:52:09 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 09:55:56 GMT
server
AmazonS3
age
249275
etag
W/"13a05c433850fad0455e2ee1a1707eb0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
cache-control
max-age=259200,public
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
oc-95BrcwCYgXc4KEayJMb9-4D-dfthjQwcmWl8Kosu4QLaUP5pa7Q==

Redirect headers

date
Thu, 28 Jul 2022 22:34:18 GMT
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
server
AmazonS3
age
715
x-cache
Hit from cloudfront
location
/dist/analytics-1.5.12.min.js
x-amz-cf-pop
FRA56-P6
content-length
0
x-amz-cf-id
gOMU4UEzd37ATgxLeH0I9u4cP0nOUJkwKtFXsPGmoy52lT-RMT-PcA==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f4f6e3e53177c08ab6c846bcb9873aac07bc77b76e56c21c45436d7a0c6d245f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26140
x-xss-protection
0
pragma
public
x-fb-debug
Rn01QnVyVuwBP3scw8MhuqtOGT6iPjEqyL3wKGJeKo4rvoXhwPOdNGwMtFH8OLmkoPKsXGJwKPpdgl5u/jgVhA==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 28 Jul 2022 22:46:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
wellandgood.com.js
cdn.brandmetrics.com/tag/9433371b915948dc8c9de5a5ac972a66/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/9433371b915948dc8c9de5a5ac972a66/wellandgood.com.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q356Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:79b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2110faf3670070ebfcddac8b0fce1313d6edf893602f44cb0178e8e1a38a185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Jul 2022 21:56:58 GMT
server
cloudflare
age
2954
cf-polished
origSize=5915
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q51cS%2Bt%2B99OIQZIPHWov9QiKxVgsqhSun%2BV3D8xkm58bGqHhWCtAzsJW%2FK2Cu6COQSSCe1o9w8OyxEMudqDrQ8yGgwRXnZNHXpTHa%2Ff9gAV9HYjXtUGLbhTKRfdZhLycUv57AUEVFxDppQuoo0zWEnHb"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7321264a5c609bb8-FRA
cf-bgj
minify
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:182::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a67117312ce631cdfc251dfbb90058bc01e3849deb0cd7fed130745b5813d1b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

akamai-x-true-ttl
7200
x-cdn
akamai
etag
"2dda33348480d93c64a825f2616f03ce"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
accept-ranges
bytes
content-length
1142
access-control-expose-headers
X-CDN
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/19765212/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:39:09 GMT
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
424
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
zATSM80GYQJd1iOHiRq-t1CJQmjIRMwAPDqOjrZdEkfo4jc5NhxbbQ==

Redirect headers

location
/internal-c2/default/cs.js
date
Thu, 28 Jul 2022 22:46:12 GMT
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
0
x-amz-cf-id
axpY3BBpJFrhXtdkv0SWUhrbuRuUXk8P0hwgmjhF6FCWRHgT6azmqA==
x-cache
Miss from cloudfront
trackable.js
ext.chtbl.com/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ext.chtbl.com/trackable.js
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:f800:a:b27c:d040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:00:59 GMT
via
1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
last-modified
Fri, 12 Feb 2021 20:28:32 GMT
server
AmazonS3
age
2721
etag
"4a494dbb82444463b6fd8bff0e5593d6"
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
max-age=3600
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-length
4092
x-amz-cf-id
WmVnXi1CX1f0xzJisiS3yoR-ZSB9vPOfcD1ECIuVpsrjialTgkEGiw==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js?cb=31068698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 28 Jul 2022 22:46:12 GMT
sid
mug.criteo.com/ Frame A208
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=wellandgood.com&sn=ChromeSyncframe&so=0&topUrl=www.wellandgood.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=wDimYXxEWEpFT0tvQnMxZ1B2L0xwTjMwUUYrdHFMRHVnN0VVZXhRaWtCMzVwWTZVOUR1THFZUW05cXJweHV6MUhPRDFoYmtjNHdzVytvcytRQTE5aEpOWkozTFJoL0dWd3FqbCtVWU1WSGRLa1ZaenBPZ0FDRU1VVkhGZG...
439 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=wDimYXxEWEpFT0tvQnMxZ1B2L0xwTjMwUUYrdHFMRHVnN0VVZXhRaWtCMzVwWTZVOUR1THFZUW05cXJweHV6MUhPRDFoYmtjNHdzVytvcytRQTE5aEpOWkozTFJoL0dWd3FqbCtVWU1WSGRLa1ZaenBPZ0FDRU1VVkhGZGJ3Uk5jRndRVHZ1djNTb3BoZ2FwbkhYVUlUSmszamRFc3AxdWZ4RVJjbXpzN29zRW4yTUJySTlnNHNTdThiZ1dMRnRJM2w0RXl1c1FzckhOR3JrOGx0bG1aVWhGL2RxSElrem1SU3lFa2RSU1pwMmpVQlphYTQzQzZqMHZsRUwwdW1kSFJzZUdFMXJWRnozQVNrYlhXdVRvclM5YzhjZz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c2e95cd7237e15591875f8bc4f5290e2c1e91c0269385e77e76bf7343364ef30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:12 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4140
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:12 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=wDimYXxEWEpFT0tvQnMxZ1B2L0xwTjMwUUYrdHFMRHVnN0VVZXhRaWtCMzVwWTZVOUR1THFZUW05cXJweHV6MUhPRDFoYmtjNHdzVytvcytRQTE5aEpOWkozTFJoL0dWd3FqbCtVWU1WSGRLa1ZaenBPZ0FDRU1VVkhGZGJ3Uk5jRndRVHZ1djNTb3BoZ2FwbkhYVUlUSmszamRFc3AxdWZ4RVJjbXpzN29zRW4yTUJySTlnNHNTdThiZ1dMRnRJM2w0RXl1c1FzckhOR3JrOGx0bG1aVWhGL2RxSElrem1SU3lFa2RSU1pwMmpVQlphYTQzQzZqMHZsRUwwdW1kSFJzZUdFMXJWRnozQVNrYlhXdVRvclM5YzhjZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1997
content-length
541
expires
0
9b674c40b1154f5fac517ec58fa68b25_1656015155
p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/ Frame 3CB9 		246 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign.tiktokcdn-us.com/obj/tos-useast5-p-0068-tx/9b674c40b1154f5fac517ec58fa68b25_1656015155?x-expires=1659067200&x-signature=SZznHqz0h%2BD42pHf9MmDK62KupY%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.235.136 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-235-136.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
fa66a33148b326b7e86fc4850144bedbd89642bf3f0aa47f0061f3611476ca72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=static
nw-session-id
20220623203526010004004025004005006003006112DDFD2qx8mj41ff
x-powered-by
ImageX
x-cache
TCP_MISS from a23-55-235-132.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
4,23.55.235.132
server-timing
cdn-cache; desc=MISS, edge; dur=6, origin; dur=0, inner; dur=28
x-length
252400
content-length
252400
server
nginx
last-modified
Thu, 23 Jun 2022 20:35:26 GMT
x-cache-remote
TCP_HIT from a23-33-45-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-logid
20220623203526010004004025004005006003006112DDFD2
x-response-date
Thu, 23 Jun 2022 20:35:26 GMT
content-type
image/jpeg
access-control-allow-origin
*
nw-session-trace
2022-06-23T20:35:26.726705702Z 24
cache-control
max-age=31536000
x-tt-trace-host
017a9b14f194b3ba34ee25bbba296c4bd5c1bdb3d78e7ecc9e956142188a844ba207ccb0b9187023a64cdb54c53b0c3f6148b9fc685639f52ab20f7880e6c9c9bc1b5f05a523e605845ec76bc86fcce55978e8eabb22659fd088236eb8847a2d9c5e535ab01beed9e6b870d557220d0acc
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
img-embed-rec-card-play-hollow-777ace2e51d9cbf10667405c93897ba7.svg
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/images/ Frame 3CB9 		342 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/images/img-embed-rec-card-play-hollow-777ace2e51d9cbf10667405c93897ba7.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-142.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0c7603b3f5e88a8bd2e64d716e974659d2831d0b387e52d2efa7ebe351c092f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
168524
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
d3rOLlHZy/EGZ0Bck4l7pw==
x-cache
TCP_MEM_HIT from a2-18-78-142.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
Standard
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
342
x-tos-request-id
2ef985cc482fc5e8-abd2f21
x-tos-response-time
Mon, 11 Jul 2022 15:56:31 GMT
last-modified
Wed, 06 Jul 2022 00:23:56 GMT
server
nginx
etag
"777ace2e51d9cbf10667405c93897ba7"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=1098676
access-control-allow-credentials
false
x-tt-trace-host
01c6cf8545e489bf0a48399b0528d1967d2a26b06772914fd89599de599afc6018ce10ceb710e8fbc80b76a6979662f046fd89b68b62a30eb010bfae46eede62d20176d37f3232dfa4212091e6b8302cfbd621bfb7f27807b6a55aa5d613e2514793fc179807e0998cde88331386bed8c122f730e11dabfa6a938c84caa7ef2ebc
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
cfedf602df354ee88995349c1ed21ed8.image
p16-sign-va.tiktokcdn.com/tos-maliva-p-0068/3476fe98db6d428fb4071dcaf888983f_1659008287~tplv-dmt-logom:tos-useast2a-v-0068/ Frame 3CB9 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-va.tiktokcdn.com/tos-maliva-p-0068/3476fe98db6d428fb4071dcaf888983f_1659008287~tplv-dmt-logom:tos-useast2a-v-0068/cfedf602df354ee88995349c1ed21ed8.image?x-expires=1659067200&x-signature=n%2B8KKld97Q5TfVm1LSWR8WHK%2FRs%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
5c509da8c8c914370365c4bc3e9c1fa7f38030dfa92d3b999d790f19eb5ca771

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4a93a
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
nw-session-id
2022072811455701019021907904834F45ww4mz21df
x-powered-by
ImageX
x-cache
TCP_MEM_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
5,23.55.60.31, 106,184.25.50.198
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=221
x-length
111945
content-length
111945
akamai-mon-iucid-del
971653
last-modified
Thu, 28 Jul 2022 11:45:57 GMT
server
nginx
x-tt-logid
2022072811455701019021907904834F45
x-response-date
Thu, 28 Jul 2022 11:45:57 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-07-28T11:45:57.696600597Z 215
cache-control
max-age=31496328
x-tt-trace-host
01d201909f673be8f52028cdb15891c4378e3876a6e695da444122c20b00e8318d84baf0609e6132892e8094460719e819b9b0b2d364ccfbec8980a9881048ef4b9313f0e927cb4d8a3c87d610ad2d2167fb693cd5c8afb3da2f20ce7731064d4a
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
c30e603e73d44dba94fb1b138b89ebe7_1655822660
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame 3CB9 		345 KB
346 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/c30e603e73d44dba94fb1b138b89ebe7_1655822660?x-expires=1659067200&x-signature=%2BKBNVoNvzXur6AZsy3%2BvSuiKwRU%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
00ff0fb2463dafcfc8ba26ad122d8067839952997e320b34bdaf664f7a852656

