www2.thegutrehab.com Open in urlscan Pro
2606:4700::6812:1e3a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.gdrytrk.com/4RQSJ/MD6Q28/?sub1=GiC96jqQKjGZJoIK5P5ydPg-6Uxjc4tf5ZxrAkxDmtstFyD8r0YortWpnpCf_bgk?cid=3&sub2=G...
Effective URL:
https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrest...
Submission: On April 08 via manual (April 8th 2022, 2:59:05 pm UTC) from GB — Scanned from GB

Summary HTTP 81 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 24 domains to perform 81 HTTP transactions. The main IP is 2606:4700::6812:1e3a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www2.thegutrehab.com. The Cisco Umbrella rank of the primary domain is 222827.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 30th 2021. Valid for: a year.

This is the only time www2.thegutrehab.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	34.107.202.36 34.107.202.36	15169 (GOOGLE) (GOOGLE)
2 28	2606:4700::68... 2606:4700::6812:1e3a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	34.117.39.58 34.117.39.58	15169 (GOOGLE) (GOOGLE)
2	54.229.130.226 54.229.130.226	16509 (AMAZON-02) (AMAZON-02)
1 4	35.227.244.1 35.227.244.1	15169 (GOOGLE) (GOOGLE)
3	143.204.98.18 143.204.98.18	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:62::84 2a04:4e42:62::84	54113 (FASTLY) (FASTLY)
1	2600:9000:215... 2600:9000:2156:c200:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.195.149.11 18.195.149.11	16509 (AMAZON-02) (AMAZON-02)
1 2	2600:1f18:730... 2600:1f18:730:b150:1533:8f19:3ef8:a567	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.192.161.35 69.192.161.35	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:7e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:15b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.218.249.192 52.218.249.192	16509 (AMAZON-02) (AMAZON-02)
2	52.217.134.1 52.217.134.1	16509 (AMAZON-02) (AMAZON-02)
2	35.190.54.17 35.190.54.17	15169 (GOOGLE) (GOOGLE)
1	75.2.91.175 75.2.91.175	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.122 143.204.98.122	16509 (AMAZON-02) (AMAZON-02)
5	151.101.2.27 151.101.2.27	54113 (FASTLY) (FASTLY)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
5	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
1	143.204.100.40 143.204.100.40	16509 (AMAZON-02) (AMAZON-02)
2	2.21.20.136 2.21.20.136	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6812:1de6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
81	30

2 34.107.202.36 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 36.202.107.34.bc.googleusercontent.com

www.gdrytrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700::6812:1e3a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www2.thegutrehab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thegutrehab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.39.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.39.117.34.bc.googleusercontent.com

www.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.130.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.244.1 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 1.244.227.35.bc.googleusercontent.com

shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-18.fra50.r.cloudfront.net

d3rr3d0n31t48m.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:62::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:c200:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.149.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-149-11.eu-central-1.compute.amazonaws.com

link.dsctrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:730:b150:1533:8f19:3ef8:a567 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.161.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-35.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:7e8 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gundrymd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:15b7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

thenewgutfix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.249.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.134.1 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

addshoppers.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.54.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.54.190.35.bc.googleusercontent.com

shopper.shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.91.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: a954c1fc80b8251dc.awsglobalaccelerator.com

nytrng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-122.fra50.r.cloudfront.net

cdn.nytrng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.2.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.100.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-100-40.fra50.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.20.136 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-136.deploy.static.akamaitechnologies.com

bcboltgoldenh-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1de6 (United States)

ASN13335 (CLOUDFLARENET, US)

stat.youniverssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	thegutrehab.com 2 redirects www2.thegutrehab.com — Cisco Umbrella Rank: 222827 thegutrehab.com — Cisco Umbrella Rank: 221258	2 MB
7	brightcove.com edge.api.brightcove.com — Cisco Umbrella Rank: 5053 metrics.brightcove.com — Cisco Umbrella Rank: 3954	4 KB
6	shop.pe 1 redirects shop.pe — Cisco Umbrella Rank: 9679 shopper.shop.pe — Cisco Umbrella Rank: 11664	13 KB
4	boltdns.net cf-images.us-east-1.prod.boltdns.net — Cisco Umbrella Rank: 3692 manifest.prod.boltdns.net — Cisco Umbrella Rank: 5132	135 KB
3	youniverssl.com stat.youniverssl.com — Cisco Umbrella Rank: 158858	17 KB
3	amazonaws.com s3-us-west-2.amazonaws.com addshoppers.s3.amazonaws.com — Cisco Umbrella Rank: 14888	7 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3725 rp.liadm.com — Cisco Umbrella Rank: 2769 rp4.liadm.com — Cisco Umbrella Rank: 10728	12 KB
3	cloudfront.net d3rr3d0n31t48m.cloudfront.net	52 KB
2	akamaihd.net bcboltgoldenh-a.akamaihd.net — Cisco Umbrella Rank: 221100	2 MB
2	nytrng.com nytrng.com — Cisco Umbrella Rank: 6003 cdn.nytrng.com — Cisco Umbrella Rank: 22830	846 B
2	thenewgutfix.com 1 redirects thenewgutfix.com — Cisco Umbrella Rank: 133640	184 B
2	gundrymd.com cdn.gundrymd.com — Cisco Umbrella Rank: 162312	12 KB
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 837	1 KB
2	google.com analytics.google.com — Cisco Umbrella Rank: 724	368 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 749	19 KB
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 440	915 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	167 KB
2	gdrytrk.com 1 redirects www.gdrytrk.com — Cisco Umbrella Rank: 154001	427 B
1	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 4986	7 KB
1	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 3625	219 KB
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3132	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 95	351 B
1	dsctrk.com link.dsctrk.com — Cisco Umbrella Rank: 219109
1	upsellit.com www.upsellit.com — Cisco Umbrella Rank: 10369	16 KB
81	24

	Domain	Requested by
27	www2.thegutrehab.com	2 redirects www2.thegutrehab.com
5	metrics.brightcove.com
4	shop.pe	1 redirects d3rr3d0n31t48m.cloudfront.net www2.thegutrehab.com
3	stat.youniverssl.com	www2.thegutrehab.com stat.youniverssl.com
3	manifest.prod.boltdns.net	www2.thegutrehab.com
3	d3rr3d0n31t48m.cloudfront.net	shop.pe
2	bcboltgoldenh-a.akamaihd.net	www2.thegutrehab.com
2	edge.api.brightcove.com	www2.thegutrehab.com
2	shopper.shop.pe	shop.pe www2.thegutrehab.com
2	addshoppers.s3.amazonaws.com	d3rr3d0n31t48m.cloudfront.net
2	thenewgutfix.com	1 redirects
2	cdn.gundrymd.com
2	ct.pinterest.com	www2.thegutrehab.com
2	analytics.google.com	www.googletagmanager.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	beacon.krxd.net	www2.thegutrehab.com
2	www.googletagmanager.com	www2.thegutrehab.com www.googletagmanager.com
2	www.gdrytrk.com	1 redirects www.googletagmanager.com
1	thegutrehab.com	www2.thegutrehab.com
1	cf-images.us-east-1.prod.boltdns.net
1	vjs.zencdn.net	players.brightcove.net
1	cdn.nytrng.com	nytrng.com
1	nytrng.com	d3rr3d0n31t48m.cloudfront.net
1	s3-us-west-2.amazonaws.com
1	players.brightcove.net	www2.thegutrehab.com
1	www.google.co.uk
1	stats.g.doubleclick.net	www.googletagmanager.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	link.dsctrk.com
1	b-code.liadm.com	www.googletagmanager.com
1	www.upsellit.com	www.googletagmanager.com
81	32

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-30` - `2022-06-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.upsellit.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-30` - `2022-11-01`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
actitrk.com Go Daddy Secure Certificate Authority - G2	`2021-05-06` - `2022-05-31`	a year	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
link.dsctrk.com R3	`2022-03-22` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
players.brightcove.net DigiCert SHA2 Secure Server CA	`2021-08-04` - `2022-08-04`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.shop.pe RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-06` - `2022-09-06`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh
nytrng.com Amazon	`2021-05-24` - `2022-06-22`	a year	crt.sh
*.nytrng.com Amazon	`2021-10-17` - `2022-11-14`	a year	crt.sh
*.adapter.ooyala.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-13` - `2022-06-14`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
metrics.brightcove.com GTS CA 1D4	`2022-02-17` - `2022-05-18`	3 months	crt.sh
*.prod.boltdns.net Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow
Frame ID: 219AA87DB8D94D0BA7B1B6CBF126DA2A
Requests: 76 HTTP requests in this frame

Frame: https://www.gdrytrk.com/?nid=704&aid=1&adv_event_id=30&transaction_id=TRANSACTION_ID&amount=AMOUNT
Frame ID: 281C095DE9B9D8E444743AC40399B59D
Requests: 1 HTTP requests in this frame

Frame: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=ea74405ad597475f8cdd3db4f331452a
Frame ID: 7D4AA680A2B31E9A949234D4DF382AAB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gut Cleanse Protocol

Page URL History Show full URLs

https://www.gdrytrk.com/4RQSJ/MD6Q28/?sub1=GiC96jqQKjGZJoIK5P5ydPg-6Uxjc4tf5ZxrAkxDmtstFyD8r0YortWpn... HTTP 302
https://www2.thegutrehab.com/cid/7013w000001vGhhAAE?subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subi... HTTP 302
https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaig... HTTP 301
https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campai... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

81
Requests

91 %
HTTPS

41 %
IPv6

24
Domains

32
Subdomains

30
IPs

4
Countries

4607 kB
Transfer

27578 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.gdrytrk.com/4RQSJ/MD6Q28/?sub1=GiC96jqQKjGZJoIK5P5ydPg-6Uxjc4tf5ZxrAkxDmtstFyD8r0YortWpnpCf_bgk?cid=3&sub2=GiC96jqQKjGZJoIK5P5ydPg-6Uxjc4tf5ZxrAkxDmtstFyD8r0YortWpnpCf_bgk&tblci=GiC96jqQKjGZJoIK5P5ydPg-6Uxjc4tf5ZxrAkxDmtstFyD8r0YortWpnpCf_bgk HTTP 302
https://www2.thegutrehab.com/cid/7013w000001vGhhAAE?subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow HTTP 302
https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow HTTP 301
https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://shop.pe/widget/widget_async.js HTTP 301
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