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4a93f
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-tt-trace-id
00-86b8e530106070ca81f4974605c804d1-86b8e530106070ca-01
nw-session-id
20220621144432010192051138202936ACjz9mj21df
x-powered-by
ImageX
x-cache
TCP_MEM_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
4,72.246.244.54, 2,184.25.50.132
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=51
x-length
352879
content-length
352879
akamai-mon-iucid-del
971653
last-modified
Tue, 21 Jun 2022 14:44:33 GMT
server
nginx
x-tt-logid
20220621144432010192051138202936AC
x-response-date
Tue, 21 Jun 2022 14:44:33 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-06-21T14:44:33.001753879Z 45
cache-control
max-age=28310288
x-tt-trace-host
0128993ceb427225440f85d2038b2ee07b2a82b128fc453b4105590451eab1af3b62b73068dc058650f79e82eebd628b391aee6d06663891687b84a6204d21c33280305bac5d145aaa4f86da07a20b6e938f72258900525b10167f0c761914d3c7f2c085b330550179e817f4a427d1168b2ae68d24cf412e377b4d8dda8a54e41a
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
157fd8849d254f0c88f1f1cf95d939e9.image
p16-sign-va.tiktokcdn.com/tos-maliva-p-0068/08e0e50b02094bb1b5dfec0016c6529b_1657891091~tplv-dmt-logom:tos-useast2a-v-0068/ Frame 3CB9 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-va.tiktokcdn.com/tos-maliva-p-0068/08e0e50b02094bb1b5dfec0016c6529b_1657891091~tplv-dmt-logom:tos-useast2a-v-0068/157fd8849d254f0c88f1f1cf95d939e9.image?x-expires=1659067200&x-signature=A7gStiFB%2Bj8Dm28mpMfpeb7c7z4%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
05100b54e5180c0ce415e00b2152959b21844c28c28f90a24450fdbe876d5b7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4a941
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-tt-trace-id
00-02052c2b10627e5c72a3498606fb04d1-02052c2b10627e5c-01
nw-session-id
202207151321090101890491560797D136wtpst21df
x-powered-by
ImageX
x-cache
TCP_MEM_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
1,23.55.60.21, 9,184.25.50.175
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=338
x-length
78663
content-length
78663
akamai-mon-iucid-del
971653
last-modified
Fri, 15 Jul 2022 13:21:09 GMT
server
nginx
x-tt-logid
202207151321090101890491560797D136
x-response-date
Fri, 15 Jul 2022 13:21:09 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-07-15T13:21:09.775149076Z 333
cache-control
max-age=30379007
x-tt-trace-host
01b8d058f71e4e5d588770d29b850b0eec92595888a48fc23f740e9678a676bae2975a76e6c474676c58bacb47d4627d7f65a11efa3be9e2d352c10acfeb5db7fabb7063171237ff8902a32c20e4e92b7682a5231d1ac40ccf58e519905655f1537afb5e10b5959b5a2b83288ec65329b5ade3a4c4d337baa5cdd3b1aaa89778df
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
da81674bc3e04f1eb24bd706f5d14fc2
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame 3CB9 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/da81674bc3e04f1eb24bd706f5d14fc2?x-expires=1659067200&x-signature=xrC7J%2F3AedB33O%2FUwDhsBQxQ4Eo%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
8b7b4e6c36a5ffea99d4bed38c969c9e1182e27ce076110fb14ccbad670bf5c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4a948
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
nw-session-id
202207270720550102230780221F9A7DCDblk6q21df
x-powered-by
ImageX
x-cache
TCP_MEM_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
3,184.25.50.127
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=78
x-length
38205
content-length
38205
akamai-mon-iucid-del
971653
last-modified
Wed, 27 Jul 2022 07:20:55 GMT
server
nginx
x-tt-logid
202207270720550102230780221F9A7DCD
x-response-date
Wed, 27 Jul 2022 07:20:55 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-07-27T07:20:55.692110478Z 73
cache-control
max-age=31394069
x-origin-response-time
98,23.55.60.4
x-tt-trace-host
016e0cf875ff10980b3c18ffa6cecfb797336ba8577ed2e28883a721c0823359fdf01456218a60cb6fa773991d2c09579650010db2d6c977686516cad5ce53033b35357d500c6c5274eaee0a4e0679ede2285610a91776d9e5383ef000f7c59f7a1408fcf4e59cab561e65c02ee05e748b
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
99a1cc5e4b1d48ec83b322d3be611031
p77-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame 3CB9 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p77-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/99a1cc5e4b1d48ec83b322d3be611031?x-expires=1659067200&x-signature=7HWW05fD5dcI6GKdziG3sL4fKok%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.212 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-212.datapacket.com
Software
CDN77-Turbo / ImageX
Resource Hash
9ce1091f434081607fffc1bd06e2ab1b4cb0ba1e12ed770e07e486507795d2cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 28 Jul 2022 22:46:13 GMT
x-tt-trace-tag
id=00;cdn-cache=miss
age
855
nw-session-id
20220703183011010189073137273828E4schgj21df
x-powered-by
ImageX
x-77-cache
HIT
x-bdcdn-cache-status
TCP_HIT
server-timing
inner; dur=1
x-length
28941
x-77-nzt
AorHJdN4QIr/n9MgAIrHJTHrwov/jFoAAA
content-length
28941
cache-control
max-age=31536000
x-cache-lb
HIT
x-accel-expires
@1688409866
last-modified
Sun, 03 Jul 2022 18:30:11 GMT
server
CDN77-Turbo
x-tt-logid
20220703183011010189073137273828E4
x-response-date
Sun, 03 Jul 2022 18:30:11 GMT
x-77-nzt-ray
nXtdTkmDpTk
content-type
image/jpeg
access-control-allow-origin
*
nw-session-trace
2022-07-03T18:30:11.114449523Z 41
x-age-lb
2151327
x-tt-trace-host
01ebe228526fd99f9c4f4699437a8409a9955f393c8495138f39d10297f1ab5c8f1c42b93ba9bef29bea2e0b4bb4072e60efb00746617a79d1434851f749dbccbb5f9ecc3e87b3745c0a26dd9e7eb809b5bc171ab4bac28b544904e501aa182f47
imagex-fmt
jpeg2jpeg
accept-ranges
bytes
timing-allow-origin
*
43182b05f2b0484fa24972989dc58e72
p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/ Frame 3CB9 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/43182b05f2b0484fa24972989dc58e72?x-expires=1659067200&x-signature=R73NjJb48%2FI16ncNCGwGzTpU5hk%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
4f3b02786fa458f459601675dfd708806f1d47e6337c6d569b9731cbd5c5c126

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4aa6c
date
Thu, 28 Jul 2022 22:46:13 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-tt-trace-id
00-abd65db710628dfb04dcccc6059504d1-abd65db710628dfb-01
nw-session-id
202206281942410102452472022143AEAA7p7r412df
x-powered-by
ImageX
x-cache
TCP_MEM_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
3,184.25.50.188
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=56
x-length
92055
content-length
92055
akamai-mon-iucid-del
971652
last-modified
Tue, 28 Jun 2022 19:42:41 GMT
server
nginx
x-tt-logid
202206281942410102452472022143AEAA
x-response-date
Tue, 28 Jun 2022 19:42:41 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-06-28T19:42:41.608591587Z 52
cache-control
max-age=28933216
x-tt-trace-host
01bb1c005a0ed1181f101212144a3acf11cb814a734039894fa17147fde267a757940e4ea12208d36e83a5952cb3e78c6d040ed38140dde869f139614d005699b8520624880741bf85ea94991ef3461cd4f0df750c27ad66047aa959ba08a81ca7066cc17f2921ab8e72a654bb35d9440112a3075612db52a64ebbd443c04650d1
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
a63c2e88c675481886b966829d83b56f
p77-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame 3CB9 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p77-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/a63c2e88c675481886b966829d83b56f?x-expires=1659067200&x-signature=OZhXWmbmLajRfyJKs%2BhD4XOe1MA%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.212 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-212.datapacket.com
Software
CDN77-Turbo / ImageX
Resource Hash
262f51a18d3ab395244a7e5fe06ed082534e0fa0ac8226d00c72e13f2fe5427a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 28 Jul 2022 22:46:13 GMT
x-tt-trace-tag
id=00;cdn-cache=miss
age
5708
nw-session-id
2022072710223401021713510727CBFD7Atmdmg21df
x-powered-by
ImageX
x-77-cache
HIT
x-bdcdn-cache-status
TCP_HIT
server-timing
inner; dur=2
x-length
32964
x-77-nzt
AorHJdPg3nv/TdcBAIrHJTFATe3/MhIAAA
content-length
32964
cache-control
max-age=31536000
x-cache-lb
HIT
x-accel-expires
@1690459062
last-modified
Wed, 27 Jul 2022 10:22:34 GMT
server
CDN77-Turbo
x-tt-logid
2022072710223401021713510727CBFD7A
x-response-date
Wed, 27 Jul 2022 10:22:34 GMT
x-77-nzt-ray
Sx1ora3kFp4
content-type
image/jpeg
access-control-allow-origin
*
nw-session-trace
2022-07-27T10:22:34.531608986Z 42
x-age-lb
120653
x-tt-trace-host
019809edd2f7f115e85146c6011b9cbf0902ff4475d62db0cc5774cfcfbd01b5a8ad78e1973e4eb6e780421bc62af374071587f35bf66138961378d30293f6a24dc92044e6dc7b462671b5f05c81eb2eaa
imagex-fmt
jpeg2jpeg
accept-ranges
bytes
timing-allow-origin
*
e1d8c29428eb4202b479af58ecbd31d0_1652032580
p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/ Frame 3CB9 		164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/e1d8c29428eb4202b479af58ecbd31d0_1652032580?x-expires=1659067200&x-signature=7MwO3VRVUa0iVRTcCh0GGDqXrt0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
48268c28f60a724e229fa404e299fc0d92f5ab3a01029db685e55ce898774cb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4aa6e
date
Thu, 28 Jul 2022 22:46:13 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-tt-trace-id
00-a4d187311060ca4baa6d57c602bf04d1-a4d187311060ca4b-01
nw-session-id
202205081757140102452472020F0955C0tqs7v12df
x-powered-by
ImageX
x-cache
TCP_MEM_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=48
x-length
167901
content-length
167901
akamai-mon-iucid-del
971652
last-modified
Sun, 08 May 2022 17:57:14 GMT
server
nginx
x-tt-logid
202205081757140102452472020F0955C0
x-response-date
Sun, 08 May 2022 17:57:14 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-05-08T17:57:14.493968883Z 43
cache-control
max-age=24520261
x-tt-trace-host
01b95cd443404df783205088f2de53e05a8edd6cafac83e1c199b104552a446f4b61c6c549185004ade330b85805edb209df2908b6d18053dbae1f72b227706fdb554d6957ffa13ff5756d301a46fc953c174a1818efc507ebd46f8ccdafde2618872b4e2762f3fc061986a3a6a71d49eac7b99d18a76ce4c316089861e6d628ce
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
a4b9265bbb9b4bc884cbbcf4e1b97f4e_1658936687
p16-sign-va.tiktokcdn.com/obj/tos-useast2a-p-0037-aiso/ Frame 3CB9 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-va.tiktokcdn.com/obj/tos-useast2a-p-0037-aiso/a4b9265bbb9b4bc884cbbcf4e1b97f4e_1658936687?x-expires=1659067200&x-signature=mwpghN%2BMVm1xo29R3IMtv1Z8bmc%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
e9b9567c55da41c3725599f898bbf92cec12f14af4febb281cfaf827db22e8d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4a949
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
nw-session-id
20220727160108010223080143013347F8j6hss21df
x-powered-by
ImageX
x-cache
TCP_MEM_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
2,184.51.7.23, 19,184.25.50.159
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=35
x-length
100323
content-length
100323
akamai-mon-iucid-del
971653
last-modified
Wed, 27 Jul 2022 16:01:08 GMT
server
nginx
x-tt-logid
20220727160108010223080143013347F8
x-response-date
Wed, 27 Jul 2022 16:01:08 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-07-27T16:01:08.164288359Z 28
cache-control
max-age=31425393
x-tt-trace-host
01cf57e53cd87fceae0a6f48ed29736e2f6691d19658c98e2a5f436a34a344a3ca96ce12991b41f3d626189e31227e917227325d5c892cc5b7a41d3eb1635034a4773220185a94c265d5a9bdc66b859d937803acb17910c8b75ac69748764dcaf7
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
79ee0dd222a64a999aae2f8565f02f92
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame 3CB9 		200 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/79ee0dd222a64a999aae2f8565f02f92?x-expires=1659067200&x-signature=yWkQ1tBPY5wmWliDP%2FokwVsbj3Y%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
ab3ae0730fb4eae2a42e1ed373179b280252d82903fc224d842a55d62f31687f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4a94a
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-tt-trace-id
00-9c37462c10612b47d9cec686051d04d1-9c37462c10612b47-01
nw-session-id
202206251854360101920511380119D8B8bglgx21df
x-powered-by
ImageX
x-cache
TCP_MEM_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
4,23.204.146.36, 2,184.25.50.135
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=77
x-length
204920
content-length
204920
akamai-mon-iucid-del
971653
last-modified
Sat, 25 Jun 2022 18:54:36 GMT
server
nginx
x-tt-logid
202206251854360101920511380119D8B8
x-response-date
Sat, 25 Jun 2022 18:54:36 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-06-25T18:54:36.928005239Z 70
cache-control
max-age=31327159
x-tt-trace-host
018ab7660d8d316d0952eecbdacbcdc4be688f4f3cf5e8805bad478ed92efca4120e490dba41d130ff18d8d6d6281d20328e933be92e0dee27fa9881b0e41029d6752cdbdcd7da87e840628abda2c85e6b92177c210749a1192cf1f29c9b588f85d3eb3b72ae02f8933c612b9736165d31b8e5293e42823379dda3a4a2882c301d
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
5b2165fbd0c044b18580597889445fae.image
p77-sign-va-lite.tiktokcdn.com/tos-maliva-p-0068/04e3559d05fe4f8c9467635f2bfc79ac_1655304307~tplv-dmt-logom:tos-useast2a-v-0068/ Frame 3CB9 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p77-sign-va-lite.tiktokcdn.com/tos-maliva-p-0068/04e3559d05fe4f8c9467635f2bfc79ac_1655304307~tplv-dmt-logom:tos-useast2a-v-0068/5b2165fbd0c044b18580597889445fae.image?x-expires=1659067200&x-signature=uZ32oUKAn4q9ZFSGncz9UIYnEBU%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.15.75 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-180-15-75.datapacket.com
Software
CDN77-Turbo / ImageX
Resource Hash
69b4affdd8a472bbeb594a9ed02d851c1b3ff5e4b9e970ab1e581fc9f6a11eb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-77-pop
pragueCZ
date
Thu, 28 Jul 2022 22:46:13 GMT
x-tt-trace-tag
id=00;cdn-cache=miss
age
39
nw-session-id
2022061514455001022301608708CC755Dwg79b21df
x-powered-by
ImageX
x-77-cache
HIT
x-bdcdn-cache-status
TCP_HIT
server-timing
inner; dur=2
x-length
175720
x-77-nzt
Ai2ImBm+i0X/uR05AIrHJS7DRbL/NwMAAA
content-length
175720
cache-control
max-age=31536000
x-cache-lb
HIT
x-accel-expires
@1686840389
last-modified
Wed, 15 Jun 2022 14:45:50 GMT
server
CDN77-Turbo
x-tt-logid
2022061514455001022301608708CC755D
x-response-date
Wed, 15 Jun 2022 14:45:50 GMT
x-77-nzt-ray
300oOZ7DbYA
content-type
image/jpeg
access-control-allow-origin
*
nw-session-trace
2022-06-15T14:45:50.661263825Z 330
x-age-lb
3743161
x-tt-trace-host
016ef645f3c6932e3f587213540c6ed0156e380d388249bae468665f210524ecb01a49234a53ce37abc90097920a3192e12776579b7840810bacc4ca340d3b597d6187a22f4ba0cd46bed3a43221f41bd70147ff7cbd4c05f4e3f7f2852a12971b
imagex-fmt
jpeg2jpeg
accept-ranges
bytes
timing-allow-origin
*
ba30871ce0a84096a910067411608605_1654202555
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame 3CB9 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ba30871ce0a84096a910067411608605_1654202555?x-expires=1659067200&x-signature=gfiHhy3HZUZUzxcc9PGBmLNWibA%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
e050f94a04f665a5f212fb4c9bada24a0ca3672fc0dbf6ad6f3e84438ba590a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4a94b
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-tt-trace-id
00-3541780b10615a1454b99746068f04d1-3541780b10615a14-01
nw-session-id
2022060519045301019205113824704C65wfsh721df
x-powered-by
ImageX
x-cache
TCP_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
4,184.51.7.5
server-timing
cdn-cache; desc=HIT, edge; dur=3, inner; dur=125
x-length
52746
content-length
52746
akamai-mon-iucid-del
971653
last-modified
Sun, 05 Jun 2022 19:04:53 GMT
server
nginx
x-tt-logid
2022060519045301019205113824704C65
x-response-date
Sun, 05 Jun 2022 19:04:53 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-06-05T19:04:53.389852404Z 120
cache-control
max-age=30722204
x-tt-trace-host
01132123046639e1a865a0ffec0b65a65c904d06ae1c1c1ed96a1716ea92b70c4e33f35f847c96da9523877a39b6b479664d12be319d29d25b0231d5e705bc8b7a2365ac6040051d1252a4c34397f45458521915af7288be86b599b95d7145069f
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
51417419a6264872bdcddc146b0f6a09
p77-sign-va-lite.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame 3CB9 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p77-sign-va-lite.tiktokcdn.com/obj/tos-maliva-p-0068/51417419a6264872bdcddc146b0f6a09?x-expires=1659067200&x-signature=RUkenIlSNLbFCBrha6qeuANUXTQ%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.15.75 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-180-15-75.datapacket.com
Software
CDN77-Turbo / ImageX
Resource Hash
5d15e998987f4f222ddda560f88e076c5d279cb066720ff781f04f53efe116a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-77-pop
pragueCZ
date
Thu, 28 Jul 2022 22:46:13 GMT
x-tt-trace-tag
id=00;cdn-cache=miss
x-tt-trace-id
00-22b993511062b1a274c71886060904d1-22b993511062b1a2-01
age
976
nw-session-id
20220721212947010192060170077D59C6f7ghf21df
x-powered-by
ImageX
x-77-cache
HIT
x-bdcdn-cache-status
TCP_HIT
server-timing
inner; dur=1
x-length
55790
x-77-nzt
Ai2ImBn/wZT/LrUHANRmONxSXM//bJMBAA
content-length
55790
cache-control
max-age=31536000
x-cache-lb
HIT
x-accel-expires
@1689975963
last-modified
Thu, 21 Jul 2022 21:29:48 GMT
server
CDN77-Turbo
x-tt-logid
20220721212947010192060170077D59C6
x-response-date
Thu, 21 Jul 2022 21:29:48 GMT
x-77-nzt-ray
7J/WeF7AYSQ
content-type
image/jpeg
access-control-allow-origin
*
nw-session-trace
2022-07-21T21:29:48.035372983Z 37
x-age-lb
505134
x-tt-trace-host
01f757fd9124d16f0446d248ac9ecf41af742dbea9f619571fd8070b8d273ec0c977cce0cb61139e26064d2fa358e9a367b443c5f93e4cf1d77d8501801c64e23ee668513e7f3a156750529d7145a7115e
imagex-fmt
jpeg2jpeg
accept-ranges
bytes
timing-allow-origin
*
1716b74da707429c8f1de72b240eb41c_1658848361
p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/ Frame 3CB9 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/1716b74da707429c8f1de72b240eb41c_1658848361?x-expires=1659067200&x-signature=8E%2B27%2Fgwi6ETMNYNDMQKbV82smk%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
aa80a131bdc128102cb56862c818c812a0ca4e0e3b9600667fe917f261dc8116

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4aa71
date
Thu, 28 Jul 2022 22:46:13 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-tt-trace-id
00-3b2a25cb105fe6092e9dc646062504d1-3b2a25cb105fe609-01
nw-session-id
202207261536180102510092090866CEC5vs9cl12df
x-powered-by
ImageX
x-cache
TCP_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
server-timing
cdn-cache; desc=HIT, edge; dur=2, inner; dur=49
x-length
88833
content-length
88833
akamai-mon-iucid-del
971652
last-modified
Tue, 26 Jul 2022 15:36:18 GMT
server
nginx
x-tt-logid
202207261536180102510092090866CEC5
x-response-date
Tue, 26 Jul 2022 15:36:18 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-07-26T15:36:18.823492731Z 42
cache-control
max-age=31337369
x-tt-trace-host
014599e819fcb09660c11c9ab81e638d91a7dcf218ff346f2386d0a18f5d2076a246ab3fc238ded31a5edff49f0d6458654292e88bd71e4bfa151c1dce599b0596f503522607984d1470e0f229c1249b5f38a5e78840f0fa96da7a2ba76ba6bfb0faabc2594feac29b313bd86637c2789a
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
323b54e4e82f41be83001022b7a9f676
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame 3CB9 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/323b54e4e82f41be83001022b7a9f676?x-expires=1659067200&x-signature=AxYvG1iD9F5mTR%2FRdsTcw2X5Twg%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
135bfc70ba3a04297314445e43cc8f446089cf9201532d33654d4bf5c517494b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4a94e
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-tt-trace-id
00-34817a2d1061c4ced5984106068704d1-34817a2d1061c4ce-01
nw-session-id
202206051535100101902091021EAEDC042vbqq21df
x-powered-by
ImageX
x-cache
TCP_MEM_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
2,184.25.50.189
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=75
x-length
102421
content-length
102421
akamai-mon-iucid-del
971653
last-modified
Sun, 05 Jun 2022 15:35:10 GMT
server
nginx
x-tt-logid
202206051535100101902091021EAEDC04
x-response-date
Sun, 05 Jun 2022 15:35:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-06-05T15:35:10.090756597Z 66
cache-control
max-age=26930965
x-origin-response-time
101,23.55.60.4
x-tt-trace-host
0179fee991d9974f761bd4749a5efbc260b771379e3028b4ce9b9d78af4c38b3cfa27011da61088d7047a5e091d8a5a79ceba4fef835f5343d0a197eac59eb638076c05e49a093572ec469268f4bf8ab342bc9fb200052a042ac519e8f18ee32b9ad5537910fe4f474ee3c019dccf28357
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
b98cbb4ec67646ff8569c623b8da57a0
p77-sign-va-lite.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame 3CB9 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p77-sign-va-lite.tiktokcdn.com/obj/tos-maliva-p-0068/b98cbb4ec67646ff8569c623b8da57a0?x-expires=1659067200&x-signature=%2BIBD7%2FvrF4ePSDiQT9HdmBG5D1Y%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.15.75 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-180-15-75.datapacket.com
Software
CDN77-Turbo / ImageX
Resource Hash
27f40d313a719902a7443359baedc0195cbe87e8b1c9493f246346f196f53504

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-77-pop
pragueCZ
date
Thu, 28 Jul 2022 22:46:13 GMT
x-tt-trace-tag
id=00;cdn-cache=miss
x-tt-trace-id
00-bd6faea1105fe38f67bf9486062c04d1-bd6faea1105fe38f-01
nw-session-id
20220513124054010189073152140272A6khfq921df
x-powered-by
ImageX
x-77-cache
HIT
x-bdcdn-cache-status
TCP_MISS
server-timing
inner; dur=51
x-length
44091
x-77-nzt
Ai2ImBn7AkX/rlNkAIrHJS4b8zD/MWwAAA
content-length
44091
cache-control
max-age=31536000
x-cache-lb
HIT
x-accel-expires
@1683981654
last-modified
Fri, 13 May 2022 12:40:54 GMT
server
CDN77-Turbo
x-tt-logid
20220513124054010189073152140272A6
x-response-date
Fri, 13 May 2022 12:40:54 GMT
x-77-nzt-ray
PWSmiC1Xvmg
content-type
image/jpeg
access-control-allow-origin
*
nw-session-trace
2022-05-13T12:40:54.414032289Z 47
x-age-lb
6575022
x-tt-trace-host
01c1561f56490fc7c34798ae4258a57372945557c91aa408f581f0cc1bcc4790cdfe42543ce1ebd5623b277a4bfbaf7e68bf28c2540ff71203a51d3c902c59d36a5b748457e268bfda550f8e860182caaa4b8889b8ac195fa66c20602b1d963385a33104becdf8d35448bbb513a6f41ea9068e4f6353a8ef7c7732d0fb7edd5e6d
imagex-fmt
jpeg2jpeg
accept-ranges
bytes
timing-allow-origin
*
78b5d638e89343c0be98f2bcd1681ae6
p16-sign-va.tiktokcdn.com/obj/tos-useast2a-p-0037-aiso/ Frame 3CB9 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-va.tiktokcdn.com/obj/tos-useast2a-p-0037-aiso/78b5d638e89343c0be98f2bcd1681ae6?x-expires=1659067200&x-signature=JRe4xj3tQFPR6YpaUhUKFQ53KRI%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
2aa14847a30c54f6c97786c6b1fc19b236278c181ac02f87d51c2ab67ccace74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4a94f
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
nw-session-id
202207201040520101901851591317D968x279v21df
x-powered-by
ImageX
x-cache
TCP_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache; desc=HIT, edge; dur=2, inner; dur=8
x-length
41561
content-length
41561
akamai-mon-iucid-del
971653
last-modified
Wed, 20 Jul 2022 10:40:52 GMT
server
nginx
x-tt-logid
202207201040520101901851591317D968
x-response-date
Wed, 20 Jul 2022 10:40:52 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-07-20T10:40:52.574469823Z 26
cache-control
max-age=30801331
x-tt-trace-host
01497452d3caeacd1b3d38fb5418845582003db79766f4f9c8ebd0cfa43414cac2733f04f828314779b828a1e7138c6d7f14210fb8d190b60d5f72924671e3e43cbe564e7ac64bbd8b02672833bed529b0948aca2c72d24c17dd8f0d2cd6c54e4cd13556a37e5c8cebd34374babfddb8d8
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
1a4a2da5fd7a4f35b36323073b000c2b
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame 3CB9 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/1a4a2da5fd7a4f35b36323073b000c2b?x-expires=1659067200&x-signature=miwiSyUAkBLpwaAdFzMFJAdtYkQ%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
2d0645b348425a90d144d4af16b422ff7a4b049339103b8ed4bc60ec9608fa51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4a951
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
nw-session-id
2022051908354101019020910201E9783Asmsds21df
x-powered-by
ImageX
x-cache
TCP_MEM_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
2,184.51.7.5
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=68
x-length
47130
content-length
47130
akamai-mon-iucid-del
971653
last-modified
Thu, 19 May 2022 08:35:41 GMT
server
nginx
x-tt-logid
2022051908354101019020910201E9783A
x-response-date
Thu, 19 May 2022 08:35:41 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-05-19T08:35:41.851341715Z 64
cache-control
max-age=25436878
x-tt-trace-host
012c158559d49f5c05b6f6149d54f3265b05035fbd4657da1d9dbb6a692a4491437d776607a07c1b73b45b502215d73b423f4b7f9f99f221008647b1ee06fdc5ddb884cf094ec16f49172e946e2b4f916a439a6d6206a74d333de7936bbbd3b31fe2cf29833b74ab83da98f172a3732767f27428a9a460ba323e311759d9aac5b2
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
b8916499447c44e0a23a7602130f4daf_1651748548
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame 3CB9 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/b8916499447c44e0a23a7602130f4daf_1651748548?x-expires=1659067200&x-signature=TQ7kyzIaoVOCVTiI83vSWQjOOEk%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
d023ea2c48826bcb41d3dd51abbc66cab36a97cf2f6c2cfb482faaf7eab6cba0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4a954
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-tt-trace-id
00-ae47592910609182f415d006010604d1-ae47592910609182-01
nw-session-id
20220627164714010190209102087646E9s7qxr21df
x-powered-by
ImageX
x-cache
TCP_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-parent-response-time
3,184.25.50.164
server-timing
cdn-cache; desc=HIT, edge; dur=3, inner; dur=1
x-length
98702
content-length
98702
akamai-mon-iucid-del
971653
last-modified
Mon, 27 Jun 2022 16:47:14 GMT
server
nginx
x-tt-logid
20220627164714010190209102087646E9
x-response-date
Mon, 27 Jun 2022 16:47:14 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-06-27T16:47:14.39523532Z 82
cache-control
max-age=28835869
x-origin-response-time
66,72.246.244.29
x-tt-trace-host
011f4db731c0b7b66f99d0e9a85eda704666a38b55a3ba12a5a0f7a544105718d37d08846d062f755fcd94040d481eec4048dff3fea4019512b3f1df93e18aaf5f5ec94bf836095c43ee1fef4fc523414e414b9d13cc5db904f5c169d72f3d0ef48a826de8b546e91e737a4089f401825b505e324d81c032de6473a94dfb39d136
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
e71413efc13b4c068b53587bfb7b9754_1655924402
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame 3CB9 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/e71413efc13b4c068b53587bfb7b9754_1655924402?x-expires=1659067200&x-signature=qMSX7H8d8oYYSfPqzMasNfyRCE8%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
bbd7327b73d3c0623ccb28619f7cf36ff06b86ab6a02170c42edffb0ea3824ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4a956
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-tt-trace-id
00-8ccc7e4c10615da5cd1e8706069d04d1-8ccc7e4c10615da5-01
nw-session-id
202206221902160101901921430A153237zzz9521df
x-powered-by
ImageX
x-cache
TCP_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-parent-response-time
3,72.246.244.63, 2,184.25.50.135
server-timing
cdn-cache; desc=HIT, edge; dur=2, inner; dur=2
x-length
93072
content-length
93072
akamai-mon-iucid-del
971653
last-modified
Wed, 22 Jun 2022 19:02:16 GMT
server
nginx
x-tt-logid
202206221902160101901921430A153237
x-response-date
Wed, 22 Jun 2022 19:02:16 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-06-22T19:02:16.95134792Z 37
cache-control
max-age=28412151
x-tt-trace-host
011a7df6777ff2012ab3c0bcf9ae562cb556a15536f08aec81aaacbaaa8256cdeb2a44d8b1793b28d5d4f8d84bbbbd8fa97dcb280e1877967760a11f798c681ac2f9e364ee01c87e85bbf7756dcefbc91ca2ce5a802f8ccb8576582457142119dd92395cf6df36692a61fa5435834965b2420ad065f19aaab757be71e26618e14a
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
a354ce6d65a7465c9db3435e96204fcc
p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/ Frame 3CB9 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/a354ce6d65a7465c9db3435e96204fcc?x-expires=1659067200&x-signature=36BmrB4H5pUkwgZQF6CIh0%2BfrkM%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
1226c684992eee17005b73b860b9b75d2ae9b030f0166ff57549ec07c3c9b83b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4aa73
date
Thu, 28 Jul 2022 22:46:13 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-tt-trace-id
00-0647c94210618e7d8a4d06c602c504d1-0647c94210618e7d-01
nw-session-id
202207160912240102510092091EFDD202kqsgb12df
x-powered-by
ImageX
x-cache
TCP_MEM_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
9,23.192.44.214, 5,184.25.50.132
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=47
x-length
43133
content-length
43133
akamai-mon-iucid-del
971652
last-modified
Sat, 16 Jul 2022 09:12:24 GMT
server
nginx
x-tt-logid
202207160912240102510092091EFDD202
x-response-date
Sat, 16 Jul 2022 09:12:24 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-07-16T09:12:24.304774529Z 42
cache-control
max-age=30450283
x-tt-trace-host
01b7d95466a89025fb29a31566a4c5c1de0a732a215e413ddb4785e2d2bd3aaba88fe75aea3f453adb6170fb79b06618be30309d8a09929ec70506048b14fa2665c3c0cfbc4f93a035090b04ab5b9db20686231c2ca74cc2bf793ce37afd6aa23fdc3418da9496add2072d8195f878c384
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
59868642cf90444babb674419c2d869e.image
p16-sign-va.tiktokcdn.com/tos-maliva-p-0068/3def89dd1f6e46339bc6282063226256_1658940017~tplv-dmt-logom:tos-useast2a-v-0068/ Frame 3CB9 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-va.tiktokcdn.com/tos-maliva-p-0068/3def89dd1f6e46339bc6282063226256_1658940017~tplv-dmt-logom:tos-useast2a-v-0068/59868642cf90444babb674419c2d869e.image?x-expires=1659067200&x-signature=yQiZsS0RLkhsKQBukeT5Tgr557E%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
aa6d867761a972d5c92de15d7674b88db8189fd9abc1e85d42d83f836c6eb112