Request Chain 26

https://rp.liadm.com/j?dtstmp=1649429938561&aid=a-02uo&se=eyJldmVudCI6InZpZXdDb250ZW50IiwibmFtZSI6Ii92c2wyMTAyMDljX2FwIiwiY29udGVudFR5cGUiOiJMYW5kaW5nUGFnZSJ9&duid=87e4200bd901--01g04tz0bzn7tsa61af5t3xhks&tna=v2.3.0&pu=https%3A%2F%2Fwww2.thegutrehab.com%2Fvsl210209c_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26n%3Dtbatcr%26utm_campaign%3Dgmd-aff-totalrestore-tba-all-vsl-qqq-mbx%26utm_campaign_id%3D7013w000001vGhhAAE%26utm_content%3Dbanner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D%26utm_medium%3Dcpa%26utm_source%3Dtbatcr%26subid1%3Dafcb1b93ae9745bea8783284e83c39df%26subid2%3D3%26subid3%3D0%26subid5%3Deverflow%26sessionid%3D308345265780%26uid%3Daff_tr_dvsl_210303%26dsid%3Da0v3w00000LjiCjAAJ%26step%3D1&wpn=lc-bundle&c=PHRpdGxlIGlkPSJ0aXRsZSI-R3VuZHJ5IE1EIC0gSXMgVGhlcmUgQSBTb2x1dGlvbiBGb3IgTGVha3kgR3V0PzwvdGl0bGU- HTTP 302
https://rp4.liadm.com/j?dtstmp=1649429938561&aid=a-02uo&se=eyJldmVudCI6InZpZXdDb250ZW50IiwibmFtZSI6Ii92c2wyMTAyMDljX2FwIiwiY29udGVudFR5cGUiOiJMYW5kaW5nUGFnZSJ9&duid=87e4200bd901--01g04tz0bzn7tsa61af5t3xhks&tna=v2.3.0&pu=https%3A%2F%2Fwww2.thegutrehab.com%2Fvsl210209c_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26n%3Dtbatcr%26utm_campaign%3Dgmd-aff-totalrestore-tba-all-vsl-qqq-mbx%26utm_campaign_id%3D7013w000001vGhhAAE%26utm_content%3Dbanner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D%26utm_medium%3Dcpa%26utm_source%3Dtbatcr%26subid1%3Dafcb1b93ae9745bea8783284e83c39df%26subid2%3D3%26subid3%3D0%26subid5%3Deverflow%26sessionid%3D308345265780%26uid%3Daff_tr_dvsl_210303%26dsid%3Da0v3w00000LjiCjAAJ%26step%3D1&wpn=lc-bundle&c=PHRpdGxlIGlkPSJ0aXRsZSI-R3VuZHJ5IE1EIC0gSXMgVGhlcmUgQSBTb2x1dGlvbiBGb3IgTGVha3kgR3V0PzwvdGl0bGU-&i6=MjAwMTphYzg6MjE6ZTo6NQ%3D%3D&n3pc=true

Request Chain 38

https://thenewgutfix.com/images/gundry-309x300_2.png HTTP 301
https://thenewgutfix.com/eu/

81 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www2.thegutrehab.com/fst/aff_tr_dvsl_210303/
Redirect Chain

https://www.gdrytrk.com/4RQSJ/MD6Q28/?sub1=GiC96jqQKjGZJoIK5P5ydPg-6Uxjc4tf5ZxrAkxDmtstFyD8r0YortWpnpCf_bgk?cid=3&sub2=GiC96jqQKjGZJoIK5P5ydPg-6Uxjc4tf5ZxrAkxDmtstFyD8r0YortWpnpCf_bgk&tblci=GiC96jq...
https://www2.thegutrehab.com/cid/7013w000001vGhhAAE?subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow
https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=ba...
https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=b...

13 KB
5 KB

221ms
221ms

Document
text/html

2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f49952e3ca5c23f08928a2b44015c4b616fe5b25a777fc23e699c4067e73be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age = 31557600
cf-cache-status: DYNAMIC
cf-ray: 6f8bdd279fb90e12-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Apr 2022 14:58:55 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Fri, 08 Apr 2022 00:45:03 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, max-age = 0
cf-cache-status: DYNAMIC
cf-ray: 6f8bdd261b85f933-MXP
content-security-policy: default-src 'none'
content-type: text/html; charset=UTF-8
date: Fri, 08 Apr 2022 14:58:55 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: /fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 process_env.js Show response
www2.thegutrehab.com/ 1 KB
1 KB 245ms
245ms Script
application/javascript 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/process_env.js?ver=47202223

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b29b4effc56b7bc8f49212c46836c8e0500327425d9c035e894171c853cce63f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:55 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Apr 2022 14:22:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"487-180098e8401"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: private, no-cache, max-age = 0
cf-ray: 6f8bdd290a5c0e12-MXP

GET
H3 200 funnel_confs.js Show response
www2.thegutrehab.com/ 13 MB
700 KB 253ms
253ms Script
application/javascript 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/funnel_confs.js?ver=47202223

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bc5c92082daf677c45842b62f15c86160355be4340da1cba76bf8e6137be258

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:55 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Apr 2022 00:41:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d460aa-180069e7581"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age = 31557600
cf-ray: 6f8bdd2a9d180e12-MXP

GET
H3 200 countries.js Show response
www2.thegutrehab.com/ 2 KB
2 KB 209ms
209ms Script
application/javascript 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/countries.js?ver=47202223

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fcbe5efc69b05ce7d5e76825fb642bf3867a7435f88631b13a2d8068d8e2af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:57 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Apr 2022 14:19:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"98f-180098b929c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 6f8bdd3189360e12-MXP
expires: Fri, 08 Apr 2022 15:58:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 544 KB
102 KB 198ms
107ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c51b020e65970e98fc7c66f0647df066dc53ea97d9ef56e39cdb0782c930016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104166
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 14:24:41 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Apr 2022 14:58:57 GMT

GET
H3 200 request-ip Show response
www2.thegutrehab.com/ 64 B
475 B 215ms
214ms Script
application/javascript 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/request-ip

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fc145f067e158670f305778e7543cb279a36593b6d2089e825a7565d375ad19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:57 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"40-Y8MFtTuJ9Yx/CT0g+S9bKYBBrVU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-cache, max-age = 0
cf-ray: 6f8bdd32db760e12-MXP

GET
H3 200 getsession Show response
www2.thegutrehab.com/proxy/utils/ 0
415 B 376ms
375ms XHR
application/octet-stream 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/proxy/utils/getsession

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow
x-brand: Gundry MD
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:57 GMT
via: 1.1 spaces-router (1ee3716bf5eb), 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/octet-stream
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cf-ray: 6f8bdd32db790e12-MXP
access-control-expose-headers: X-Brand

GET
H3 200 polyfills.js Show response
www2.thegutrehab.com/build/ 95 KB
34 KB 219ms
219ms Script
application/javascript 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/build/polyfills.js?ver=47202223

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

889b55a9f68c3f0b1b423c124f4876639920d29a171098d4e42d120d401290d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:57 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Apr 2022 23:14:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"17b9c-180064f3580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 6f8bdd32db7a0e12-MXP
expires: Fri, 08 Apr 2022 15:58:57 GMT

GET
H3 200 vendor.js Show response
www2.thegutrehab.com/build/ 2 MB
494 KB 244ms
244ms Script
application/javascript 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/build/vendor.js?ver=47202223

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77185fbfcf4f0df903dd849bc6b325adb3061232015b1c6b562fdcae64470ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:57 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Apr 2022 23:16:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2009ad-1800650bc20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 6f8bdd32db7c0e12-MXP
expires: Fri, 08 Apr 2022 15:58:57 GMT

GET
H3 200 main.js Show response
www2.thegutrehab.com/build/ 551 KB
76 KB 438ms
437ms Script
application/javascript 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/build/main.js?ver=47202223

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12b4945ef70d21a8a2d26bbc11371d1d96938503097fbc4adc9116a03433ada1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:57 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Apr 2022 23:16:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"89bf4-18006506a18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 6f8bdd32db7d0e12-MXP
expires: Fri, 08 Apr 2022 15:58:57 GMT

GET
H3 200 main.css
www2.thegutrehab.com/build/ 6 MB
413 KB 440ms
440ms Stylesheet
text/css 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/build/main.css?ver=47202223

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d25e689e239979be6c25b6c69d892c8ca0c2c330477ec29dfafa958c89319ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:57 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Apr 2022 23:16:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"665544-18006503b38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 6f8bdd32db7e0e12-MXP
expires: Fri, 08 Apr 2022 15:58:57 GMT

GET
H2 200 goldenhippo.jsp Show response
www.upsellit.com/active/ 62 KB
16 KB 100ms
31ms Script
application/x-javascript 34.117.39.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upsellit.com/active/goldenhippo.jsp

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.39.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.39.117.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f9c8bd86ab0fbd9f3657fcfca53a0069a8446791660b782969d8a558f0134720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
server: nginx
age: 69792
date: Thu, 07 Apr 2022 19:35:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript;charset=ISO-8859-1
cache-control: max-age=86400
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15812
expires: Fri, 08 Apr 2022 19:35:45 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
458 B 130ms
40ms Image
text/plain 54.229.130.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=NqKvCG4b&event_type=default&company_id=4772303201
Requested by: Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.130.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=46 t=1649429937
x-served-by: beacon-n011-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H3 403 setaffparameters Show response
www2.thegutrehab.com/proxy/affiliate/ 136 B
438 B 191ms
191ms XHR
text/html 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/proxy/affiliate/setaffparameters

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/polyfills.js?ver=47202223

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c5ed862edeb5ca45c666d1669cdccfbaa8ce121b8ca5ad1322f3cb059447a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_{site}_campaign_id_{campaign_item_id}&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow
X-Brand: Gundry MD
accept-language: en-GB,en;q=0.9
XSRF-TOKEN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 08 Apr 2022 14:58:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/html; charset=utf-8
content-security-policy: default-src 'none'
cf-ray: 6f8bdd3af9b60e12-MXP

POST
H3 403 save Show response
www2.thegutrehab.com/proxy/funnel/stats/ 136 B
438 B 201ms
201ms XHR
text/html 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/proxy/funnel/stats/save

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/polyfills.js?ver=47202223

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c5ed862edeb5ca45c666d1669cdccfbaa8ce121b8ca5ad1322f3cb059447a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_{site}_campaign_id_{campaign_item_id}&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow&sessionid=308345265780
X-Brand: Gundry MD
accept-language: en-GB,en;q=0.9
XSRF-TOKEN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 08 Apr 2022 14:58:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/html; charset=utf-8
content-security-policy: default-src 'none'
cf-ray: 6f8bdd3b09c00e12-MXP

POST
H3 403 save Show response
www2.thegutrehab.com/proxy/funnel/stats/ 136 B
438 B 205ms
205ms XHR
text/html 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/proxy/funnel/stats/save

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/polyfills.js?ver=47202223

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c5ed862edeb5ca45c666d1669cdccfbaa8ce121b8ca5ad1322f3cb059447a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_{site}_campaign_id_{campaign_item_id}&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow&sessionid=308345265780
X-Brand: Gundry MD
accept-language: en-GB,en;q=0.9
XSRF-TOKEN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 08 Apr 2022 14:58:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/html; charset=utf-8
content-security-policy: default-src 'none'
cf-ray: 6f8bdd3b09c50e12-MXP

POST
H3 403 save Show response
www2.thegutrehab.com/proxy/funnel/stats/ 136 B
438 B 208ms
208ms XHR
text/html 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/proxy/funnel/stats/save