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4a957
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
nw-session-id
20220727164231010190185159004A49CCtnw5j21df
x-powered-by
ImageX
x-cache
TCP_MEM_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
5,184.25.50.150
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=263
x-length
131590
content-length
131590
akamai-mon-iucid-del
971653
last-modified
Wed, 27 Jul 2022 16:42:31 GMT
server
nginx
x-tt-logid
20220727164231010190185159004A49CC
x-response-date
Wed, 27 Jul 2022 16:42:31 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-07-27T16:42:31.31085361Z 255
cache-control
max-age=31427718
x-origin-response-time
280,23.55.60.31
x-tt-trace-host
016b94fb89b66fa6c98f6d6223870200dde66c8cf37f93a628a1f5b16d9c825aece87b0f2a32e8e7cfdbb0df6285b1eb703fe2547511594172e01999329611c00b3c8f4235b9d07260699fff5ef0c9ca09ee2f46e9292cd56a2aafbff1a1ff24a37d95290bfee1ff28f176296976dcfa2f
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
c79c0c0cfca5495abe3376902f150269_1658866451
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame 3CB9 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/c79c0c0cfca5495abe3376902f150269_1658866451?x-expires=1659067200&x-signature=hd8WLfNchCxu%2BIp%2BupsCKqPp3R4%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-36.deploy.static.akamaitechnologies.com
Software
nginx / ImageX
Resource Hash
203974e073dcc303782d44e1a4e4c6df0efc389e0e0787c0519f6615b64435ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
14b4a95c
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-tt-trace-id
00-3c3435d3105fd60e61341306011204d1-3c3435d3105fd60e-01
nw-session-id
2022072620303001019205116213FA09F1gd9gb21df
x-powered-by
ImageX
x-cache
TCP_MEM_HIT from a23-54-207-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
3,184.25.50.156
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=56
x-length
114357
content-length
114357
akamai-mon-iucid-del
971653
last-modified
Tue, 26 Jul 2022 20:30:30 GMT
server
nginx
x-tt-logid
2022072620303001019205116213FA09F1
x-response-date
Tue, 26 Jul 2022 20:30:30 GMT
content-type
image/jpeg
access-control-allow-origin
*
x-check-cacheable
YES
nw-session-trace
2022-07-26T20:30:30.729965581Z 48
cache-control
max-age=31355086
x-origin-response-time
122,72.246.244.52
x-tt-trace-host
01a1511b7e507ade3f366b5c952464376751c41bf9e7231e8ea704d1d09382088bf81458cb27dc6085da36cedd9a6d5a2afb63dff6f476cd95ca3f756fb178a04532bad37cae1fccb8103e15114246ba7380e4047df10fa0934ebcedc866ee86a78f3d56320be3c6ae8fd4a8ab2fc12e71
imagex-fmt
jpeg2jpeg
timing-allow-origin
*
img-embed-previous-ad15e871ecc7afadf24624d1f5681da5.svg
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/images/ Frame 3CB9 		576 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-us/embed/static/images/img-embed-previous-ad15e871ecc7afadf24624d1f5681da5.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-142.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6793fa2f8d1a76e1ff51f8a83ecf5aa7ebbdc5f422196c1cdcda31f496d4d41e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-akamai-request-id
168526
date
Thu, 28 Jul 2022 22:46:12 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
rRXocezHr63yRiTR9WgdpQ==
x-cache
TCP_MEM_HIT from a2-18-78-142.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
Standard
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length
576
x-tos-request-id
58e9b7be15dda525-abf2928
x-tos-response-time
Thu, 30 Jun 2022 21:30:05 GMT
last-modified
Wed, 29 Jun 2022 01:42:40 GMT
server
nginx
etag
"ad15e871ecc7afadf24624d1f5681da5"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=2387960
access-control-allow-credentials
false
x-tt-trace-host
01cec2077f600c4bb884ad7615752a260894be96fe3c5cd0b0a7e045765afc9a2dea311ea9ae192b244f89c20dc983488c46949a6fe0cff4955ceff6d1515307da3000618ed71d48954c21875db60e23b6d8db6fc1df01f7fd438d838d63a3c3a7b8617e9112f6c10379e03d9be4c91ac8faa6839d2b502bdfc7cff16959ae85ca
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B82C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
14574
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 18:43:18 GMT
expires
Fri, 28 Jul 2023 18:43:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 62B1 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c221b46bd2d3a7a59e2ea0e6e6d7cd9b778ce03598c38aaa9319c00a913f396f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_8IOxrAfKzvKIZbUm3979w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-_8IOxrAfKzvKIZbUm3979w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:12 GMT
expires
Thu, 28 Jul 2022 22:46:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1664557150447512
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1664557150447512?v=2.9.66&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
82b2f730d5f636388ba5bc4a3f3e5b5116b27939b64b26b60e793cee94dc73f0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
sCO2FNMS05WOzQeUsicp6iHUdJipwoXAJGpzVvEPjXgsAc0NW9M3qa53R0qzAjZMmhDqtyxqv8/GAgtFGw/DHQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 28 Jul 2022 22:46:13 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1659048373219
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 3CB9 		0
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_browser/collect/batch/
Requested by
Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.144 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

x-akamai-request-id
4b0f02ec.94b23b
date
Thu, 28 Jul 2022 22:46:13 GMT
x-cache-remote
TCP_MISS from a23-223-34-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-18-78-144.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
106,2.18.78.144
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=13, inner; dur=5
server
nginx
x-tt-logid
20220728224613010192162130199C2B85
access-control-max-age
600
access-control-allow-methods
POST, OPTIONS, GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-origin-response-time
13,23.223.34.36
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a61c67eb26dac760f4498635010ff9eb3752182df7b7ba87d6d4502c11e9f5771d5f5e0419502d04c144bdb7dbc2a7e41249a8134ce2d38e3e094b13c309eb776d8d2cd1499e4c1ed43b2135f11538718f
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
/
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_browser/collect/batch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.144 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods
POST, OPTIONS, GET
access-control-allow-origin
*
access-control-max-age
600
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:13 GMT
server
nginx
server-timing
cdn-cache; desc=MISS, edge; dur=97, origin; dur=15 inner; dur=3
x-akamai-request-id
20910de0.94b1c5
x-cache
TCP_MISS from a2-18-78-144.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-cache-remote
TCP_MISS from a23-223-34-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-origin-response-time
15,23.223.34.13
x-parent-response-time
111,2.18.78.144
x-tt-logid
20220728224612010190219224119ED862
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a61c67eb26dac760f4498635010ff9eb37a6a4603359c9f29654dd6a03a3d52e5bf61c9ebc573355d48f041452d58adfa425fd779948ac5f9066b3934b312d1a219e550accbde2abca0c9d80786f93a427
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
/
mon-va.byteoversea.com/log/sentry/v2/api/slardar/batch/ Frame 3CB9 		0
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/log/sentry/v2/api/slardar/batch/
Requested by
Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.144 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

x-akamai-request-id
4b2c6f3d.94b22a
date
Thu, 28 Jul 2022 22:46:13 GMT
x-cache-remote
TCP_MISS from a23-223-34-36.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-18-78-144.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
152,2.18.78.144
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=57, inner; dur=3
server
nginx
x-tt-logid
20220728224613010217135037129D834A
access-control-max-age
600
access-control-allow-methods
POST, OPTIONS, GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-origin-response-time
57,23.223.34.36
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a61c67eb26dac760f4498635010ff9eb3752182df7b7ba87d6d4502c11e9f5771dcc1a2feac45158e8901dcd6b4b9b588a5ede54188ad7afe8cc174226ac7636d8f3a399f331015c1abc1a4ea6cf8392a7
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
/
mon-va.byteoversea.com/log/sentry/v2/api/slardar/batch/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/log/sentry/v2/api/slardar/batch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.144 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods
POST, OPTIONS, GET
access-control-allow-origin
*
access-control-max-age
600
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:13 GMT
server
nginx
server-timing
cdn-cache; desc=MISS, edge; dur=98, origin; dur=9 inner; dur=3
x-akamai-request-id
177ef8bd.94b1c6
x-cache
TCP_MISS from a2-18-78-144.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-cache-remote
TCP_MISS from a23-223-34-32.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-origin-response-time
9,23.223.34.32
x-parent-response-time
107,2.18.78.144
x-tt-logid
20220728224612010192063043159D7E42
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a61c67eb26dac760f4498635010ff9eb37a87a83db00280392385a5e0014a495ebc514875197379581576c5eaed56651e99e3d697ef78acfeaed9559cda4b6278ed15de2c82aab1baad23b9b5acefd9669
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
pagead2.googlesyndication.com/bg/ Frame B82C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 17:09:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
20191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13883
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jul 2023 17:09:41 GMT
249.js
cdn.keywee.co/config/ 		230 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/config/249.js
Requested by
Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:9600:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9e54757a1979dd79e708c8f259229b2f8ac1147b779c17f241ef8a13b49222d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 07:57:00 GMT
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
last-modified
Wed, 24 Jun 2020 14:09:47 GMT
server
AmazonS3
age
53353
etag
"1afd1847ee08cd0f843dbe899912f4be"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P6
content-length
230
x-amz-cf-id
we0SAXZ3eEB9l_l9oZwiUfZ3ttxpCNe9EUVGx05kUGUVd2PEAi1CAQ==
sodar
pagead2.googlesyndication.com/pagead/ Frame 62B1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022072102&jk=584182728860691&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
sp-2.9.1.js
cdn.keywee.co/dist/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/dist/sp-2.9.1.js
Requested by
Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:9600:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 01:15:37 GMT
content-encoding
gzip
last-modified
Sun, 14 Oct 2018 12:37:03 GMT
server
AmazonS3
age
16493436
etag
W/"e0e6c30dc2f18c8cee12448a4cbb07eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
3hhyDahydXgQQfD9ZvJUTrPBnk6bx8zXQhlNd2o7dkbngXvGCQjHeQ==
i
pixel.keywee.co/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.keywee.co/i?stm=1659048373028&e=pv&url=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&page=A%20Genius%20Spice%20Jar%20Hack%20to%20Unclog%20It%20*Without*%20Shaking%20%7C%20Well%2BGood&tv=js-2.9.1&tna=cf&aid=249&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&f_passive=1&f_wheel=wheel&eid=b1f8c767-b64b-4eea-900f-1ed2cb540e38&dtm=1659048373027&vp=1600x1200&ds=1600x6982&vid=1&sid=2ff65a1a-efe6-4535-8fc1-79bc73c3b560&duid=4ebf7966-9f26-46ff-9ec5-48e5a48e980f&fp=2140059099
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.193.4.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-4-201.compute-1.amazonaws.com
Software
nginx/1.21.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

status
200 OK
date
Thu, 28 Jul 2022 22:46:13 GMT
x-content-type-options
nosniff
server
nginx/1.21.3
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
generate_204
tpc.googlesyndication.com/ Frame B82C 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gDs_fA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
track
web.chtbl.com/ 		49 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.chtbl.com/track
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4400:0:cc59:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
uvicorn /
Resource Hash
bb30148d9df7671c14f2cd5be91e6b7a1488932efb740a80b66f39052744c168

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type
application/json;charset=UTF-8

Response headers

date
Thu, 28 Jul 2022 22:46:13 GMT
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
server
uvicorn
x-amz-cf-pop
FRA60-P2
vary
Origin
access-control-allow-methods
OPTIONS,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-headers
*
content-length
49
x-amz-cf-id
iV7I6FcUJm1GVMLlgCEmyS8vvUl5eKbpkIaAfU3Cp449LxifC1C7Fw==
track
web.chtbl.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://web.chtbl.com/track
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4400:0:cc59:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
uvicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.wellandgood.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
49
content-type
application/json
date
Thu, 28 Jul 2022 22:46:13 GMT
server
uvicorn
vary
Origin
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
x-amz-cf-id
3dRd5jn4U6Y8Us-HPMVqEJOXkRhbOcHQEUHjfDfP76z6Uen3ypqXUw==
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
main.c99cd143.js
s.pinimg.com/ct/lib/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.c99cd143.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:182::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d6bc239a6993be3a5ed13249ff2d27e4e3bc80a30bbd6df2ff92b4db0ad1d996

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
gzip
x-cdn
akamai
etag
"a05548af4f747ef476e354fcd30947ce"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18448
access-control-expose-headers
X-CDN
i.png
trx-hub.com/i/m/ 		128 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DZQOAdCmoCBYeXkSIMjzYkobISksbQBaACt0MLMtAGsbAH5eCEpYQ2NqAF4pfmoURBQAMhS0mmxeSiyhAE95UMgsRBwS1NhNMEplLDwcasRNLDABVrT-HAg5CCyAMVxh0fVqaCqcRubhkApoanhlnehTLfAoOCRUdGx8URIAXQpNXiEIANgaOkUQTQEsKfV2HSEEAAJgADMDgWFQQB2MLAgAcABUIYQACwANkIAEYAMyOUHwnEALWOylU-wgAkBIAAggACADiciwTzpAGUQto6QApdB0gAS8TpLzpAFUcN9EHg6QBJCB0gBUAHUsBAzEYIAr2bE4pw6QAfOlK1wCADUDO8CgoWCwCiBNowWPRAFYAJyg1GE6E4gk4+AAIywx2oADc-hAarJTOwpDshEImjhjo9ngFlrBbaYqWB4HhoEYpO0wM7qKDYC43F4fMnbVIsVnqDm8wWiyXQTWMFJgaYKwIqwoSEA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 19:36:08 GMT
via
1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:25 GMT
server
AmazonS3
age
11406
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
128
x-amz-cf-id
8Mj8PoCYK8glcM_v-OkR_CFmI1KsiYk0OYpTXFXaMpKS3CTIU6eSwA==
/
ct.pinterest.com/user/ 		484 B
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2613727015104&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1659048373225
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.208 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0a00d5c9c8368a6afbac094dbaa312c0f75fe445f57aeb23bcda10a34c058698
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:13 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.3f730617.1659048373.2d91b2ed
x-envoy-upstream-service-time
3
x-pinterest-rid
5593083358410564
pin-unauth
dWlkPU9UZGxPRGN4WVdFdE9UQTBZUzAwT0dKbExXRXlabVl0WlRjM05UazFaamhrTTJOaQ
access-control-allow-origin
https://www.wellandgood.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
351
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2613727015104&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c99cd143%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1659048373227
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.208 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-208.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:13 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.3f730617.1659048373.2d91b2ef
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
3811347622614644
expires
Sat, 01 Jan 2000 00:00:00 GMT
2010742729008108
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2010742729008108?v=2.9.66&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
28d9a46b2b2ce888fbe96f45861ae673bbe0fc49d192f56917ab504268a803ff
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
V5mp5eRmQPyUzydxS7KjiZESel0TITuJ/S6kYDFWY/DxIMuzb0Bh5DpuDVhFgJ9ExU7UHlN51r8qpyuNIwW0JQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 28 Jul 2022 22:46:13 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1659048373483
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1664557150447512&ev=PageView&dl=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&rl=&if=false&ts=1659048373280&cd[content_category]=healthy_cooking&sw=1600&sh=1200&v=2.9.66&r=stable&ec=0&o=30&fbp=fb.1.1659048373279.635085459&it=1659048372882&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:13 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 28 Jul 2022 22:46:13 GMT
1071257452930085
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1071257452930085?v=2.9.66&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aad11480c148676ac14f5e1b83621f23c8e8d5f479bf07a2fd68a8e19a8b54de
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
2bdPmceP+XkYcOG+MJFhf6w42vx87Z5x7PHwZygPNcJ0XfS2og5s+6Sj8LcIYPWzEJvokB9of9Knx+jkO6gs/A==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 28 Jul 2022 22:46:13 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1659048373853
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2010742729008108&ev=PageView&dl=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&rl=&if=false&ts=1659048373540&cd[content_category]=healthy_cooking&sw=1600&sh=1200&v=2.9.66&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1659048373279.635085459&it=1659048372882&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:13 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 28 Jul 2022 22:46:13 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1071257452930085&ev=KWCEPV&dl=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&rl=&if=false&ts=1659048373906&cd[noad30]=1&cd[noadcm]=1&cd[nokart]=0&cd[pvps]=1&cd[slensec]=0&cd[ar30d]=1&cd[arcm]=1&cd[kar30d]=0&cd[karcm]=0&cd[ts30d]=0&cd[tscm]=0&cd[kru]=0&sw=1600&sh=1200&v=2.9.66&r=stable&ec=0&o=30&fbp=fb.1.1659048373279.635085459&it=1659048372882&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=2&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:13 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 28 Jul 2022 22:46:13 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1071257452930085&ev=PageView&dl=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&rl=&if=false&ts=1659048373907&sw=1600&sh=1200&v=2.9.66&r=stable&ec=1&o=30&fbp=fb.1.1659048373279.635085459&it=1659048372882&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:13 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 28 Jul 2022 22:46:13 GMT
/
www.facebook.com/tr/ Frame F1B9 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.wellandgood.com
Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.wellandgood.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:13 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 3CB9 		0
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_browser/collect/batch/
Requested by
Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.144 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

x-akamai-request-id
4a39499d.94b490
date
Thu, 28 Jul 2022 22:46:14 GMT
x-cache-remote
TCP_MISS from a23-223-34-18.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-18-78-144.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
111,2.18.78.144
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=MISS, edge; dur=97, origin; dur=14, inner; dur=3
server
nginx
x-tt-logid
20220728224614010192043200279D5105
access-control-max-age
600
access-control-allow-methods
POST, OPTIONS, GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-origin-response-time
15,23.223.34.18
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a61c67eb26dac760f4498635010ff9eb378a21d93388f98106afaf06fb210d4470261c9a7dc0953f5fa92550104337026fc720851e01bd359267cca9f126c16acbc2f6af8ed778ed8e457788ebefe3c4ce
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
/
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_browser/collect/batch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.144 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods
POST, OPTIONS, GET
access-control-allow-origin
*
access-control-max-age
600
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:14 GMT
server
nginx
server-timing
cdn-cache; desc=MISS, edge; dur=105, origin; dur=12 inner; dur=3
x-akamai-request-id
1c0b9d3d.94b422
x-cache
TCP_MISS from a2-18-78-144.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-cache-remote
TCP_MISS from a23-223-34-15.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-origin-response-time
13,23.223.34.15
x-parent-response-time
117,2.18.78.144
x-tt-logid
20220728224614010192043198109F9710
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a61c67eb26dac760f4498635010ff9eb374322aba78c0b89ea2827b8f03352960d84676e163b7803e4e3dbee06087d51eb760c865fdff6d675d943bd5f03535c7d1b596a36c458cec5780bcd4b408cf2a4
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
/
mon-va.byteoversea.com/log/sentry/v2/api/slardar/batch/ Frame 3CB9 		0
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/log/sentry/v2/api/slardar/batch/
Requested by
Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.144 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

x-akamai-request-id
4a8f65f5.94b486
date
Thu, 28 Jul 2022 22:46:14 GMT
x-cache-remote
TCP_MISS from a23-223-34-18.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-18-78-144.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
166,2.18.78.144
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=MISS, edge; dur=141, origin; dur=25, inner; dur=4
server
nginx
x-tt-logid
202207282246140101920510300D9DB42D
access-control-max-age
600
access-control-allow-methods
POST, OPTIONS, GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-origin-response-time
25,23.223.34.18
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a61c67eb26dac760f4498635010ff9eb378a21d93388f98106afaf06fb210d447074d3237fadc8bfc3de0319bab4c1ed8c4e81e946511c1e0b80579bb781e5da8738284370a89ac0cefe4d44af328f2a62
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
/
mon-va.byteoversea.com/log/sentry/v2/api/slardar/batch/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/log/sentry/v2/api/slardar/batch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.144 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods
POST, OPTIONS, GET
access-control-allow-origin
*
access-control-max-age
600
content-type
application/octet-stream
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:14 GMT
server
nginx
server-timing
cdn-cache; desc=MISS, edge; dur=93, origin; dur=12 inner; dur=3
x-akamai-request-id
40c9cadf.94b425
x-cache
TCP_MISS from a2-18-78-144.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-cache-remote
TCP_MISS from a23-223-34-12.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-origin-response-time
12,23.223.34.12
x-parent-response-time
105,2.18.78.144
x-tt-logid
20220728224614010192166219149B8110
x-tt-trace-host
01c1f40e11d1e4d312c68ac37c2150a3a61c67eb26dac760f4498635010ff9eb373da22d185617e72fc87ab516fc0791a1c6cccf8a6b6e442f1be18152be36fd5d189365f32847d0e9c510a806d427c4f400f348d050d8b444c10f7d3599d2b29f
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
/
www.facebook.com/tr/ Frame 5007 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.wellandgood.com
Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.wellandgood.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:14 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 7189 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.wellandgood.com
Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.wellandgood.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:14 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FCN1P5XW0G&gtm=2oe7p0&_p=719730855&_z=ccd.v9B&cid=1419900786.1659048369&ul=en-us&sr=1600x1200&_eu=AI&sid=1659048369&sct=1&seg=0&dl=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&dt=A%20Genius%20Spice%20Jar%20Hack%20to%20Unclog%20It%20*Without*%20Shaking%20%7C%20Well%2BGood&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FCN1P5XW0G&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022072102&jk=584182728860691&bg=!JySlJGDNAAacadVKvGk7ACkAdvg8Wto3-rvS4L85U2KNVJ4KzxpOulGutLO5__SxgBAwTxj9qka1JQIAAAB8UgAAAAxoAQeZArIHGfjxFLa48lPLWVHWjRZHxGaBPyazrJ9vOSxIU3lMXz8Jqj1j927Tyf8QnHl-rO8TP2BvQuowGljpawH39GOQBqM3Ep5eMOSDF1oJmFi2yJdpEZGjoWVDOwWdIhReyDSmMZC60o4vnWHJsY_WOH8GN411edT9y1wNEjRQvnHUvONd0jAJ5F0GU0Rak5L0TDpH3niLkHd8wZqZ6hVLI-AeJSOhyeDZqcuG6uzPn--csIdPs8s3AF1UzUsrTpHuHiFspWsiHeC8dbOFhV_ON0vSkZWyieMsSdGgPj-HMKWMoRQ-NGcMF-byfwrcPkfJtUyM-WNnYjhZgGcsQ3XAyPmgKVpjuCr8sjmaekSlM1uAoM6Wdo997JXZWfNquNRsfICOV6aOi62a2WK0z4AB7FehyFfyMeBlYKm96ekf8IJ9cROvjUqkYlsKqe-hC72_GFM9xqIPRRn6aV0TP1cSDkATwlmtP2qSSWxGzENvqF1SDqxFhBcmGiHNCXcvGq9Tsj-yQlcTpl84piHFvONBt-6X1QzBzy_zcqZaih2oAQpW6lwQ-Zyl8smn6kyPqveeVZCpnVyMzmc7aQ70U6hSCdNpJgwZ2E-wosNVrlZZJ0aILpPoc9hu2VyyIMlj4msRnBNTeROvmxmw1WbEX4OV3gwNZw5MAwDApZDVB7u2vTMABxa3InGBg5q70oDDfR9XM-sXau0yVluDs6eR32mqwIxjme4Sh-I7t29-R0m1SpPWNhRL1piwZkDpTxBZUZmJtRQYAGVQfcDW6ZY_iMe0F3tEB2YtFivVSpcGXl-SKV6w20BnBg37gwztJiXcdL4m_p35vSRZQ1cvMH0xy5XZOwlsz3IGn4G9a_GwQqgFgpuDwWyEcuJciwrV1YPFmquwhMr7psVm-HzzpibmQclbLVClXV8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928482&asId=e5f29576-c682-5e50-ed7c-7172a7a46eb5&tv=%7Bc:jHLhBW,pingTime:5,time:5217,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:1,h:3,t:175%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5217,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:175,wc:0.0.1600.1200,ac:0.621.1.3,am:i,cc:0.621.1.3,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5063~100%5D,as:%5B5063~1.3%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:258,fm:tcVnT1V+11%7C12%7C13%7C14*.928482%7C141%7C15%7C16%7C17%7C18%7C19,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:6252:7b4f:105f:a05f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:15 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
172
a.ad.gt/api/v1/u/matches/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/172?url=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&ref=
Requested by
Host: www.wellandgood.com
URL: https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.197.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-197-107.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
b080d53c46b947b1a1922a6dd8e89074adceba469d4badf063f3a3fb6d687ed7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Jul 2022 22:46:16 GMT
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx/1.20.0
content-type
application/javascript
172
id.halo.ad.gt/api/v1/partner/ 		52 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.halo.ad.gt/api/v1/partner/172?sync=1&url=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/172?url=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.135.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-135-76.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
06da2a777307cf4cc99a07a8749f48e0d09cd7257268a6aa1de18ca6210c85b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:16 GMT
content-encoding
gzip
origin-trial
server
nginx/1.20.0
content-type
text/javascript; charset=UTF-8
172
p.ad.gt/api/v1/p/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/172?au_id=AU1D-0100-001659048376-K5X50QR6-B0FR
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/172?url=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-183.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
b131d7f6bf1e4b526bcf11ded45647e93e1e830fae8eb5acf05071a4e422be08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 28 Jul 2022 22:46:16 GMT
content-encoding
gzip
server
nginx/1.20.0
content-type
text/html; charset=utf-8
collect
a.ad.gt/api/v1/ 		0
106 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.197.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-197-107.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://www.wellandgood.com
date
Thu, 28 Jul 2022 22:46:17 GMT
server
nginx/1.20.0
vary
Origin
getpixels
pixels.ad.gt/api/v1/ 		0
52 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=490679cf2a8cee4be590c3a4888e9130&url=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/172?au_id=AU1D-0100-001659048376-K5X50QR6-B0FR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.254.43 -, , ASN (),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:17 GMT
server
nginx/1.20.0
1853083501571805
connect.facebook.net/signals/config/ 		295 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1853083501571805?v=2.9.66&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f68fcfb4d681f13139510d7496b7935cd0a4f15194711d94e655fa608324686f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87528
x-xss-protection
0
pragma
public
x-fb-debug
mzMwmQP53mNZDQypM3Kp15gJTU8z2pv5iWHjnnJ8Q+ATCKCAlscGhwEEo+gZnDiqqZeYgwjb5Dm1kFRZAvh3cw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 28 Jul 2022 22:46:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Jul 2022 23:02:39 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:36:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
577
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Jul 2022 23:36:40 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=719730855&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&ul=en-us&de=UTF-8&dt=A%20Genius%20Spice%20Jar%20Hack%20to%20Unclog%20It%20*Without*%20Shaking%20%7C%20Well%2BGood&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEIZBAQCAC~&jid=305103641&gjid=1944492606&cid=1419900786.1659048369&tid=UA-87198801-1&_gid=812548643.1659048370&_r=1&_slc=1&cd2=none&cd3=172&cd4=www.wellandgood.com&cd5=%2Fspice-jar-hack%2F&cd6=Passive%20Tagger&cd7=490679cf2a8cee4be590c3a4888e9130&cd1=AU1D-0100-001659048376-K5X50QR6-B0FR&z=1936137167
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&rl=&if=false&ts=1659048377264&cd[partner_id]=172&cd[tagger_id]=490679cf2a8cee4be590c3a4888e9130&sw=1600&sh=1200&v=2.9.66&r=stable&ec=0&o=30&fbp=fb.1.1659048373279.635085459&it=1659048372882&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 22:46:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 28 Jul 2022 22:46:17 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-87198801-1&cid=1419900786.1659048369&jid=305103641&gjid=1944492606&_gid=812548643.1659048370&_u=aCDACEIZBAQCAC~&z=1683405834
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 28 Jul 2022 22:46:17 GMT
content-type
text/plain
access-control-allow-origin
https://www.wellandgood.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-87198801-1&cid=1419900786.1659048369&jid=305103641&_u=aCDACEIZBAQCAC~&z=1075423407
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-87198801-1&cid=1419900786.1659048369&jid=305103641&_u=aCDACEIZBAQCAC~&z=1075423407
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wellandgood.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jul 2022 22:46:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 3B02 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.wellandgood.com
Referer
https://www.wellandgood.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.wellandgood.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 28 Jul 2022 22:46:17 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
event-stream
k.p-n.io/ 		0
126 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://k.p-n.io/event-stream
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.4.230 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 28 Jul 2022 22:46:18 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
event-stream
k.p-n.io/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://k.p-n.io/event-stream
Requested by
Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.4.230 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wellandgood.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 28 Jul 2022 22:46:18 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| permutiveData function| createUUID function| findPPID string| ppid object| permutive object| googletag object| data number| EXPERIMENT_POOL object| Modernizr object| WG_ENV function| fireIASRequest object| apstag function| fireAPSRequest string| PPID boolean| DISABLE_ADS object| AD_CONFIG object| AD_UNITS object| ACTIVE_AD_UNITS object| AD_INTERVALS string| AD_SIZE boolean| LOAD_RIGHT_RAIL_AD boolean| ADS_READY boolean| EMAIL_CAPTURE_INIT number| infiniteScrollInstance function| loadReve object| reve string| InstanaEumObject function| ineum object| PushlySDK function| pushly object| blacklistedPartners function| populateMarketingSlider object| parselyTrackSubscriptionEventQueue function| trackParselyTrackSubscription object| parselyCallbacks object| PARSELY boolean| apstagLOADED object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| postscribe object| google_tag_manager_external string| GoogleAnalyticsObject function| ga object| iasDataHandler function| populateMarketingPopup undefined| google_measure_js_timing object| PublisherCommonId object| gaplugins function| onYouTubeIframeAPIReady object| gaGlobal function| _typeof string| indexRootNamespaceRename object| indexapi object| headertag object| Criteo function| headertag_render object| pbjs object| rubicontag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ats object| wpApiSettings object| NODE_ENV object| wpJsonpWellGood object| regeneratorRuntime boolean| WG_APP_HAS_INIT function| BRRL_INIT_MODULES function| BRRL_INIT_MODULE object| WG_MODULES object| core number| _swclk_ number| _swsts_ object| tiktokEmbed object| __EMAIL_CAPTURE__PAYLOAD__ object| _qevents object| cpyWrt object| newLnk object| newP object| lnkTxt object| bait object| insertedBait function| checkBait object| skimlinks_exclude object| scrEm object| gaData object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_125 object| Criteo_125 object| jQuery112406527793491146658 function| setImmediate function| clearImmediate function| _populateMarketingSlider object| __BUS__ object| RELATED_POSTS boolean| WG_EMAIL_CAPTURE_HAS_RENDERED object| OneTrustStub function| OptanonWrapper function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| BAMX function| P function| Composable object| BAMX_EVENT_DATA object| NRTV_EVENT_DATA object| NRTV_LINKMATE_DATA object| NRTV_CLICKMATE_DATA object| trx function| md5 function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| LI object| __li__evt_bus object| liQ object| _brandmetrics function| _typeof2 function| __liSync string| OnetrustActiveGroups string| OptanonActiveGroups function| __tcfapi object| otStubData object| __IntegralASExec object| Optanon object| OneTrust object| otIabModule function| kwa object| se object| fs function| fbq function| _fbq function| pintrk function| trackable object| GoogleGcLKhOms object| brandmetrics function| __assign object| GlobalSnowplowNamespace function| snowplowKW object| Snowplow object| google_image_requests object| auvars boolean| __halo__loaded__ string| __sync__call__ function| docReady object| au object| autag