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/polyfills.js?ver=47202223

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c5ed862edeb5ca45c666d1669cdccfbaa8ce121b8ca5ad1322f3cb059447a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.thegutrehab.com/fst/aff_tr_dvsl_210303/?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_{site}_campaign_id_{campaign_item_id}&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow&sessionid=308345265780
X-Brand: Gundry MD
accept-language: en-GB,en;q=0.9
XSRF-TOKEN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 08 Apr 2022 14:58:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/html; charset=utf-8
content-security-policy: default-src 'none'
cf-ray: 6f8bdd3b19dc0e12-MXP

GET
H2

200

widget_async.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/
Redirect Chain

https://shop.pe/widget/widget_async.js
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

2 KB
1 KB

134ms
39ms

Script
application/javascript

143.204.98.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Protocol: H2
Server: 143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-18.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0466cc8a56c407bd6a8178cf752376122004a81fcbf1baa392bcc30cada1c21

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:22:53 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 14:21:48 GMT
server: AmazonS3
age: 2169
etag: "84d9b9b81be1b7ef20e44794f671014c"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 907
x-amz-cf-id: 2P600wCV25txEu21kURwqJXhBW4lal0fsf8z-FYADbXM-1jAjEynTQ==
x-amz-meta-mtime: 1648563706.34

Redirect headers

content-security-policy: frame-ancestors none;
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
server: nginx
date: Fri, 08 Apr 2022 14:58:58 GMT
x-frame-options: deny
content-type: text/html
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 178

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 107ms
58ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PCDR074HFD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c562cf710c69be24faad9163c5af07cad0548e837cf4293bdfe38edc3f5e2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66244
x-xss-protection: 0
expires: Fri, 08 Apr 2022 14:58:58 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 156ms
42ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:58 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 204 /
www.gdrytrk.com/ Frame 281C 0
0 140ms
140ms Document
text/plain 34.107.202.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gdrytrk.com/?nid=704&aid=1&adv_event_id=30&transaction_id=TRANSACTION_ID&amount=AMOUNT
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.202.36 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.202.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www2.thegutrehab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: clear
date: Fri, 08 Apr 2022 14:58:58 GMT
server: nginx
vary: Origin
via: 1.1 google
x-eflow-request-id: 8279a44d-10ee-4740-b809-4f082a7affa5

GET
H2 200 a-02uo.min.js Show response
b-code.liadm.com/ 26 KB
10 KB 139ms
45ms Script
application/javascript 2600:9000:2156:c200:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-02uo.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ZIO-Http /
Resource Hash: b0b31f46ac685e18087632187479513bc075495489db1727b61ab301d368d486

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 07:12:44 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
server: ZIO-Http
age: 27974
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
content-encoding: gzip
x-amz-cf-id: ZXzQnwoWBvJp34LEhoWIVc9B7taZpVPGu7fp38VPTsgEH8a5m7daVA==

GET
H3 200 src_components_components_module_ts.js Show response
www2.thegutrehab.com/build/ 196 KB
27 KB 217ms
217ms Script
application/javascript 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/build/src_components_components_module_ts.js?v=0f0a86cdb64923c6db18

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/main.js?ver=47202223

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4c4dd6078309ba1507c58e8c7a564b04c58659cc0965fe43bb013c2e101882d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/vsl210209c_ap?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_{site}_campaign_id_{campaign_item_id}&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow&sessionid=308345265780&uid=aff_tr_dvsl_210303&dsid=a0v3w00000LjiCjAAJ&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:58 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Apr 2022 23:16:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3102d-18006506e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 6f8bdd3b3a350e12-MXP
expires: Fri, 08 Apr 2022 15:58:58 GMT

GET
H3 200 src_pages__brand-pages-base_base-controllers_video_video-common-gh_ts.js Show response
www2.thegutrehab.com/build/ 36 KB
8 KB 196ms
196ms Script
application/javascript 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/build/src_pages__brand-pages-base_base-controllers_video_video-common-gh_ts.js?v=9466c041a0bf7f93bb2d

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/main.js?ver=47202223

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d4dbe1c00a3df88a231752315cac7e9875784a723cbb2334d384e4cfd724e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/vsl210209c_ap?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_{site}_campaign_id_{campaign_item_id}&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow&sessionid=308345265780&uid=aff_tr_dvsl_210303&dsid=a0v3w00000LjiCjAAJ&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:58 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Apr 2022 23:15:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"91a3-180064fe930"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 6f8bdd3b3a3a0e12-MXP
expires: Fri, 08 Apr 2022 15:58:58 GMT

GET
H3 200 src_pages_video-pages_video210209c_video210209c_module_ts.js Show response
www2.thegutrehab.com/build/ 32 KB
8 KB 207ms
207ms Script
application/javascript 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/build/src_pages_video-pages_video210209c_video210209c_module_ts.js?v=f11da98427eec8bb19d8

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/main.js?ver=47202223

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24d7f508cd613981d6de517e151c4a891d9ad001dc655f81d06c024d3d76ef9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/vsl210209c_ap?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_{site}_campaign_id_{campaign_item_id}&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow&sessionid=308345265780&uid=aff_tr_dvsl_210303&dsid=a0v3w00000LjiCjAAJ&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:58 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Apr 2022 23:15:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7fc0-180064fe930"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 6f8bdd3b3a3d0e12-MXP
expires: Fri, 08 Apr 2022 15:58:58 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
457 B 41ms
40ms Image
text/plain 54.229.130.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=NqKvCG4b&event_type=default&company_id=4772303201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.130.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=72 t=1649429938
x-served-by: beacon-n008-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 400 conversion.gif
link.dsctrk.com/ 0
0 156ms
42ms Image
text/html 18.195.149.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.dsctrk.com/conversion.gif?et=vslpageview
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.195.149.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-149-11.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1649429938561&aid=a-02uo&se=eyJldmVudCI6InZpZXdDb250ZW50IiwibmFtZSI6Ii92c2wyMTAyMDljX2FwIiwiY29udGVudFR5cGUiOiJMYW5kaW5nUGFnZSJ9&duid=87e4200bd901--01g04tz0bzn7tsa61af...
https://rp4.liadm.com/j?dtstmp=1649429938561&aid=a-02uo&se=eyJldmVudCI6InZpZXdDb250ZW50IiwibmFtZSI6Ii92c2wyMTAyMDljX2FwIiwiY29udGVudFR5cGUiOiJMYW5kaW5nUGFnZSJ9&duid=87e4200bd901--01g04tz0bzn7tsa61a...

13 B
550 B

128ms
108ms

XHR
application/json

2600:1f18:730:b150:1533:8f19:3ef8:a567
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1649429938561&aid=a-02uo&se=eyJldmVudCI6InZpZXdDb250ZW50IiwibmFtZSI6Ii92c2wyMTAyMDljX2FwIiwiY29udGVudFR5cGUiOiJMYW5kaW5nUGFnZSJ9&duid=87e4200bd901--01g04tz0bzn7tsa61af5t3xhks&tna=v2.3.0&pu=https%3A%2F%2Fwww2.thegutrehab.com%2Fvsl210209c_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26n%3Dtbatcr%26utm_campaign%3Dgmd-aff-totalrestore-tba-all-vsl-qqq-mbx%26utm_campaign_id%3D7013w000001vGhhAAE%26utm_content%3Dbanner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D%26utm_medium%3Dcpa%26utm_source%3Dtbatcr%26subid1%3Dafcb1b93ae9745bea8783284e83c39df%26subid2%3D3%26subid3%3D0%26subid5%3Deverflow%26sessionid%3D308345265780%26uid%3Daff_tr_dvsl_210303%26dsid%3Da0v3w00000LjiCjAAJ%26step%3D1&wpn=lc-bundle&c=PHRpdGxlIGlkPSJ0aXRsZSI-R3VuZHJ5IE1EIC0gSXMgVGhlcmUgQSBTb2x1dGlvbiBGb3IgTGVha3kgR3V0PzwvdGl0bGU-&i6=MjAwMTphYzg6MjE6ZTo6NQ%3D%3D&n3pc=true

Protocol

Server

2600:1f18:730:b150:1533:8f19:3ef8:a567 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:59 GMT
x-pixel-event-id: 1e0c53b6-89ff-4e3e-8a2a-5355fabfec07
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 4cdea5cf4cc59150
request-time: 1
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Fri, 08 Apr 2022 14:58:58 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1649429938561&aid=a-02uo&se=eyJldmVudCI6InZpZXdDb250ZW50IiwibmFtZSI6Ii92c2wyMTAyMDljX2FwIiwiY29udGVudFR5cGUiOiJMYW5kaW5nUGFnZSJ9&duid=87e4200bd901--01g04tz0bzn7tsa61af5t3xhks&tna=v2.3.0&pu=https%3A%2F%2Fwww2.thegutrehab.com%2Fvsl210209c_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26n%3Dtbatcr%26utm_campaign%3Dgmd-aff-totalrestore-tba-all-vsl-qqq-mbx%26utm_campaign_id%3D7013w000001vGhhAAE%26utm_content%3Dbanner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D%26utm_medium%3Dcpa%26utm_source%3Dtbatcr%26subid1%3Dafcb1b93ae9745bea8783284e83c39df%26subid2%3D3%26subid3%3D0%26subid5%3Deverflow%26sessionid%3D308345265780%26uid%3Daff_tr_dvsl_210303%26dsid%3Da0v3w00000LjiCjAAJ%26step%3D1&wpn=lc-bundle&c=PHRpdGxlIGlkPSJ0aXRsZSI-R3VuZHJ5IE1EIC0gSXMgVGhlcmUgQSBTb2x1dGlvbiBGb3IgTGVha3kgR3V0PzwvdGl0bGU-&i6=MjAwMTphYzg6MjE6ZTo6NQ%3D%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www2.thegutrehab.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 89dd27caf75110f7
request-time: 1
content-length: 0
x-content-type-options: nosniff

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 41ms
40ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:58 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 18298
access-control-expose-headers: X-CDN

POST
H2 204 collect
analytics.google.com/g/ 0
351 B 141ms
49ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-PCDR074HFD&gtm=2oe3u0&_p=1594969502&sr=1600x1200&_z=ccd.AAB&_gaz=1&ul=en-us&cid=290670261.1649429939&_s=1&dl=https%3A%2F%2Fwww2.thegutrehab.com%2Fvsl210209c_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26n%3Dtbatcr%26utm_campaign%3Dgmd-aff-totalrestore-tba-all-vsl-qqq-mbx%26utm_campaign_id%3D7013w000001vGhhAAE%26utm_content%3Dbanner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D%26utm_medium%3Dcpa%26utm_source%3Dtbatcr%26subid1%3Dafcb1b93ae9745bea8783284e83c39df%26subid2%3D3%26subid3%3D0%26subid5%3Deverflow%26sessionid%3D308345265780%26uid%3Daff_tr_dvsl_210303%26dsid%3Da0v3w00000LjiCjAAJ%26step%3D1&dt=Gundry%20MD%20-%20Is%20There%20A%20Solution%20For%20Leaky%20Gut%3F&sid=1649429938&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCDR074HFD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 14:58:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www2.thegutrehab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
351 B 109ms
36ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PCDR074HFD&cid=290670261.1649429939&gtm=2oe3u0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCDR074HFD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 14:58:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www2.thegutrehab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 166ms
77ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PCDR074HFD&cid=290670261.1649429939&gtm=2oe3u0&aip=1&z=1512609832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 14:58:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 488 B
836 B 238ms
69ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2615447712663&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&cb=1649429938620

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/polyfills.js?ver=47202223

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

dca1ae93b9c0a595ca6470fda80b9628d455812f8ba2bef0cb29edebe4290633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:58 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.846656b8.1649429938.227a6683
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1666741813810420
pin-unauth: dWlkPU9XUTRNbVpqTnpZdE1EZ3dZaTAwTXpneExXSmpZalV0TURCbFpXSTRPVFV5Wm1aaw
access-control-allow-origin: https://www2.thegutrehab.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 349
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 234ms
67ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2615447712663&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww2.thegutrehab.com%2Fvsl210209c_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26n%3Dtbatcr%26utm_campaign%3Dgmd-aff-totalrestore-tba-all-vsl-qqq-mbx%26utm_campaign_id%3D7013w000001vGhhAAE%26utm_content%3Dbanner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D%26utm_medium%3Dcpa%26utm_source%3Dtbatcr%26subid1%3Dafcb1b93ae9745bea8783284e83c39df%26subid2%3D3%26subid3%3D0%26subid5%3Deverflow%26sessionid%3D308345265780%26uid%3Daff_tr_dvsl_210303%26dsid%3Da0v3w00000LjiCjAAJ%26step%3D1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1649429938622

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 14:58:58 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.846656b8.1649429938.227a6687
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 5088304310186244
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/6058004206001/default_default/ 818 KB
219 KB 906ms
792ms Script
application/javascript 69.192.161.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/6058004206001/default_default/index.min.js
Requested by: Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/src_pages__brand-pages-base_base-controllers_video_video-common-gh_ts.js?v=9466c041a0bf7f93bb2d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-35.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ed8920a5f11240d0bb8bc5fe8426091c5f2767e59a89ca9819ff58a25a355b76

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: LE72BY5o4l7QIy9MF5ieetdDYKR50gX0
Content-Encoding: gzip
ETag: "b7282bb65eca96ae7686e969ed60d413"
x-amz-request-id: 6STYP4759NYED535
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 223828
x-amz-id-2: x86/2ct76BVUZzj2Aljt61ECys9YYXPPEOe5jFBBBkXiOXpPwRQJY0BVTi0ToOZhuIYUnHGsWdY=
X-BCOV-Response-Mode: 1
X-Served-By: cache-hhn4069-HHN
Last-Modified: Wed, 16 Mar 2022 18:49:54 GMT
Server: AmazonS3
X-Timer: S1647459568.160902,VS0,VE370
Date: Fri, 08 Apr 2022 14:59:00 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=279
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H3 200 gundry-logo.jpg
www2.thegutrehab.com/assets/img/ 4 KB
5 KB 190ms
189ms Image
image/jpeg 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.thegutrehab.com/assets/img/gundry-logo.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d8143650ebdb9d9a962cab5f83b121b3422940e3e2d0688026bccd6699a877

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/vsl210209c_ap?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_{site}_campaign_id_{campaign_item_id}&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow&sessionid=308345265780&uid=aff_tr_dvsl_210303&dsid=a0v3w00000LjiCjAAJ&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:59 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4571
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Apr 2022 23:14:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"11db-180064f3580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 6f8bdd408bc10e12-MXP
expires: Fri, 08 Apr 2022 15:58:59 GMT

GET
H3 200 phone.png
www2.thegutrehab.com/assets/img/ 489 B
907 B 197ms
195ms Image
image/png 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.thegutrehab.com/assets/img/phone.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e4b93c225168fc8fa90fe402bd1c8ab42fe7f81c3ac3323f2978790bfc5878a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/vsl210209c_ap?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_{site}_campaign_id_{campaign_item_id}&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow&sessionid=308345265780&uid=aff_tr_dvsl_210303&dsid=a0v3w00000LjiCjAAJ&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:59 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 489
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Apr 2022 23:14:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1e9-180064f3580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 6f8bdd408bc40e12-MXP
expires: Fri, 08 Apr 2022 15:58:59 GMT

GET
H2 200 speaker.png
cdn.gundrymd.com/images/ 312 B
554 B 441ms
301ms Image
image/webp 2606:4700::6812:7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gundrymd.com/images/speaker.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffe4154eab6a2d0b914f0e0efd5f5275c20642f79a3eb6646ce9ae05edfc5586

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:59 GMT
cf-cache-status: HIT
x-amz-request-id: MFNCPP1146CHE1CQ
cf-polished: origFmt=png, origSize=515
cf-ray: 6f8bdd416e0a59ef-MXP
last-modified: Fri, 15 Nov 2019 21:54:31 GMT
content-disposition: inline; filename="speaker.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 312
x-amz-id-2: hVL0SmRfIPnJ4iAPZTtUR2zyYeNmCwdwrcb2K28yZk4lQF8rXHQPs0GpVuGwW8HwvaSU7KiZSqE=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "b1ae3768ee2ebdc63b163f7e6d9adee7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-version-id: null
cache-control: public, max-age=3600
accept-ranges: bytes
content-type: image/webp
expires: Fri, 08 Apr 2022 15:58:59 GMT

GET
H3 200 speaker.png
www2.thegutrehab.com/assets/img/ 460 B
878 B 194ms
192ms Image
image/png 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.thegutrehab.com/assets/img/speaker.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4c1d935ba0e700bc28d004397e0298e35c1528967d571394c0bc4a38dac15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/vsl210209c_ap?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_{site}_campaign_id_{campaign_item_id}&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow&sessionid=308345265780&uid=aff_tr_dvsl_210303&dsid=a0v3w00000LjiCjAAJ&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:59 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 460
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Apr 2022 23:14:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1cc-180064f3580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 6f8bdd408bc60e12-MXP
expires: Fri, 08 Apr 2022 15:58:59 GMT

GET
H2

200

/
thenewgutfix.com/eu/
Redirect Chain

https://thenewgutfix.com/images/gundry-309x300_2.png
https://thenewgutfix.com/eu/

0
0

260ms
259ms

Image
text/html

2606:4700::6812:15b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thenewgutfix.com/eu/
Protocol: H2
Server: 2606:4700::6812:15b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

location: https://thenewgutfix.com/eu/
date: Fri, 08 Apr 2022 14:58:59 GMT
server: cloudflare
cf-ray: 6f8bdd416bbd59cb-MXP
content-length: 0
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2 200 Playbutton.png
cdn.gundrymd.com/images/ 11 KB
11 KB 437ms
297ms Image
image/webp 2606:4700::6812:7e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gundrymd.com/images/Playbutton.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cdbcf84acabb10f658e198b06d3497be86b6291f1eeb23b581ffe46f8924c97

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:59 GMT
cf-cache-status: HIT
x-amz-request-id: DKB3KW0N4YB5EN5P
cf-polished: origFmt=png, origSize=31455
cf-ray: 6f8bdd416e0e59ef-MXP
last-modified: Mon, 13 Jul 2020 19:33:32 GMT
content-disposition: inline; filename="Playbutton.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10982
x-amz-id-2: FNLhcoTBNUkbBtUDcuRwTZzndVkBBugUgdgXZuaLBxPgYakRqaktSglZUY0vOw6CfAaQX/nuNcU=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "94f19f0c88361f988382b41db9dd5c8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-version-id: null
cache-control: public, max-age=3600
accept-ranges: bytes
content-type: image/webp
expires: Fri, 08 Apr 2022 15:58:59 GMT

GET
H3 200 gundry-309x300_2.png
www2.thegutrehab.com/assets/img/ 38 KB
39 KB 198ms
196ms Image
image/png 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.thegutrehab.com/assets/img/gundry-309x300_2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99cf12de7fb05dbf461560d8e0388a5ca5ce80ce367068eaa7852472d2d87197

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/vsl210209c_ap?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_{site}_campaign_id_{campaign_item_id}&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow&sessionid=308345265780&uid=aff_tr_dvsl_210303&dsid=a0v3w00000LjiCjAAJ&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:59 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39103
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Apr 2022 23:14:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"98bf-180064f3580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 6f8bdd408bc70e12-MXP
expires: Fri, 08 Apr 2022 15:58:59 GMT

GET
H/1.1 200
OK green-check3.png
s3-us-west-2.amazonaws.com/cdn.gundrymd.com/images/ 1 KB
2 KB 737ms
192ms Image
image/png 52.218.249.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/cdn.gundrymd.com/images/green-check3.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.249.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7d461a416ad3c859b5be2013d5bad215f6cd6b1aad27f2e26c575856e838948c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 14:59:00 GMT
Last-Modified: Wed, 19 Aug 2020 22:49:35 GMT
Server: AmazonS3
x-amz-request-id: KR5V40N776SSM0GW
ETag: "0aab59cea1125f8d7e8429075627ac11"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 1382
x-amz-id-2: +igpaJC1DnSJF2Y0ZWp7I1VS53XsbAw2GBz1xPnLWbtcrtnNEMyppBkHCZGU7LhLFzoGhV9sPfU=

GET
H3 200 favicon.png
www2.thegutrehab.com/assets/img/ 2 KB
3 KB 198ms
197ms Image
image/png 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.thegutrehab.com/assets/img/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7bbbae8e3dfd2bacc18f2c86937981bdf385286269f57f030b26957ebf36c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/vsl210209c_ap?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_{site}_campaign_id_{campaign_item_id}&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow&sessionid=308345265780&uid=aff_tr_dvsl_210303&dsid=a0v3w00000LjiCjAAJ&step=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:59 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2247
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Apr 2022 23:14:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8c7-180064f3580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 6f8bdd408bc90e12-MXP
expires: Fri, 08 Apr 2022 15:58:59 GMT

GET
H3 200 Montserrat-regular.woff2
www2.thegutrehab.com/assets/fonts/Montserrat-regular/ 10 KB
10 KB 198ms
198ms Font
font/woff2 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/assets/fonts/Montserrat-regular/Montserrat-regular.woff2

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/main.css?ver=47202223

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6d5f3361200b9841322bf424d7d49b1e7d81ad6ed193b81787b9915f867755b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.thegutrehab.com/build/main.css?ver=47202223
Origin: https://www2.thegutrehab.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:59 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9768
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Apr 2022 23:14:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2628-180064f3580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 6f8bdd409bde0e12-MXP
expires: Fri, 08 Apr 2022 15:58:59 GMT

GET
H2 200 triggerRunner.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 10 KB
4 KB 41ms
40ms Script
application/javascript 143.204.98.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=b833556
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-18.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a5378fd5810a2c07287ace09f8a4bc371fa19b750981e6f3c1734b3671ea805