72 Cookies

Domain/Path Name / Value
www.wellandgood.com/spice-jar-hack Name: _liChk
Value: 0.31224127582472283
i.liadm.com/s Name: _li_ss
Value: MgUIBhDvEjIFCAoQ7xIyBQgLEO8SMgUIfhDvEjIGCIsBEO8SMgUIeRDvEjIGCIEBEO8SMgUIDBDvEjIJCP____8HEO8S
.purewow.com/ Name: sailthru_hid
Value: 49a871453c3a1a63a6c1004ba8309c2b62c1d03b7fa0db082b086d650847c6dc3e39372eadaebe8eb7e983e3
.purewow.com/ Name: sailthru_bid
Value: 28508451.906807
.wellandgood.com/ Name: ak_bmsc
Value: 892251C00AE637EB1E1382AEEF502D2F~000000000000000000000000000000~YAAQ5GEXAnmvXC2CAQAA9Bn9RhCMPyHwT2TlxQrcYUqj+nWq7vlRUfle43qELF0LelfQK4Ohtq0nYyESJ5lJDEwE0zps8otBbwrP2tkiKJe9aZNfF3xBfpbQdxxawD0lHuDjwkQZU9QNW3teav+FZP01DOO1URJeoY69U+w+NV4hnRH2jB7nqfrDVe4F6BWLob/TJcSNEw1QcO1NhsbgOHs7hyn83qmMtWYoqug6YEEVPZ/jgmTavKqNY7PYW1WOPaozKzjWa55n7bprChh56O8w+Ra8q9HB5i6TZKlud27Tj1DflKrvXLYMTcrfL6SFZN/GkWfmkgLNXxvlSlzyB9qhBxbXiJtCPPktpGl39uCBYoXSXGamO1ixfHxA55HSJfguDo1pNmtAAjKuqAbnTVR4nFjW49Agvw==
.youtube.com/ Name: YSC
Value: cAEdUKoweWE
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: V4bhfAihk0I
.wellandgood.com/ Name: permutive-id
Value: 74a83562-c4cc-4ecf-b0aa-1a638fa85a40
.5814efa5-d41d-4a89-b176-1cc26fae87cd.prmutv.co/ Name: pxid
Value: 4ec71bd9-0bc5-475b-a51f-0b9bfea359ef
.wellandgood.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.wellandgood.com/spice-jar-hack/?utm_source=purewow&utm_medium=syndication&utm_campaign=social&utm_content=Final&utm_term=national%22%2C%22sref%22:%22%22%2C%22sts%22:1659048369443%2C%22slts%22:0}
.wellandgood.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=cf56fd10a4d8701d7cde9a3acf4f19a9%22%2C%22session_count%22:1%2C%22last_session_ts%22:1659048369443}
.wellandgood.com/ Name: _pnvl
Value: false
.wellandgood.com/ Name: pushly.user_puuid
Value: w4Z0ZzESSv1yQvpGww0q6TROuI65EYWD
.wellandgood.com/ Name: _pndnt
Value:
.wellandgood.com/ Name: _pnss
Value: none
.doubleclick.net/ Name: IDE
Value: AHWqTUnGf6Fp1wpFR6cL449xeKRgXzOO60L7m4VxtzUCO4A1iW9F042Sa96Q-4zn9XU
.wellandgood.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.wellandgood.com/ Name: _ga
Value: GA1.2.1419900786.1659048369
.wellandgood.com/ Name: _gid
Value: GA1.2.812548643.1659048370
.wellandgood.com/ Name: _gat_UA-10597695-1
Value: 1
www.wellandgood.com/ Name: adBlock
Value: off
www.wellandgood.com/ Name: _lr_geo_location
Value: DE
.wellandgood.com/ Name: bm_sv
Value: 666E832680EB973EB7B56656F6CFF9A7~YAAQ5GEXAgywXC2CAQAA+x79RhBW1+OXGDZxUY5QhxRUrBCqKfFqMLYp5f5nyxdByiBxd7CKOsCo6RQsYmlGJwwzAybW4Eyi4ANYtqZH9J/98OD9mYXW6N80cxYWRow8qGMdJ2SendAhgVEIU4VUs2QbbM53pQIi9mf983UzylByTnbdlTDAMX+bRZczJiHAxFjfJNf5U2UZc6iszA9GlptgtjPIHt1i1KlZjqQyv1YECeIU9K7b2x//hCYDvbw1wB3qa1Y=~1
.wellandgood.com/ Name: _li_dcdm_c
Value: .wellandgood.com
.wellandgood.com/ Name: _lc2_fpi
Value: 5bcb19005d84--01g93ft7xnwfksbat28m7nhy1b
.wellandgood.com/ Name: __gads
Value: ID=86af9604f05e86f5:T=1659048369:S=ALNI_MZbgIHUfslRvd6SVWlPpsnRegkGgA
.wellandgood.com/ Name: _ga_FCN1P5XW0G
Value: GS1.1.1659048369.1.0.1659048370.0
.kargo.com/ Name: ktcid
Value: 8b5bc497-3c65-0a28-15ad-68e3fd1b1dbd
.openx.net/ Name: i
Value: 15f4aa7a-b460-027e-0149-847372b6f36a|1659048370
.narrativ.com/ Name: uid_bam
Value: 1781389623484259232
.quantserve.com/ Name: mc
Value: 62e311b2-57724-706a5-77fac
.wellandgood.com/ Name: __qca
Value: P0-812600861-1659048370209
.rubiconproject.com/ Name: khaos
Value: L65MKBDK-21-DH63
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoCkDrjnOWh2bU1ZxogGjlwOA+xFj1I9sdCW7L1Z9UHRt2bnzNJ1x5z3rkz/UMSRBBKxkK5PMloMcBQn6AvuCLFjl1IYSgnpaWyqVI1k5poNA==
.adnxs.com/ Name: icu
Value: ChgInJ9FEAoYASABKAEwsqOMlwY4AUABSAEQsqOMlwYYAA..
.adnxs.com/ Name: uuid2
Value: 4855671030576125920
.openx.net/ Name: pd
Value: v2|1659048370|gekin0vNiygu
.quantserve.com/ Name: d
Value: EPABDAHcJoqsMA
.liadm.com/ Name: lidid
Value: 26f167b1-9318-41f1-ba9f-f61af5215323
.wellandgood.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Thu+Jul+28+2022+22%3A46%3A10+GMT%2B0000+(GMT)&version=6.4.0&hosts=&consentId=aa804f89-98c8-41b8-89ae-a8993c37b5cc&interactionCount=0&landingPath=https%3A%2F%2Fwww.wellandgood.com%2Fspice-jar-hack%2F%3Futm_source%3Dpurewow%26utm_medium%3Dsyndication%26utm_campaign%3Dsocial%26utm_content%3DFinal%26utm_term%3Dnational&groups=C0004%3A0%2CC0001%3A1%2CC0003%3A0%2CSTACK31%3A0%2CC0002%3A0
.mon-va.byteoversea.com/ Name: MONITOR_WEB_ID
Value: 056bb5d1-6ab8-4c6d-bc95-4265a1776126
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 3678105027151190802
.mathtag.com/ Name: uuid
Value: 2f8662e3-11b3-4b00-b6b2-eb54679f5733
.bidswitch.net/ Name: tuuid
Value: 8ab99147-39e2-4f58-8d7d-6690a98675fe
.bidswitch.net/ Name: c
Value: 1659048371
.bidswitch.net/ Name: tuuid_lu
Value: 1659048371
.demdex.net/ Name: demdex
Value: 76309656343925400890216846639799129148
.dpm.demdex.net/ Name: dpm
Value: 76309656343925400890216846639799129148
.addthis.com/ Name: na_id
Value: 2022072822461200031827970288
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 62e311b46248fa8e
.addthis.com/ Name: ouid
Value: 62e311b400013b318d3fb1ea7c29dff1650a482b1deaca318fab
pool.admedo.com/ Name: tuuid
Value: f5377ddf-fb75-47d2-b778-5741ca78e744
pool.admedo.com/ Name: c
Value: 1659048372
pool.admedo.com/ Name: tuuid_lu
Value: 1659048372
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.criteo.com/ Name: uid
Value: c8861d73-d313-4da6-bb5a-897846f6fefb
.wellandgood.com/ Name: kw.session_ts
Value: 1659048372978
.wellandgood.com/ Name: kw.pv_session
Value: 1
.wellandgood.com/ Name: _sp_ses.43e7
Value: *
.wellandgood.com/ Name: _sp_id.43e7
Value: 4ebf7966-9f26-46ff-9ec5-48e5a48e980f.1659048373.1.1659048373.1659048373.2ff65a1a-efe6-4535-8fc1-79bc73c3b560
www.wellandgood.com/ Name: _wchtbl_uid
Value: b8896449-ef11-454e-97cf-258300a6e472
www.wellandgood.com/ Name: _wchtbl_sid
Value: 01f6ad6c-ad07-40bc-8217-f9d34c2e0729
.wellandgood.com/ Name: cto_bundle
Value: vlQd2F92OVBremhJRlclMkZ3NTBrNHNFSDhQQ2plJTJCSFAlMkZFS2ZDRzd1VlE2ODd5eHdBbTFhRmlZSFFSYkZwSmxEWEFHanZNUDViRXdqNXFsSHklMkJVJTJCMVklMkJQS2YlMkY5ZVlYdGh4MU53dTVJalIySG9teFdxcVhUOTBQNk1IU2ozRmJkc0Y3V0ZyTFo2MFpkUldMSTJnR2EzUEkyQnFNdyUzRCUzRA
.wellandgood.com/ Name: _fbp
Value: fb.1.1659048373279.635085459
.wellandgood.com/ Name: _pin_unauth
Value: dWlkPU9UZGxPRGN4WVdFdE9UQTBZUzAwT0dKbExXRXlabVl0WlRjM05UazFaamhrTTJOaQ
www.wellandgood.com/ Name: _wchtbl_do_not_process
Value: 1
www.wellandgood.com/ Name: _wchtbl_pixel_sync
Value: 0
.ad.gt/ Name: au_idmatch
Value: eyJhcG4iOiAxNjU5MDQ4Mzc2Mjc5LCAidHRkIjogMTY1OTA0ODM3NjI3OSwgInB1YiI6IDE2NTkwNDgzNzYyNzksICJhZHgiOiAxNjU5MDQ4Mzc2Mjc5LCAiZ29vIjogMTY1OTA0ODM3NjI3OSwgImltcHIiOiAxNjU5MDQ4Mzc2Mjc5LCAiYWRvIjogMTY1OTA0ODM3NjI3OSwgIm9wZW54IjogMTY1OTA0ODM3NjI3OSwgInVucnVseSI6IDE2NTkwNDgzNzYyNzksICJydWIiOiAxNjU5MDQ4Mzc2Mjc5LCAic21hcnQiOiAxNjU5MDQ4Mzc2Mjc5LCAicHBudCI6IDE2NTkwNDgzNzYyNzksICJ0YWJvb2xhIjogMTY1OTA0ODM3NjI3OSwgInNvbiI6IDE2NTkwNDgzNzYyNzksICJtZWRpYW1hdGgiOiAxNjU5MDQ4Mzc2Mjc5LCAiYmVlcyI6IDE2NTkwNDgzNzYyNzksICJpcCI6IDE2NTkwNDgzNzYyNzl9
.wellandgood.com/ Name: _au_1d
Value: AU1D-0100-001659048376-K5X50QR6-B0FR
.wellandgood.com/ Name: _gat_auPassiveTagger
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5814efa5-d41d-4a89-b176-1cc26fae87cd.prmutv.co
a.ad.gt
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
api.permutive.com
api.rlcdn.com
as-sec.casalemedia.com
ats.rlcdn.com
b-code.liadm.com
b1sync.zemanta.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn-magiclinks.trackonomics.net
cdn.adsafeprotected.com
cdn.brandmetrics.com
cdn.cookielaw.org
cdn.keywee.co
cdn.p-n.io
cdn.parsely.com
cdn.permutive.com
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
d1z2jf7jlzjs58.cloudfront.net
demandmedia-d.openx.net
dpm.demdex.net
dt.adsafeprotected.com
eb1452600f0f5d5a361b80dc8b5df1cb.safeframe.googlesyndication.com
eu-u.openx.net
eum-red-saas.instana.io
eum.instana.io
events.release.narrativ.com
ext.chtbl.com
fastlane.rubiconproject.com
fonts.gstatic.com
geo.privacymanager.io
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
i.liadm.com
i.ytimg.com
i6.liadm.com
ib.adnxs.com
id.halo.ad.gt
id.sv.rkdms.com
jnn-pa.googleapis.com
js-sec.indexww.com
k.p-n.io
krk.kargo.com
lf16-tiktok-common.ibytedtos.com
lf16-tiktok-web.ttwstatic.com
link.purewow.com
m.skimresources.com
match.adsrvr.org
mcs-va.tiktok.com
mon-va.byteoversea.com
mug.criteo.com
p.ad.gt
p.skimresources.com
p.typekit.net
p1.parsely.com
p16-sign-sg.tiktokcdn.com
p16-sign-va.tiktokcdn.com
p16-sign.tiktokcdn-us.com
p77-sign-va-lite.tiktokcdn.com
p77-sign-va.tiktokcdn.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.keywee.co
pixel.quantserve.com
pixels.ad.gt
pool.admedo.com
r.skimresources.com
region1.google-analytics.com
reve.leafmedia.io
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s.pinimg.com
s.skimresources.com
s0.2mdn.net
sb.scorecardresearch.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
sf16-scmcdn-va.ibytedtos.com
sf16-short-va.bytedapm.com
sli.wellandgood.com
ssc.33across.com
static.adsafeprotected.com
static.criteo.net
static.doubleclick.net
static.narrativ.com
stats.g.doubleclick.net
sync.mathtag.com