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 14:22:34 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 14:21:49 GMT
server: AmazonS3
age: 866186
etag: "711e8d6998265f799a4a1bb2900cc44d"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3712
x-amz-cf-id: gB8zcM-yCx7eQy-u1wQCKUEQjuq5U6aiXPK3EG2MkluHmEbmvNra_A==
x-amz-meta-mtime: 1648563706.28

GET
H2 200 widget.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 180 KB
46 KB 46ms
46ms Script
application/javascript 143.204.98.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=8392a90
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-18.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa91eb22a490ed1aee347a81c6f08e6285ec8c5c3335a640046da57db64577a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 14:22:35 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 14:21:48 GMT
server: AmazonS3
age: 866185
etag: "05cb8ab8a427654c0440aa7a5f547b46"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 47159
x-amz-cf-id: UBC9emYcQxr0yNUU1XcO1MyLYqXMWo_wdd7Wy18ndFE5t5KR7un3Yg==
x-amz-meta-mtime: 1648563703.78

POST
H3 403 save Show response
www2.thegutrehab.com/proxy/funnel/stats/ 136 B
438 B 224ms
224ms XHR
text/html 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/proxy/funnel/stats/save

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/polyfills.js?ver=47202223

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c5ed862edeb5ca45c666d1669cdccfbaa8ce121b8ca5ad1322f3cb059447a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.thegutrehab.com/vsl210209c_ap?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_{site}_campaign_id_{campaign_item_id}&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow&sessionid=308345265780&uid=aff_tr_dvsl_210303&dsid=a0v3w00000LjiCjAAJ&step=1
X-Brand: Gundry MD
accept-language: en-GB,en;q=0.9
XSRF-TOKEN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 08 Apr 2022 14:58:59 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/html; charset=utf-8
content-security-policy: default-src 'none'
cf-ray: 6f8bdd414d110e12-MXP

POST
H3 403 save Show response
www2.thegutrehab.com/proxy/funnel/stats/ 136 B
438 B 195ms
194ms XHR
text/html 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thegutrehab.com/proxy/funnel/stats/save

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/polyfills.js?ver=47202223

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c5ed862edeb5ca45c666d1669cdccfbaa8ce121b8ca5ad1322f3cb059447a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www2.thegutrehab.com/vsl210209c_ap?business_unit=a00f400000dk8tnaab&n=tbatcr&utm_campaign=gmd-aff-totalrestore-tba-all-vsl-qqq-mbx&utm_campaign_id=7013w000001vGhhAAE&utm_content=banner_adsite_{site}_campaign_id_{campaign_item_id}&utm_medium=cpa&utm_source=tbatcr&subid1=afcb1b93ae9745bea8783284e83c39df&subid2=3&subid3=0&subid5=everflow&sessionid=308345265780&uid=aff_tr_dvsl_210303&dsid=a0v3w00000LjiCjAAJ&step=1
X-Brand: Gundry MD
accept-language: en-GB,en;q=0.9
XSRF-TOKEN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
date: Fri, 08 Apr 2022 14:58:59 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/html; charset=utf-8
content-security-policy: default-src 'none'
cf-ray: 6f8bdd414d140e12-MXP

GET
H2 200 params Show response
shop.pe/widget/main/init/ 260 B
757 B 133ms
133ms Script
text/javascript 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/widget/main/init/params?siteid=61b7632473efc371cfbbfdf9&product=Gut%20Cleanse%20Protocol&product_url=https%3A%2F%2Fwww2.thegutrehab.com%2Fvsl210209c_ap&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww2.thegutrehab.com%2Fvsl210209c_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26n%3Dtbatcr%26utm_campaign%3Dgmd-aff-totalrestore-tba-all-vsl-qqq-mbx%26utm_campaign_id%3D7013w000001vGhhAAE%26utm_content%3Dbanner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D%26utm_medium%3Dcpa%26utm_source%3Dtbatcr%26subid1%3Dafcb1b93ae9745bea8783284e83c39df%26subid2%3D3%26subid3%3D0%26subid5%3Deverflow%26sessionid%3D308345265780%26uid%3Daff_tr_dvsl_210303%26dsid%3Da0v3w00000LjiCjAAJ%26step%3D1&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&rand=36509&cookie=&referer=

Requested by

Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=8392a90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

21e9efda1d52a527b1806338e69f1f5326f513b88a686193df7589a1a2aa60c8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:59 GMT
content-encoding: gzip
access-control-allow-origin: https://my.addshoppers.com
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version: 47
alt-svc: clear
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: deny
etag: W/"a6223aeb072e57d907599ba9d960d0e363ccf2b6"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
content-type: text/javascript
via: 1.1 google
access-control-allow-credentials: true
content-security-policy: frame-ancestors none;
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken

GET
H2 200 params Show response
shop.pe/widget/main/init/ 1 KB
1002 B 135ms
134ms Script
text/javascript 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/widget/main/init/params?siteid=61b7632473efc371cfbbfdf9&product=Gut%20Cleanse%20Protocol&product_url=https%3A%2F%2Fwww2.thegutrehab.com%2Fvsl210209c_ap&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww2.thegutrehab.com%2Fvsl210209c_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26n%3Dtbatcr%26utm_campaign%3Dgmd-aff-totalrestore-tba-all-vsl-qqq-mbx%26utm_campaign_id%3D7013w000001vGhhAAE%26utm_content%3Dbanner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D%26utm_medium%3Dcpa%26utm_source%3Dtbatcr%26subid1%3Dafcb1b93ae9745bea8783284e83c39df%26subid2%3D3%26subid3%3D0%26subid5%3Deverflow%26sessionid%3D308345265780%26uid%3Daff_tr_dvsl_210303%26dsid%3Da0v3w00000LjiCjAAJ%26step%3D1&callback=AddShoppersWidget.load_widget&rand=55297&cookie=2%7C1%3A0%7C10%3A1649429939%7C15%3Aaddshoppers.com%7C44%3AZWE3NDQwNWFkNTk3NDc1ZjhjZGQzZGI0ZjMzMTQ1MmE%3D%7C2fc5b5bbd48d014a4a8e763fc7aa4f670c5b7e6c215f8613341fc0490ed80481&referer=

Requested by

Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=8392a90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

0ee68ae98d870c2d343418b2490c418bccdc52cb5006bcb15cf79ee04fbd2078

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:59 GMT
content-encoding: gzip
access-control-allow-origin: https://my.addshoppers.com
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version: 47
alt-svc: clear
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: deny
etag: W/"15870357bf0e4b656071874aa4d50da4a9b0c09b"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
content-type: text/javascript
via: 1.1 google
access-control-allow-credentials: true
content-security-policy: frame-ancestors none;
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken

GET
H/1.1 200
OK A.js Show response
addshoppers.s3.amazonaws.com/61b7632473efc371cfbbfdf9/61b76db078f2f27efd9c4b80/ 17 KB
4 KB 485ms
127ms Script
application/javascript 52.217.134.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://addshoppers.s3.amazonaws.com/61b7632473efc371cfbbfdf9/61b76db078f2f27efd9c4b80/A.js?_t=1645033371
Requested by: Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=8392a90
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.134.1 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 45be41bfa1dc1ec0f712bbe1f194d9f853830cc1f10e5f6dc389beb63f7ab407

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 14:59:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 17:42:52 GMT
Server: AmazonS3
x-amz-request-id: C7YSQS5QFJ9YVC9G
ETag: "26dfe521e4023631d44dc226d45a13e8"
x-amz-version-id: XRkMcCsZ0xN3EIbNjPakXC.FYgAw6gf8
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 4055
x-amz-id-2: CC8pReLu2rdUIn4Xax+Wag1pW/+VyM6b9dyx9kuGUZ/ATVJT36umlyBicSONWMeoB0BF8eoRohE=

GET
H/1.1 200
OK c300986e77c94b13bd246c7dc0851b05.js Show response
addshoppers.s3.amazonaws.com/customize/61b7632473efc371cfbbfdf9/ 999 B
906 B 484ms
135ms Script
application/javascript 52.217.134.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://addshoppers.s3.amazonaws.com/customize/61b7632473efc371cfbbfdf9/c300986e77c94b13bd246c7dc0851b05.js?_t=1643662662
Requested by: Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=8392a90
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.134.1 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9d12c79ed10f4147dabf42f93d70b4ed34086eef389164b98b3db214fe26ae46

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 14:59:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jan 2022 20:57:43 GMT
Server: AmazonS3
x-amz-request-id: C7YRW53KXNZY892T
ETag: "cc5b466e1f54081c54416b0c33cfeedd"
x-amz-version-id: ylZsvipBbhK5gHQeE.6TAJl0AWpcBVFt
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 406
x-amz-id-2: 3ItlNIIBg+gcWUoI2HuAkqaYw2jrEkmDcExg1lo0uaeDly1alc+GYy/VdgaAgQ4157X4MCsHVNM=

GET
H2 200 input.js Show response
shopper.shop.pe/ 25 KB
9 KB 104ms
30ms Script
application/javascript 35.190.54.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper.shop.pe/input.js
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.54.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7a5539dcff177aa38e846625a78600dd181df7bd930cf30a6eaf846a5b1c3393

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 13:50:54 GMT
content-encoding: gzip
age: 4085
x-guploader-uploadid: ADPycdshoDiMTuMyfm6cLOGwthHrGIrQ6kiJ7hj9IwzpD74JC3AqjYe7kF4IbdjJybJzhbfG1UGwi9tjJRA2-CEfODOw_g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 8726
last-modified: Mon, 10 Jan 2022 17:17:34 GMT
server: UploadServer
etag: "c9393142714ec735315299d05a1582df"
vary: Accept-Encoding
x-goog-hash: crc32c=34TYGQ==, md5=yTkxQnFOxzUxUpnQWhWC3w==
x-goog-generation: 1641835054285553
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
x-goog-stored-content-length: 8726
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Fri, 08 Apr 2022 17:50:54 GMT

GET
H2 200 iframe Show response
nytrng.com/ Frame 7D4A 418 B
510 B 514ms
184ms Document
text/html 75.2.91.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=ea74405ad597475f8cdd3db4f331452a
Requested by: Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=8392a90
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.91.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a954c1fc80b8251dc.awsglobalaccelerator.com
Software: gunicorn /
Resource Hash: f15f0fad73ed1e841bbdd0c83f040e1e462dc135b267ee5904bd01e2b7d6f0b6

Request headers

Referer: https://www2.thegutrehab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-length: 418
content-type: text/html; charset=utf-8
date: Fri, 08 Apr 2022 14:59:00 GMT
server: gunicorn

HEAD
H2 200 consent Show response
shop.pe/query/datareg/ 0
649 B 186ms
129ms XHR
text/html 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/query/datareg/consent

Requested by

Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/polyfills.js?ver=47202223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:58:59 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version: 47
alt-svc: clear
content-length: 0
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: deny
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: HEAD, GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Data-Regulation-Gdpr-Enforced
content-security-policy: frame-ancestors none;
access-control-allow-headers: X-Requested-With, Content-Type, Data-Regulation-Gdpr-Enforced

GET
H2 200 pl.2.2.min.js Show response
cdn.nytrng.com/ Frame 7D4A 0
336 B 144ms
44ms Script
text/plain 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nytrng.com/pl.2.2.min.js
Requested by: Host: nytrng.com
URL: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=ea74405ad597475f8cdd3db4f331452a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nytrng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jul 2019 16:57:19 GMT
server: AmazonS3
age: 654265
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/plain
date: Fri, 01 Apr 2022 01:14:54 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: eqQ7ONB5ZcU1TbM2YISHuvTj-USs8gZZI3fUFHS26JWAWKtzTigV-Q==

OPTIONS
H2 200 6211998270001
edge.api.brightcove.com/playback/v1/accounts/6058004206001/videos/ Frame 0
0 111ms
29ms Preflight 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/6058004206001/videos/6211998270001
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www2.thegutrehab.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
bcov-debug-cache-stats: unknown
bcov-instance: unknown
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Fri, 08 Apr 2022 14:59:00 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-amz-cf-id: unknown
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-lcy19276-LCY
x-timer: S1649429940.479080,VS0,VE0

GET
H2 200 vtt.global.min.js Show response
vjs.zencdn.net/vttjs/0.12.5/ 20 KB
7 KB 209ms
66ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/6058004206001/default_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:59:00 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2017 21:04:55 GMT
etag: "f30dac97e5c2aaa10a7695b93cc66699"
x-served-by: cache-mxp6963-MXP
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 7231
x-cache-hits: 797868

GET
H2 200 6211998270001 Show response
edge.api.brightcove.com/playback/v1/accounts/6058004206001/videos/ 4 KB
4 KB 163ms
162ms XHR
application/json 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/6058004206001/videos/6211998270001
Requested by: Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/polyfills.js?ver=47202223
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8c38dc12dd3e1e56d87c860bafed430b149ccdecd3d5d7a3374273ac5fc69871

Request headers

Accept: application/json;pk=BCpkADawqM1xV1MNL_N5fmbsfxkoSYIVpSiiclr_CxXM_dnMY3mrR1Uz5YDP_xqpWEiVjjVyAI0MrKPM8R4IQUSrpj-3znsS8epdzR0naL5hMZ33xYxH0FzRflAKgjmYHslX4TS-WAKkmr3j
Referer: https://www2.thegutrehab.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

bc-override-client-ip: 217.138.196.101
date: Fri, 08 Apr 2022 14:59:00 GMT
powered-from: us-east-1c
bcov-request-id: f5c8b658-8c0f-458d-85d5-d7024694332f
age: 0
policy-key-accountid: 6058004206001
x-cache: MISS
access-control-allow-origin: *
powered-by: BC
content-length: 3720
x-served-by: cache-lcy19276-LCY
bcov-instance: unknown
policy-key-raw: BCpkADawqM1xV1MNL_N5fmbsfxkoSYIVpSiiclr_CxXM_dnMY3mrR1Uz5YDP_xqpWEiVjjVyAI0MrKPM8R4IQUSrpj-3znsS8epdzR0naL5hMZ33xYxH0FzRflAKgjmYHslX4TS-WAKkmr3j
x-timer: S1649429941.509675,VS0,VE133
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
bcov-debug-cache-stats: unknown
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-amz-cf-id: unknown
x-cache-hits: 0

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 102ms
35ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Fri, 08 Apr 2022 14:59:00 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 102ms
35ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Fri, 08 Apr 2022 14:59:00 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
207 B 88ms
34ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=aff7a5dfbb3b3d969fc9e115&account=6058004206001&destination=https%3A%2F%2Fwww2.thegutrehab.com%2Fvsl210209c_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26n%3Dtbatcr%26utm_campaign%3Dgmd-aff-totalrestore-tba-all-vsl-qqq-mbx%26utm_campaign_id%3D7013w000001vGhhAAE%26utm_content%3Dbanner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D%26utm_medium%3Dcpa%26utm_source%3Dtbatcr%26subid1%3Dafcb1b93ae9745bea8783284e83c39df%26subid2%3D3%26subid3%3D0%26subid5%3Deverflow%26sessionid%3D308345265780%26uid%3Daff_tr_dvsl_210303%26dsid%3Da0v3w00000LjiCjAAJ%26step%3D1&platform_version=6.64.3&player=players.brightcove.com%2F6058004206001%2Fdefault_default&player_name=Brightcove%20Default%20Player&source=&autoplay=false&ads_enabled=false&usage=inpage-embed&event=player_load&time=1649429940397&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=109000000&qos.performance.memory.totalJSHeapSize=123000000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=1649429938392&qos.performance.timing.loadEventStart=1649429938392&qos.performance.timing.domComplete=1649429938392&qos.performance.timing.domContentLoadedEventEnd=1649429938392&qos.performance.timing.domContentLoadedEventStart=1649429938392&qos.performance.timing.domInteractive=1649429937968&qos.performance.timing.domLoading=1649429935489&qos.performance.timing.responseEnd=1649429935486&qos.performance.timing.responseStart=1649429935485&qos.performance.timing.requestStart=1649429935265&qos.performance.timing.secureConnectionStart=1649429935264&qos.performance.timing.connectEnd=1649429935264&qos.performance.timing.connectStart=1649429935264&qos.performance.timing.domainLookupEnd=1649429935264&qos.performance.timing.domainLookupStart=1649429935264&qos.performance.timing.fetchStart=1649429935264&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1649429934117&qos.player.dimensions=%5B%5B1649429940397%2C%220x0%22%2C%22680x382.5%22%5D%5D&qos.player.pixelratio=%5B%5B1649429940397%2C1%5D%5D&qos.player.screendimensions=%5B%5B1649429940397%2C%221600x1200%22%5D%5D&seq=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Fri, 08 Apr 2022 14:59:00 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 tracker
metrics.brightcove.com/v2/ 35 B
49 B 65ms
33ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Fri, 08 Apr 2022 14:59:00 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/jit/6058004206001/d3e6ba71-b024-4adc-9ee9-9cdd9ad7a95f/main/640x360/25m51s964ms/match/ 23 KB
23 KB 156ms
43ms Image
image/jpeg 143.204.100.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/jit/6058004206001/d3e6ba71-b024-4adc-9ee9-9cdd9ad7a95f/main/640x360/25m51s964ms/match/image.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.100.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-100-40.fra50.r.cloudfront.net
Software: / BC
Resource Hash: f86eed342bc4c255303c8922992877e4e6993d75290ed60aba91d91313215893

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 06 Apr 2022 00:40:02 GMT
Via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 224338
X-Powered-From: gantry
X-Powered-By: BC
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 23326
X-Amz-Cf-Id: k_AX6bJrOOn8kG38eVO3ZIHC4k9mnZ_4U5W7KUcuMf8B1QAjn6yv5g==
Expires: Thu, 06 Apr 2023 00:40:02 GMT

GET
H2 200 bodyGif.gif
thegutrehab.com/img/ 397 KB
398 KB 243ms
222ms Image
image/gif 2606:4700::6812:1e3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thegutrehab.com/img/bodyGif.gif
Requested by: Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/main.css?ver=47202223
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe033d1701c0c50ede30187ac772f28e42369e8950b8e09ae90c997dd86b900d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:59:00 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: "635d2-11ef9b484c240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 6f8bdd497945f933-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 406994
expires: Fri, 08 Apr 2022 15:59:00 GMT

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004206001/d3e6ba71-b024-4adc-9ee9-9cdd9ad7a95f/10s/ 2 KB
2 KB 116ms
109ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004206001/d3e6ba71-b024-4adc-9ee9-9cdd9ad7a95f/10s/master.m3u8?fastly_token=NjI1MGIzYmRfZWZkZmI4MDE4YTA5ZDMyZmQwYmE5YWFiYjA1MmVjYjM4NDM1NzgzMzJmYmQ0YWQ2MGU2NTg0MzNhYTAzYzU2Yg%3D%3D
Requested by: Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/polyfills.js?ver=47202223
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 35f11833bc883881312336b4c2dfdd377dac728f63ca72d42f97b48d71dc4a6f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:59:00 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
x-bolt-device-group: desktop-chrome
content-length: 2034
x-served-by: cache-lcy19276-LCY
x-device-group: desktop-chrome
x-timer: S1649429941.694259,VS0,VE81
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
BLOB 200
OK a2f2513d-74ab-45d0-ad07-bad355775371
https://www2.thegutrehab.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www2.thegutrehab.com/a2f2513d-74ab-45d0-ad07-bad355775371
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c8080b8db8443b7e4a1c5021e0490917c6b2bf5439be933dbf43ff90902d9d6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 5914
Content-Type: application/javascript

GET
BLOB 200
OK 5b13eca7-460a-4ae2-9bc0-d660b592fb8f
https://www2.thegutrehab.com/ 87 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www2.thegutrehab.com/5b13eca7-460a-4ae2-9bc0-d660b592fb8f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d28bb831fab693a0e146408e7912ff7d3317d241e78dc545d67f965f6ce2a933

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 88599
Content-Type: application/javascript

GET
BLOB 200
OK e005cbb6-daec-42de-b483-a14496ce2d7f
https://www2.thegutrehab.com/ 87 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www2.thegutrehab.com/e005cbb6-daec-42de-b483-a14496ce2d7f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d28bb831fab693a0e146408e7912ff7d3317d241e78dc545d67f965f6ce2a933

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 88599
Content-Type: application/javascript

GET
H3 200 tracker
metrics.brightcove.com/v2/ 35 B
49 B 39ms
34ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Fri, 08 Apr 2022 14:59:00 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004206001/d3e6ba71-b024-4adc-9ee9-9cdd9ad7a95f/82069095-7b86-4810-87f0-27ce2b237105/10s/ 55 KB
55 KB 272ms
272ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004206001/d3e6ba71-b024-4adc-9ee9-9cdd9ad7a95f/82069095-7b86-4810-87f0-27ce2b237105/10s/rendition.m3u8?fastly_token=NjI1MGIzYmRfZDk1ZmUwNTRhOTk5ZjU2YjNjMDMyZjI1MzI2M2M2NmNjYjM3OWExNzMwNjE0YmViZWM5NmEwODhlZTQ2YjNjMw%3D%3D
Requested by: Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/polyfills.js?ver=47202223
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: f5d4ba41073e5eb3d2d545a10daac3c6ffd26391edd831c2ca06e585ac9ed56e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:59:01 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 55983
x-served-by: cache-lcy19276-LCY
x-device-group: desktop-chrome
x-timer: S1649429941.812687,VS0,VE243
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004206001/d3e6ba71-b024-4adc-9ee9-9cdd9ad7a95f/a33bae5b-1252-42f8-a292-37fb3a3fc2a4/10s/ 54 KB
54 KB 172ms
172ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004206001/d3e6ba71-b024-4adc-9ee9-9cdd9ad7a95f/a33bae5b-1252-42f8-a292-37fb3a3fc2a4/10s/rendition.m3u8?fastly_token=NjI1MGIzYmRfNWM5ZWE3YmZjNTJjYmFmNzk4Nzg2NWUyZTRiMTY1NThlNmIxYTJkNTQ3ZjhjODUyYWRiYzhjYjM4Zjg5ZmU0Yw%3D%3D
Requested by: Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/polyfills.js?ver=47202223
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: c62eed833ed607abc8306adfc6f53f7ec60eed7e610a47c2f8e320a73a6947af