t.skimresources.com
tpc.googlesyndication.com
trc.taboola.com
trx-hub.com
unpkg.com
us-u.openx.net
use.typekit.net
v19-web-newkey.tiktokcdn.com
vmweb-va.byteoversea.com
web.chtbl.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tiktok.com
www.wellandgood.com
www.youtube.com
x.bidswitch.net
x.dlx.addthis.com
yt3.ggpht.com
ssc.33across.com
103.229.205.242
104.111.215.191
104.18.18.126
104.18.19.126
104.19.150.54
107.21.19.116
108.138.4.10
13.32.110.127
13.32.121.37
13.32.99.122
138.199.37.212
142.250.181.226
142.250.185.194
142.250.185.66
15.197.193.217
151.139.128.11
178.250.0.165
178.250.2.146
18.156.195.47
18.66.100.58
18.66.122.96
18.66.139.16
18.66.139.35
18.66.17.8
184.24.77.36
185.180.15.75
185.89.210.82
199.232.18.113
2.16.186.9
2.16.187.88
2.18.79.132
2.18.79.142
2.18.79.144
2.18.79.145
2.18.79.146
2001:4860:4802:32::36
23.35.236.247
23.36.162.16
23.36.162.29
23.47.212.208
23.55.235.136
2600:1f13:800:7780:6252:7b4f:105f:a05f
2600:1f18:444a:4602:377c:45e6:1b19:7050
2600:1f18:730:b110:a669:35d2:30d9:24a9
2600:9000:214f:a800:8:48e:53c0:93a1
2600:9000:2250:4400:0:cc59:3900:93a1
2600:9000:225e:cc00:8:8845:1500:93a1
2600:9000:2304:2800:6:44e3:f8c0:93a1
2600:9000:2304:f800:a:b27c:d040:93a1
2600:9000:236e:400:1d:8c8c:47c0:93a1
2600:9000:2490:9600:e:ec66:e40:93a1
2602:803:c003:200::21
2606:4700:20::681a:79b
2606:4700:4400::6812:2962
2606:4700::6810:7daf
2606:4700::6810:9440
2606:4700::6810:cc16
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:802::2002
2a00:1450:4001:802::2004
2a00:1450:4001:803::2003
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2006
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:830::200e
2a00:1450:4014:80a::2008
2a00:1450:4014:80a::2016
2a00:1450:4014:80b::200e
2a00:1450:4014:80f::200a
2a00:1450:4025:402::9b
2a02:2638::1c
2a02:2638::3
2a02:26f0:11a::6867:4841
2a02:26f0:11a::6867:4868
2a02:26f0:dc:180::3fae
2a02:26f0:dc:182::1931
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:200::300
3.121.8.16
3.219.23.242
3.226.166.212
3.67.125.142
3.67.4.230
34.107.254.252
34.120.133.55
34.193.4.201
34.202.183.121
34.217.170.183
34.251.67.138
34.98.64.218
35.158.225.181
35.190.59.101
35.190.91.160
35.201.67.47
35.210.53.219
35.241.9.51
35.80.231.159
37.157.2.238
52.20.237.222
52.222.214.67
52.25.254.43
54.229.167.95
54.244.135.76
54.68.197.107
63.34.81.234
64.202.112.95
92.123.21.200
99.86.240.124
004a0a1938fd271e8b71361f25d25d8ae558060ef6daa879cc3155220b0f4e6e
00ff0fb2463dafcfc8ba26ad122d8067839952997e320b34bdaf664f7a852656
014bb521cd7de2af704695868eb70d69317bc561dffb58b45727f25c548fd326
01fcce2e24b80e2062954fd9a2429e47527af8e72bbd014ea4c02a9dc060eeb7
0216c8dc29523e3ff49d1831d3ca3631eb225f80924b590c890c3b24228c7aba
03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a
05100b54e5180c0ce415e00b2152959b21844c28c28f90a24450fdbe876d5b7b
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06da2a777307cf4cc99a07a8749f48e0d09cd7257268a6aa1de18ca6210c85b0
071ec8646c15156029c8d64c5d3f427cf61a3d75a89d676ccf54cc3a98c5c986
0a00d5c9c8368a6afbac094dbaa312c0f75fe445f57aeb23bcda10a34c058698
0b3a59d8681cb657bd89cc4d497d9aee2b69668b0c38b5f186ff572e1fd05de8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7603b3f5e88a8bd2e64d716e974659d2831d0b387e52d2efa7ebe351c092f6
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0f8f075a48ff5e46445150ecab5373f07e9e89dd895a329c2b66d375889c0206
10bb9eaf17872545fb9a4e4f778d731135b4d56cf71e249574ce29192c99bf50
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1226c684992eee17005b73b860b9b75d2ae9b030f0166ff57549ec07c3c9b83b
126a7f1527363ca12ba70485e469f9cf583b319537a76cfded51a20f52128be5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
135bfc70ba3a04297314445e43cc8f446089cf9201532d33654d4bf5c517494b
13ada0d47c48a1db77ff5f5b26a062a5d674dbab3cd1a62c6f7c7c75448a4436
174f53af26f08c078c4617d06c920e2b352cfdcade8e9748e9601759edbaf239
19e6949ea062c02e8b0bb94ef12e1ddf60f60f41fa133fabbdbde647a468ded9
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1c87acd3b458eeaa8e974bc098138358dee634023dd0536bc235626abf7c0221
1d018a4bc6732706871e85ac4ee0c9a6b3b10947daa364c8eb4282be8daf1fd8
1d59bf0b49c57cd82ff4e87f2650c96010b286e9280c987298e01543b29b8966
1f1969c0811ea580eeaa5ab2fe9c74882b8f1ccaa4d12b130840199c85c59e7d
203974e073dcc303782d44e1a4e4c6df0efc389e0e0787c0519f6615b64435ca
21685b549994ffcd30456fea173ebaa3e5b631e41be63080236b2964d70db754
21b7013008e6dd2028d0c221a38dbb403ca0572c65484a302f03afa8282630f2
21c941a3087386fbe29bc1716dd441b303369ba2d5707656a6548ddf0af59940
23279cd5dd692a5fd837775e96b76f0ed45fe66b77550db36398242aeaaa573e
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23b0e020be2d75338ac646ce3260b5dc427a1b2827f05f4d6da94b6e4bc1c017
23d96933a47a5b61d35f3e6307851e17787275abff56d691a94372fa4cfc002c
23f63b420daeef9c7faed3087cee36f219d64830fda15f89eb3bcb47487ce9f6
2436f80084a2d014dde7121e650ac23f271e2f23fb8f78b539919c296e08f543
25874e15e2929c0f872c5304912348ceec3bd87051ef2c2d674b6437e617399e
262f51a18d3ab395244a7e5fe06ed082534e0fa0ac8226d00c72e13f2fe5427a
26cd7bf031d710c443f801d30b5f5c5400e5736cc39d79e172f935cddcff91f6
27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308
27f40d313a719902a7443359baedc0195cbe87e8b1c9493f246346f196f53504
28a196fd41db3c09e628d5ce8487a266150d272c09f0b6d5db4b4268c79596bb
28d9a46b2b2ce888fbe96f45861ae673bbe0fc49d192f56917ab504268a803ff
29a734dbe0c87dca942095cf4038b7a2519fb48ff2e06d1f49b8d8854493ac35
2aa14847a30c54f6c97786c6b1fc19b236278c181ac02f87d51c2ab67ccace74
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2d0645b348425a90d144d4af16b422ff7a4b049339103b8ed4bc60ec9608fa51
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
329a1b12f194f01c9648d132014e0a9089e43accd7e70817532727b4f9687aa0
333c385f1afe99ad2f9c25f1cb0bff7bdcf017a2cd4c025bf6cb0238da22217d
358f0e5b2691b247f6224be0fc51734cc71a3461b6c1781d84bf38d556be5264
364e7ad67fc556f22d62c7f18d1d464f5a3a7041044048ce40ba5cc41f52d956
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a1267e8dcbbc55595613d4aeb916709be4ccdf3c7b2353e60da1cf533bdfa0a
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bf22b7fa281d4f2dac3205709cb01c562f6039f3714171b9af5ab92918ef9d2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f2262cddf7ff338195574d61ae346a60e7859ed56a4b64f8c13c36f67befc01
3f3fad41e2ab8c726453ccecc4acbe1c460a8bd4bee4af1c914877b0e7ca6a95
3f99bee62b18a54519aa568e139b7a5b1f8d91ffa23e63adf845662eea30aced
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f3dd0cf12dbf448ae06c7635ce070d570ef735e12f8234167683f900942018
48268c28f60a724e229fa404e299fc0d92f5ab3a01029db685e55ce898774cb5
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49a0fed64e7176b061231874d8337ecca03c3d0bbecefd7acb19d59a99018536
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b080c85fdea39030ddad0a53615d418819c68412c0f8a087f44a93a7985a921
4c44b7ac3b0fb4895714ee8a35ed0a452b849df7759ee470ed8a7455ed15270f
4ca3273a9158ab3c3f53c39e73e1c632cf81ab6c3922a38bcbe7ed4f36d4d325
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3b02786fa458f459601675dfd708806f1d47e6337c6d569b9731cbd5c5c126
4fbee4342890b861ddd7a0f6e8ecd49b817f300d4befd405c8a1c437ecb0b19a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50739cad32600ba819692681d66dc63e0e32735aa64f77a4c55b87ece5695904
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
5161c7ee3ba66cf5e9405aee7dd0724b06f90b0b39d614e8048b7fbaa742e0ab
51c4ed990a2f0517e58d523e68c6380444ffbc31753abaaf04795f86cfbbb7a8
51d0125c09a51f3e29e6af5b0a7eb7bdb70ec251ed35f08459cefd3604b41a33
5345701b5336160f61a652a41acff02371c55d4d7c9ba2dff8f01024997a2801
5409a40f13947aad7a649655c874dda059224524f48475e9afea434782dfdee3
542e01bb8a65097f0a369a3432a5a9774e96fb17245afed7fa4de9793c1012e6
5474431f71de44407de9743ebbc3ec69c99d6d1959a30bb685f9a4d88ae6d8d0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a710f38cb6bf9c79a7f61b9037e9c2ebdd7b68d4f8d9459b3007481f5703fa
5802e36d8bf3a9f7e45c24f5137220a203818ed3255f6c1e0bd49f48afe35df1
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5b5a1e2a0e0bc0564114068a7cf53ec26e7ad0ca1a265d5392bcda8a17554596
5bb66fbb8c4160a2a326c9fc9a16b771659635b68a50a6d2601ed033427a1d77
5c2b45e8e88eb5acc0922ddae23f488d892d3607834805ede14ea56b0e62dc46
5c509da8c8c914370365c4bc3e9c1fa7f38030dfa92d3b999d790f19eb5ca771
5c793a9121a8a6862bf2895573474174c9ed70e2e7ebd2be1f15ed04f1ba00dd
5d15e998987f4f222ddda560f88e076c5d279cb066720ff781f04f53efe116a1
5d33fc21d9333baa102cfc84f38d85f681a45ae678155b56218c02e88b95e8e2
5d66b4370c15f415951a8572980b216ebec4308d6de3c51f0f289f5a13e01426
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
5f5beabf59a0f4c1c28f05dd34047cd1f401f146b85eebbaa7ab8d971f075e64
600d682de9fea2e27e1bc8838d92d1aa23716c47dcc63b95f8ddffe9fa98b87a
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
641885d8631d8b5f664fe4f215e71d09d1bd130db8193fd7635491b4d729799d
6437b9c4b74b01f68156bcded9505562462d78d8e4a1f3bc7238013651743349
644dd2ed36b51eb3577b9b87f7bb7421b0e9234d051983c4bf435e6d1a4aa097
6793fa2f8d1a76e1ff51f8a83ecf5aa7ebbdc5f422196c1cdcda31f496d4d41e
67df9f3bd8443ff09350889f0b6a55729b284d427d34aece1ef7f26757c535bb