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:59:01 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 55673
x-served-by: cache-lcy19276-LCY
x-device-group: desktop-chrome
x-timer: S1649429941.127739,VS0,VE139
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H/1.1 200
OK segment0.ts Show response
bcboltgoldenh-a.akamaihd.net/media/v1/hls/v4/clear/6058004206001/d3e6ba71-b024-4adc-9ee9-9cdd9ad7a95f/82069095-7b86-4810-87f0-27ce2b237105/5x/ 2 MB
2 MB 591ms
436ms XHR
video/mp2t 2.21.20.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcboltgoldenh-a.akamaihd.net/media/v1/hls/v4/clear/6058004206001/d3e6ba71-b024-4adc-9ee9-9cdd9ad7a95f/82069095-7b86-4810-87f0-27ce2b237105/5x/segment0.ts
Requested by: Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/polyfills.js?ver=47202223
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-136.deploy.static.akamaitechnologies.com
Software: / BC
Resource Hash: 5e94c1fe0e9872db524776d989ea05c1f9753f630c5ef7b90c231a2f59913363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 14:59:01 GMT
X-Amz-Cf-Pop: EWR52-C4
X-Powered-By: BC
Backend-IP: 99.84.47.55
BC-MID: true
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1573560
X-Served-By: cache-ewr18170-EWR
Akamai-Mon-Iucid-Del: 888514
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1649429941.341926,VS0,VE298
X-Powered-From: gantry
ETag: "7c79ac49d9bad48a225ab0d0a6f648b2"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id: Sbs6rlCvYRbCXEEgds4Oo9f6OH2mO9xltbVQcQUfXuc2lZhkPqwAYg==
Expires: Sat, 08 Apr 2023 14:59:01 GMT
X-Cache-Hits: 0

GET
H/1.1 200
OK segment0.ts Show response
bcboltgoldenh-a.akamaihd.net/media/v1/hls/v4/clear/6058004206001/d3e6ba71-b024-4adc-9ee9-9cdd9ad7a95f/a33bae5b-1252-42f8-a292-37fb3a3fc2a4/5x/ 159 KB
160 KB 232ms
151ms XHR
video/mp2t 2.21.20.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcboltgoldenh-a.akamaihd.net/media/v1/hls/v4/clear/6058004206001/d3e6ba71-b024-4adc-9ee9-9cdd9ad7a95f/a33bae5b-1252-42f8-a292-37fb3a3fc2a4/5x/segment0.ts
Requested by: Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/polyfills.js?ver=47202223
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-136.deploy.static.akamaitechnologies.com
Software: / BC
Resource Hash: 40889d0c63611122bcd0c5c3d56be210f1535087bf432da53fea23c4757d571c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 14:59:01 GMT
Fastly-Original-Body-Size: 162808
X-Amz-Cf-Pop: EWR52-C4
X-Powered-By: BC
Backend-IP: 99.84.47.55
BC-MID: true
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 162808
X-Served-By: cache-ewr18145-EWR
Akamai-Mon-Iucid-Del: 888514
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1649429941.459247,VS0,VE2
X-Powered-From: gantry
ETag: "3f25e9fbe203d0e68baffd355826bc88"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control: public, max-age=31337923
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id: LmiPrJ45WqfvuSdhXHTvmTVZtBXjCz2P-Qc_MiMYj_DRmQ4VB_fmgA==
Expires: Thu, 06 Apr 2023 07:57:44 GMT
X-Cache-Hits: 1

GET
H2 200 cscript.js Show response
stat.youniverssl.com/js/ 9 KB
3 KB 396ms
228ms Script
application/javascript 2606:4700::6812:1de6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stat.youniverssl.com/js/cscript.js?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1de6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b078999f1e87fb1a80a941371723dc584673d28de33c3d69a8d98688f4dbdea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:59:02 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 28 Feb 2022 18:51:11 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 6f8bdd552eb33745-MXP
expires: 0

GET
H3 200 fp.min.js Show response
stat.youniverssl.com/js/ 31 KB
13 KB 303ms
235ms Script
application/javascript 2606:4700::6812:1de6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stat.youniverssl.com/js/fp.min.js

Requested by

Host: stat.youniverssl.com
URL: https://stat.youniverssl.com/js/cscript.js?v=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1de6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:59:03 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 28 Feb 2022 18:51:11 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 6f8bdd56fbfe3755-MXP
expires: 0

GET
H2 200 pixel.png Show response
shopper.shop.pe/ 609 B
1 KB 87ms
29ms XHR
image/png 35.190.54.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper.shop.pe/pixel.png?data=eyJhY3RpdmVfY2FydCI6dHJ1ZSwiY3VzdG9tX3ZhbHVlcyI6eyJhc19uZXR3b3JrIjp0cnVlfSwiaWRzaG9wcGVyIjoiNjFiNzYzMjQ3M2VmYzM3MWNmYmJmZGY5Iiwic2Vzc2lvbl9pZCI6ImVhNzQ0MDVhZDU5NzQ3NWY4Y2RkM2RiNGYzMzE0NTJhIiwiZGF0YXJlZ19nZHByX2NvbnNlbnRlZCI6ZmFsc2V9
Requested by: Host: www2.thegutrehab.com
URL: https://www2.thegutrehab.com/build/polyfills.js?ver=47202223
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.54.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:32:47 GMT
age: 1576
x-guploader-uploadid: ADPycdu_aZL1lKftHZ0kBus9iecYasegzdIOXgO1_pLFUw4vle54yWEENVsBufUbkeRhnwD4simSeeCXhCJEzI2U6jSQS6dp9g
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 609
last-modified: Wed, 20 Sep 2017 16:12:07 GMT
server: UploadServer
etag: "6802175f61adc40617e8ba87a30aa6bd"
x-goog-hash: crc32c=Yf0PfA==, md5=aAIXX2GtxAYX6LqHowqmvQ==
x-goog-generation: 1505923927946539
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 609
accept-ranges: bytes
content-type: image/png
expires: Fri, 08 Apr 2022 15:32:47 GMT

GET
H3 200 stat Show response
stat.youniverssl.com/ 3 KB
1 KB 212ms
211ms Script
application/javascript 2606:4700::6812:1de6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stat.youniverssl.com/stat?callback=siteStatHandler&consume=%7B%22affParameters%22%3A%7B%22utmSource%22%3A%22tbatcr%22%2C%22utmMedium%22%3A%22cpa%22%2C%22utmCampaign%22%3A%22gmd-aff-totalrestore-tba-all-vsl-qqq-mbx%22%2C%22utmCampaignId%22%3A%227013w000001vGhhAAE%22%2C%22utmContent%22%3A%22banner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D%22%2C%22utmTerm%22%3Anull%2C%22subId1%22%3A%22afcb1b93ae9745bea8783284e83c39df%22%2C%22subId2%22%3A%223%22%2C%22subId3%22%3A%220%22%2C%22subId4%22%3Anull%2C%22subId5%22%3A%22everflow%22%7D%2C%22sessionid%22%3A%22308345265780%22%2C%22url%22%3A%22https%3A%2F%2Fwww2.thegutrehab.com%2Fvsl210209c_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26n%3Dtbatcr%26utm_campaign%3Dgmd-aff-totalrestore-tba-all-vsl-qqq-mbx%26utm_campaign_id%3D7013w000001vGhhAAE%26utm_content%3Dbanner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D%26utm_medium%3Dcpa%26utm_source%3Dtbatcr%26subid1%3Dafcb1b93ae9745bea8783284e83c39df%26subid2%3D3%26subid3%3D0%26subid5%3Deverflow%26sessionid%3D308345265780%26uid%3Daff_tr_dvsl_210303%26dsid%3Da0v3w00000LjiCjAAJ%26step%3D1%22%7D&id=a40795213798a1710979ac4341bac8e5&url=https%3A%2F%2Fwww2.thegutrehab.com%2Fvsl210209c_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26n%3Dtbatcr%26utm_campaign%3Dgmd-aff-totalrestore-tba-all-vsl-qqq-mbx%26utm_campaign_id%3D7013w000001vGhhAAE%26utm_content%3Dbanner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D%26utm_medium%3Dcpa%26utm_source%3Dtbatcr%26subid1%3Dafcb1b93ae9745bea8783284e83c39df%26subid2%3D3%26subid3%3D0%26subid5%3Deverflow%26sessionid%3D308345265780%26uid%3Daff_tr_dvsl_210303%26dsid%3Da0v3w00000LjiCjAAJ%26step%3D1&sessionid=308345265780

Requested by

Host: stat.youniverssl.com
URL: https://stat.youniverssl.com/js/cscript.js?v=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1de6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b995a8f5b8f6e30a3ed7758d9831bbc3d00eb0bbe1ce9f1b65fd89bdcf2da67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:59:03 GMT
via: 1.1 spaces-router (1ee3716bf5eb)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 6f8bdd5979833755-MXP
expires: 0

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 94ms
47ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-PCDR074HFD&gtm=2oe3u0&_p=1594969502&sr=1600x1200&_z=ccd.AAB&ul=en-us&cid=290670261.1649429939&_s=2&dl=https%3A%2F%2Fwww2.thegutrehab.com%2Fvsl210209c_ap%3Fbusiness_unit%3Da00f400000dk8tnaab%26n%3Dtbatcr%26utm_campaign%3Dgmd-aff-totalrestore-tba-all-vsl-qqq-mbx%26utm_campaign_id%3D7013w000001vGhhAAE%26utm_content%3Dbanner_adsite_%7Bsite%7D_campaign_id_%7Bcampaign_item_id%7D%26utm_medium%3Dcpa%26utm_source%3Dtbatcr%26subid1%3Dafcb1b93ae9745bea8783284e83c39df%26subid2%3D3%26subid3%3D0%26subid5%3Deverflow%26sessionid%3D308345265780%26uid%3Daff_tr_dvsl_210303%26dsid%3Da0v3w00000LjiCjAAJ%26step%3D1&dt=Gundry%20MD%20-%20Is%20There%20A%20Solution%20For%20Leaky%20Gut%3F&sid=1649429938&sct=1&seg=0&en=scroll&_et=12&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCDR074HFD&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www2.thegutrehab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 14:59:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www2.thegutrehab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www2.thegutrehab.com/assets/fonts/Montserrat-regular	1969-12-31 23:59:59	Name: gdpr Value: 1
www2.thegutrehab.com/fst/aff_tr_dvsl_210303	1969-12-31 23:59:59	Name: gdpr Value: 1
www2.thegutrehab.com/proxy/funnel/stats	1969-12-31 23:59:59	Name: gdpr Value: 1
www2.thegutrehab.com/proxy/affiliate	1969-12-31 23:59:59	Name: gdpr Value: 1
www2.thegutrehab.com/proxy/utils	1969-12-31 23:59:59	Name: gdpr Value: 1
www2.thegutrehab.com/assets/img	1969-12-31 23:59:59	Name: gdpr Value: 1
www2.thegutrehab.com/build	1969-12-31 23:59:59	Name: gdpr Value: 1
www2.thegutrehab.com/cid	1969-12-31 23:59:59	Name: gdpr Value: 1
www2.thegutrehab.com/fst	1969-12-31 23:59:59	Name: gdpr Value: 1
thegutrehab.com/img	1969-12-31 23:59:59	Name: gdpr Value: 1
www.gdrytrk.com/	1970-01-20 02:11:56	Name: uniqueClick_MD6Q28 Value: 5e4c04d2-3b5b-464f-afaf-d51b9808811a:1649429934
www.gdrytrk.com/	1970-01-20 04:20:05	Name: transaction_id Value: afcb1b93ae9745bea8783284e83c39df
www2.thegutrehab.com/	1969-12-31 23:59:59	Name: gdpr Value: 1
.thegutrehab.com/	1970-01-20 04:20:05	Name: _gcl_au Value: 1.1.927730083.1649429937
.krxd.net/	1970-01-20 06:29:41	Name: _kuid_ Value: OxC4ErXg
www2.thegutrehab.com/	1970-01-20 02:20:34	Name: GAID Value: 6de9bd15-8f35-6243-30bb-5917aac918c3
.krxd.net/	1970-01-20 02:13:22	Name: e_NqKvCG4b^company_id\|4772303201 Value: 1649429938
.thegutrehab.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .thegutrehab.com
.thegutrehab.com/	1970-01-20 19:41:41	Name: _lc2_fpi Value: 87e4200bd901--01g04tz0bzn7tsa61af5t3xhks
.thegutrehab.com/	1970-01-20 19:41:41	Name: _ga_PCDR074HFD Value: GS1.1.1649429938.1.0.1649429938.60
.thegutrehab.com/	1970-01-20 19:41:41	Name: _ga Value: GA1.1.290670261.1649429939
.liadm.com/	1970-01-20 19:41:41	Name: lidid Value: 089a3518-08c9-46ba-9400-0c332b3ed841
www2.thegutrehab.com/	1970-01-20 10:56:05	Name: gundryMDUserVisited Value: true
.www2.thegutrehab.com/	1970-01-20 10:56:05	Name: _pin_unauth Value: dWlkPU9XUTRNbVpqTnpZdE1EZ3dZaTAwTXpneExXSmpZalV0TURCbFpXSTRPVFV5Wm1aaw
shop.pe/	1970-01-21 02:10:29	Name: addshoppers Value: "2\|1:0\|10:1649429939\|11:addshoppers\|44:ZWE3NDQwNWFkNTk3NDc1ZjhjZGQzZGI0ZjMzMTQ1MmE=\|32947d3c442a0d014e76a7c21513383337c335417c1490a36dc46ebc8feee9c1"
www2.thegutrehab.com/	1970-01-21 02:10:29	Name: addshoppers.com Value: 2%7C1%3A0%7C10%3A1649429939%7C15%3Aaddshoppers.com%7C44%3AZWE3NDQwNWFkNTk3NDc1ZjhjZGQzZGI0ZjMzMTQ1MmE%3D%7C2fc5b5bbd48d014a4a8e763fc7aa4f670c5b7e6c215f8613341fc0490ed80481

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www2.thegutrehab.com/proxy/affiliate/setaffparameters Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://link.dsctrk.com/conversion.gif?et=vslpageview Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://www2.thegutrehab.com/proxy/funnel/stats/save Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www2.thegutrehab.com/proxy/funnel/stats/save Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www2.thegutrehab.com/proxy/funnel/stats/save Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www2.thegutrehab.com/proxy/funnel/stats/save Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www2.thegutrehab.com/proxy/funnel/stats/save Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addshoppers.s3.amazonaws.com
analytics.google.com
b-code.liadm.com
bcboltgoldenh-a.akamaihd.net
beacon.krxd.net
cdn.gundrymd.com
cdn.nytrng.com
cf-images.us-east-1.prod.boltdns.net
ct.pinterest.com
d3rr3d0n31t48m.cloudfront.net
edge.api.brightcove.com
link.dsctrk.com
manifest.prod.boltdns.net
metrics.brightcove.com
nytrng.com
players.brightcove.net
rp.liadm.com
rp4.liadm.com
s.pinimg.com
s3-us-west-2.amazonaws.com
shop.pe
shopper.shop.pe
stat.youniverssl.com
stats.g.doubleclick.net
thegutrehab.com
thenewgutfix.com
vjs.zencdn.net
www.gdrytrk.com
www.google.co.uk
www.googletagmanager.com
www.upsellit.com
www2.thegutrehab.com
104.75.88.209
143.204.100.40
143.204.98.122
143.204.98.18
151.101.2.27
18.195.149.11
2.21.20.136
2600:1f18:730:b150:1533:8f19:3ef8:a567
2600:9000:2156:c200:8:8845:1500:93a1
2606:4700::6812:15b7
2606:4700::6812:1de6
2606:4700::6812:1e3a
2606:4700::6812:7e8
2a00:1450:4001:810::2008
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:400c:c0c::9d
2a04:4e42:400::729
2a04:4e42:62::84
34.107.202.36
34.117.39.58
35.190.54.17
35.227.244.1
35.244.232.184
52.217.134.1
52.218.249.192
54.229.130.226
69.192.161.35
75.2.91.175
0a5378fd5810a2c07287ace09f8a4bc371fa19b750981e6f3c1734b3671ea805
0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170
0ee68ae98d870c2d343418b2490c418bccdc52cb5006bcb15cf79ee04fbd2078
0f49952e3ca5c23f08928a2b44015c4b616fe5b25a777fc23e699c4067e73be7
12b4945ef70d21a8a2d26bbc11371d1d96938503097fbc4adc9116a03433ada1
1c562cf710c69be24faad9163c5af07cad0548e837cf4293bdfe38edc3f5e2fe
1d4dbe1c00a3df88a231752315cac7e9875784a723cbb2334d384e4cfd724e9a
21e9efda1d52a527b1806338e69f1f5326f513b88a686193df7589a1a2aa60c8
24d7f508cd613981d6de517e151c4a891d9ad001dc655f81d06c024d3d76ef9f
35f11833bc883881312336b4c2dfdd377dac728f63ca72d42f97b48d71dc4a6f
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3bc5c92082daf677c45842b62f15c86160355be4340da1cba76bf8e6137be258
40889d0c63611122bcd0c5c3d56be210f1535087bf432da53fea23c4757d571c
41d8143650ebdb9d9a962cab5f83b121b3422940e3e2d0688026bccd6699a877
45be41bfa1dc1ec0f712bbe1f194d9f853830cc1f10e5f6dc389beb63f7ab407
4fcbe5efc69b05ce7d5e76825fb642bf3867a7435f88631b13a2d8068d8e2af6
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
5e94c1fe0e9872db524776d989ea05c1f9753f630c5ef7b90c231a2f59913363
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b995a8f5b8f6e30a3ed7758d9831bbc3d00eb0bbe1ce9f1b65fd89bdcf2da67
6c51b020e65970e98fc7c66f0647df066dc53ea97d9ef56e39cdb0782c930016
6c8080b8db8443b7e4a1c5021e0490917c6b2bf5439be933dbf43ff90902d9d6
77185fbfcf4f0df903dd849bc6b325adb3061232015b1c6b562fdcae64470ff3
7a5539dcff177aa38e846625a78600dd181df7bd930cf30a6eaf846a5b1c3393
7d461a416ad3c859b5be2013d5bad215f6cd6b1aad27f2e26c575856e838948c
7fc145f067e158670f305778e7543cb279a36593b6d2089e825a7565d375ad19
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
889b55a9f68c3f0b1b423c124f4876639920d29a171098d4e42d120d401290d7
8c38dc12dd3e1e56d87c860bafed430b149ccdecd3d5d7a3374273ac5fc69871
99cf12de7fb05dbf461560d8e0388a5ca5ce80ce367068eaa7852472d2d87197
9cdbcf84acabb10f658e198b06d3497be86b6291f1eeb23b581ffe46f8924c97
9d12c79ed10f4147dabf42f93d70b4ed34086eef389164b98b3db214fe26ae46
9e4b93c225168fc8fa90fe402bd1c8ab42fe7f81c3ac3323f2978790bfc5878a
a0466cc8a56c407bd6a8178cf752376122004a81fcbf1baa392bcc30cada1c21
a7bbbae8e3dfd2bacc18f2c86937981bdf385286269f57f030b26957ebf36c02
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
aa91eb22a490ed1aee347a81c6f08e6285ec8c5c3335a640046da57db64577a3
b078999f1e87fb1a80a941371723dc584673d28de33c3d69a8d98688f4dbdea1
b0b31f46ac685e18087632187479513bc075495489db1727b61ab301d368d486
b29b4effc56b7bc8f49212c46836c8e0500327425d9c035e894171c853cce63f
c4c4dd6078309ba1507c58e8c7a564b04c58659cc0965fe43bb013c2e101882d
c62eed833ed607abc8306adfc6f53f7ec60eed7e610a47c2f8e320a73a6947af
cf4c1d935ba0e700bc28d004397e0298e35c1528967d571394c0bc4a38dac15f
d25e689e239979be6c25b6c69d892c8ca0c2c330477ec29dfafa958c89319ca6
d28bb831fab693a0e146408e7912ff7d3317d241e78dc545d67f965f6ce2a933
dca1ae93b9c0a595ca6470fda80b9628d455812f8ba2bef0cb29edebe4290633
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed8920a5f11240d0bb8bc5fe8426091c5f2767e59a89ca9819ff58a25a355b76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f15f0fad73ed1e841bbdd0c83f040e1e462dc135b267ee5904bd01e2b7d6f0b6
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f3c5ed862edeb5ca45c666d1669cdccfbaa8ce121b8ca5ad1322f3cb059447a3
f5d4ba41073e5eb3d2d545a10daac3c6ffd26391edd831c2ca06e585ac9ed56e
f6d5f3361200b9841322bf424d7d49b1e7d81ad6ed193b81787b9915f867755b
f86eed342bc4c255303c8922992877e4e6993d75290ed60aba91d91313215893
f9c8bd86ab0fbd9f3657fcfca53a0069a8446791660b782969d8a558f0134720
fe033d1701c0c50ede30187ac772f28e42369e8950b8e09ae90c997dd86b900d
ffe4154eab6a2d0b914f0e0efd5f5275c20642f79a3eb6646ce9ae05edfc5586

www2.thegutrehab.com Open in urlscan Pro 2606:4700::6812:1e3a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

91 %HTTPS

41 %IPv6

24 Domains

32 Subdomains

30 IPs

4 Countries

4607 kBTransfer

27578 kBSize

26 Cookies

0 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www2.thegutrehab.com Open in urlscan Pro
2606:4700::6812:1e3a Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

91 %
HTTPS

41 %
IPv6

24
Domains

32
Subdomains

30
IPs

4
Countries

4607 kB
Transfer

27578 kB
Size

26
Cookies

81 HTTP transactions
-1 data transactions