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67f23c1e9b00ea763eaa0b54ec1c368a0cccc5288e97ebf451888ff802ed07a1
6820dc5a852a390b26eaa791f6f9f9b976fa0ba6c17412089b25946d7d9de99c
68b89a9edab14c8b4b0b39255f6dbb5ff4e74be710295bc204824d062290e88a
69b4affdd8a472bbeb594a9ed02d851c1b3ff5e4b9e970ab1e581fc9f6a11eb3
6aa10ccb8a9db0309d0df8b93e8d9bad03d814791f17f1cc2e12f2319ee694de
6bae0343f43db33d60cfe18091e84c909c56fc3d3b6fdd45d389bedfec6d4546
6c20dc7b276fe2d57ba4a4750566f3c23cdc053115ed64df55d5224eb76a23d4
6d0bb294dbc97f2ff9d7c04b62fc5a1798d7f733b4d42a9a026cdc1da4b5850c
6d4ca5250c5405e918db546130b57d38662caaa0d8d5daa37493000b701fd673
6fb4beecaeaf75b625e2b79c1b127d29a0cd3b036ac026ddbabc9e56769104d9
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
70b7c68911dbbc2b3afd1b035f8f8d7755de89d8085e9a0b61e8c9414a1331e8
713202157e2eddb55a2572f047f901179fdb6a3060228861fda1f9cc2ba2b9f3
721372004061e890f90932b40dd5ba69fc1aa21b3322f20d73b1ea0653189890
73a6cb4190a821ba10c12c9365ea8dae4c20a1f13e4806b5289712881464c5d0
74983bfb9a159887f14e49ddf837e1dfcc9707700d77c9caecfd1cc15d3d1a9b
75a53d7bf56b15993633fa6dc67039e544c4c70fc37ad324cb14675f574aaea0
76680efd61dc1f00144c9af7adb317cc0642fe53282525e7e35806a12e74a084
76ed669f2cd1ffb34e33115fcdace186497ede69afb730e4e0cf9c56f716bac0
77b30e200fb01f4ae4192dd0be5c24c851a64b7690631dde41d90e03352ac0b2
77e2169e770ab005acaae16396bf76d8e5a4a7a46e8351728e1dbc7cec3b3291
795de365eb2d49425812daada1c1b55b09b572032bed00e5f15cb01574671a26
7a90032fac3af5ce5b761bcde2e73b3da2d1c396ac475f3acb1a7e7c22e2927a
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7f89ac597ab315664bab9a05f9276c837edc0dacfe5d21dcf34ca48a183cf4ab
812cab4095834d5d12ea0a5ade93f06c8ad72120e359a01ce97143cd26ac441b
8202a67d5c4745ea957d4113e8af47301b8885b31421d71798f9965fddbe9755
82b2f730d5f636388ba5bc4a3f3e5b5116b27939b64b26b60e793cee94dc73f0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85033a69ec6b1d95870dcf59f895dbb9af5ff69fc84f48a4ec0215746b3b1c8b
871962197e9fb61e803e2a930df41c20dc6ed5884d6eb74c05b6ac3928c52bc4
8825a11d00047c6335a99b17916099594a686eb51495d36a8f0119ae441a3ec2
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8adac6241184a9d876bba7e9dce27b03ff7820df837a3b20526e192176cb72bb
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579
8b7b4e6c36a5ffea99d4bed38c969c9e1182e27ce076110fb14ccbad670bf5c8
8c4f3e03304c71b84e2a89a4a521b9086f39722f154c19943865ff079f25b088
8d0056dcc26b8dce6be00539697962adb12475fbf9cbf7fdcbc7c81b2ae7328d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc4de88129a4052830558b2aaac7220beba246a368a63da9b748d798b6cfabe
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
936be7b582a2bb754f12203ad80017d6a8ed7dbe6df005795ec01df21b1156a1
95477b33fe2f81052e244a609a52023398d8d342ea13f823476206bd78bbd592
95a79a3aa2e44f7589b8eec7214d959a111a65320ef4dadcab25b564b7a1a222
98afcb2fa3e3e9a2e7f4047603e61cc8c2caa0f2ccca2cfc263306aa8fcbfed6
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
992fc5e3239eb0126bb47e09e0e96325c30c9f8af4518d2c3536df879cf76a4d
9b53587af6a12f7fad3bfad6b7b54c87e617be23251df237e82aab784bbdbc36
9ce1091f434081607fffc1bd06e2ab1b4cb0ba1e12ed770e07e486507795d2cc
a0367cb5206a662f47abbe6a2c1e7877b6fae71949bd448c810752c16e547529
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b236f6a30bc3540c05bfa894043a5b068bcacd148e30c24a360267aebf3e56
a3662bdef768ff6e38604877fb5cb4158b2c2202e4436b430140769395e94839
a4002d856e575601b351be144c9d7e4e6977286644fede72a7de1638844722aa
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461
a5a31118c95a69d501342efc9101d16e81fa7e1325989ff89ff3f815439da542
a67117312ce631cdfc251dfbb90058bc01e3849deb0cd7fed130745b5813d1b2
a6d745bbbc241154ea7906d27edca4104f861213bb9929e8f2fa5c689b69a32e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9b7771abd1cc32b2f00cde995b69747deb353ecddcec239db4fa8deb3ee7b9d
aa6d867761a972d5c92de15d7674b88db8189fd9abc1e85d42d83f836c6eb112
aa80a131bdc128102cb56862c818c812a0ca4e0e3b9600667fe917f261dc8116
aad11480c148676ac14f5e1b83621f23c8e8d5f479bf07a2fd68a8e19a8b54de
ab3ae0730fb4eae2a42e1ed373179b280252d82903fc224d842a55d62f31687f
abb2ee3d69e2103beda7e41f99402dd5c28c5cd66fc50b2cd3cf850cd7abb926
ad58112939029f0882fe1ab489370b7233ab955e606a967a5c26e49f9770e324
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
b080d53c46b947b1a1922a6dd8e89074adceba469d4badf063f3a3fb6d687ed7
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b131d7f6bf1e4b526bcf11ded45647e93e1e830fae8eb5acf05071a4e422be08
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e8ab98fc0b04e97cad45711fe06e4c794dbef4f0e6916d16e3ed913b5ac210
b2e676ef127a750c94fd9504bf8f008e8a5ed00d206bfd84d325511a8f3db372
b46cc45e4a152e5e323da05160d99439fe25580079d8a3eb5c85a32071c0009d
b5629bff9f7cf70baed7df75fbde4ab28280e2a687c8f4712b06a03d52666d73
b5b657adebe472d1ec36080afd77d1dd2e5ca756182fdbfa9d1a08ad012f62e6
b60e253dbebb1bca6dad6be45c0b5c1dbb40f15b0a79cbf8b62a0404afd2bef5
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
ba0a883821fdf9a29a45b98041b35afe0d4229f043bc7901a03c4fe7f9e1df4d
bb30148d9df7671c14f2cd5be91e6b7a1488932efb740a80b66f39052744c168
bbd7327b73d3c0623ccb28619f7cf36ff06b86ab6a02170c42edffb0ea3824ff
c05682f5b8d03be25dc58133c558bcce34b6a1d5574b5bb6d053a40bdb43c83c
c0711e412d82a72d6edcc78cfb50cc49d65203f8db066eec0d1c6691defee3a0
c2110faf3670070ebfcddac8b0fce1313d6edf893602f44cb0178e8e1a38a185
c221b46bd2d3a7a59e2ea0e6e6d7cd9b778ce03598c38aaa9319c00a913f396f
c2e95cd7237e15591875f8bc4f5290e2c1e91c0269385e77e76bf7343364ef30
c45d5ae50379b451d1bbf397c61515a702e74c8aff8680a946681217894bcf81
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
c7b22c1c6daf0bfa2a09e7e50a149e1bae74aa3b563e33fe92ec84e4723f91d0
c7eb8892373973f4babf75de56b6733e2dc4af6f1422403cb7b679473434857c
c8f08a7a2892cf667cf697e3ce333b9a905d838dba41578dd09f499f03493da4
c9e54757a1979dd79e708c8f259229b2f8ac1147b779c17f241ef8a13b49222d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca8f5b527f7b05cc197be6a570581130a8c18cbb7fc102c5818cce3fa7a199b5
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf288797ec1093660a169b6155571f93eac9be459c73ccb15add2002a25ac4c2
cf4196501b7e2f1bc0581d9aa367a7863d7fdbc10eb81a3e82964263d374b4d2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d023ea2c48826bcb41d3dd51abbc66cab36a97cf2f6c2cfb482faaf7eab6cba0
d06c1d1f95928227b923f8e2b201da367b26a9f30cce47c39eb994bdc1120eea
d165f84e466f4d1c4e4840e7bddf5e6e0114e114cf2c555078c40719498430dc
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d60f6f17937b8ed0a18321076438f53d6bb0d62879d42d3832bd50aa7e91e18d
d6188e3561763f4300f2460a7def5b11ab0f64e8fa17fff88a7790fdc6ff7845
d6bc239a6993be3a5ed13249ff2d27e4e3bc80a30bbd6df2ff92b4db0ad1d996
d7471e3df1ba49ecc8acc2dc6d8c4c3619f1a8e094050bdb2432c1cb2548468d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d858782d53337cb280fd29487a8c25544984a1abc8619d4fc3535e4458101d1f
d8f0da692d5b20c73608a496011b6119e73051f0bb8ccb20408c46f9cff62d06
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dc23d4a40b943f9bcc774d75d645f9d9c75c3b1871331ad3f0043affd123d7f2
dc3c744d2ca6bc91b1bd00359f8d73b7e2ff0c6f5312e8538423c40370faf67b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e01d0cba4a7a44b21ced86c8ba8bf8b245688aeec22ae3e1df56efe505c76157
e03964fe5507d5faf9021215910cd365c8b031fb4a72c65dc0d1dafea32492c6
e050f94a04f665a5f212fb4c9bada24a0ca3672fc0dbf6ad6f3e84438ba590a7
e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3
e145b1a56b822a1f604021905dc0c661a5447c13a569b6424be2abc8c140b668
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309
e1e8e49ca0b7dd21d87f99adef39d4dde8cc6d4f5d058f7a7495e5c379905bf0
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2e0bcc9b9a8f6ae25ac83e168e0b76b93de7bc7e12b8b693605e2f22d30ee
e40392e86c82f3bce196182c21ed8467cca4aea225e451db8fd16ca727fa52d8
e6f73a11c6c0c6bc1adcecd491e53534343c5a0d8eec33383dfd4043020588a4
e9b9567c55da41c3725599f898bbf92cec12f14af4febb281cfaf827db22e8d7
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef53de8b2b15283e98691c30f3d8669877f03bdf7a3cf9d240870e9327c4a727
ef67d7cfae1be7b2e008445315f9e6047387723de195b5ceb7239d35d113547d
efa30a9e6aba180391f5f846663b381b57207b91189dd6e9d2caa80889b4af0b
f18864001522dcb0cc98afade5c3f1a716b511869bc5411079bf894c34045116
f226f0f57617243035dec97d421963075a5189512589e8e00e0696511db7729e
f42ca2577d449a0a71e253026629d50e79ce18693c50abb0474eb8f677079399
f4f6e3e53177c08ab6c846bcb9873aac07bc77b76e56c21c45436d7a0c6d245f
f6071ada704c319b2c37c71ca6973a41d3a5b3d3f7ea8cf1c22ad44622e8b0e0
f68fcfb4d681f13139510d7496b7935cd0a4f15194711d94e655fa608324686f
f69553b05af5a0ceb41da787865e39b6d4ef733411344e10cedc7f49df379085
f6feb40e7c43c25bfc44925b9286907df5bcddf3b429e5e6ba3aa17821d69dbd
fa66a33148b326b7e86fc4850144bedbd89642bf3f0aa47f0061f3611476ca72
fb599e114d2bc2f901597ac2b6cbf99e6e6e7de9501a5c1a600ea2d6bad68d91
fba5010755edf3d96256ee823a925a1a011d34ce24200275ae96766d21aee0ef
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678
fc6b5f0f34b56137046ce7f2bbafc10daca71689824b12c89b4c90903befb24c
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf