urlscan.io logo urlscan.io
SecurityTrails logo

nutrafol.com Open in urlscan Pro
151.101.1.124  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://est-vpn.aviw.com/
Effective URL: https://nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclickid=TdATXWwsOxyKWffx...
Submission: On July 22 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 14 domains to perform 44 HTTP transactions. The main IP is 151.101.1.124, located in San Francisco, United States and belongs to FASTLY, US. The main domain is nutrafol.com. The Cisco Umbrella rank of the primary domain is 118162.
TLS certificate: Issued by R10 on July 15th 2024. Valid for: 3 months.
This is the only time nutrafol.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 104.247.81.51 206834 (TEAMINTER...)
1 2600:9000:220... 16509 (AMAZON-02)
1 54.205.103.129 14618 (AMAZON-AES)
1 52.22.173.18 14618 (AMAZON-AES)
1 1 2600:9000:204... 16509 (AMAZON-02)
1 1 34.232.28.11 14618 (AMAZON-AES)
2 2 35.201.76.231 396982 (GOOGLE-CL...)
1 1 34.95.127.121 396982 (GOOGLE-CL...)
1 2 151.101.1.124 54113 (FASTLY)
9 23.212.248.14 20940 (AKAMAI-ASN1)
1 151.101.66.133 54113 (FASTLY)
4 2600:9000:24f... 16509 (AMAZON-02)
1 204.2.50.21 ()
44 10
4    104.247.81.51 (Canada)

ASN206834 (TEAMINTERNET-CA-AS, DE)
est-vpn.aviw.com
1    2600:9000:2209:1400:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)
d38psrni17bvxu.cloudfront.net
1    54.205.103.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-103-129.compute-1.amazonaws.com
heimi-lwx.com
1    52.22.173.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-173-18.compute-1.amazonaws.com
priam-hsj.com
1    2600:9000:204d:3e00:1c:469d:abc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tarles-amenceipt.com
1    34.232.28.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-28-11.compute-1.amazonaws.com
track.revoffers.com
2    35.201.76.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.76.201.35.bc.googleusercontent.com
nutrafol.pxf.io
1    34.95.127.121 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com
www.ojrq.net
2    151.101.1.124 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.nutrafol.com
nutrafol.com
9    23.212.248.14 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-248-14.deploy.static.akamaitechnologies.com
c.evidon.com
1    151.101.66.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
rapid-cdn.yottaa.com
4    2600:9000:24f0:b000:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.ctfassets.net
1    204.2.50.21 (None, )

ASN- ()
qoe-1.yottaa.net
Apex Domain
Subdomains		 Transfer
9 evidon.com
c.evidon.com — Cisco Umbrella Rank: 2906
17 KB
4 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 5094
1 MB
4 aviw.com
est-vpn.aviw.com
4 KB
2 nutrafol.com
www.nutrafol.com
nutrafol.com — Cisco Umbrella Rank: 118162
sc.nutrafol.com Failed
118 KB
2 pxf.io
nutrafol.pxf.io
2 KB
1 yottaa.net
qoe-1.yottaa.net
1 KB
1 yottaa.com
rapid-cdn.yottaa.com — Cisco Umbrella Rank: 16055
28 KB
1 ojrq.net
www.ojrq.net — Cisco Umbrella Rank: 7937
704 B
1 revoffers.com
track.revoffers.com
2 KB
1 tarles-amenceipt.com
tarles-amenceipt.com
606 B
1 priam-hsj.com
priam-hsj.com — Cisco Umbrella Rank: 632916
1 KB
1 heimi-lwx.com
heimi-lwx.com — Cisco Umbrella Rank: 312066
3 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
0 visualwebsiteoptimizer.com Failed
dev.visualwebsiteoptimizer.com Failed
44 14
Domain Requested by
9 c.evidon.com nutrafol.com
c.evidon.com
4 images.ctfassets.net nutrafol.com
4 est-vpn.aviw.com d38psrni17bvxu.cloudfront.net
est-vpn.aviw.com
2 nutrafol.pxf.io 2 redirects
1 qoe-1.yottaa.net nutrafol.com
1 rapid-cdn.yottaa.com nutrafol.com
1 nutrafol.com priam-hsj.com
nutrafol.com
1 www.nutrafol.com 1 redirects
1 www.ojrq.net 1 redirects
1 track.revoffers.com 1 redirects
1 tarles-amenceipt.com 1 redirects
1 priam-hsj.com heimi-lwx.com
1 heimi-lwx.com est-vpn.aviw.com
1 d38psrni17bvxu.cloudfront.net est-vpn.aviw.com
0 sc.nutrafol.com Failed nutrafol.com
0 dev.visualwebsiteoptimizer.com Failed nutrafol.com
44 16

This site contains no links.

Subject Issuer Validity Valid
est-vpn.aviw.com
R10		 2024-07-20 -
2024-10-18		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
zeropark.com
Amazon RSA 2048 M02		 2024-06-11 -
2025-07-09		 a year crt.sh
priam-hsj.com
Amazon RSA 2048 M03		 2024-07-12 -
2025-08-10		 a year crt.sh
nutrafol.com
R10		 2024-07-15 -
2024-10-13		 3 months crt.sh
betrad.com
R11		 2024-06-11 -
2024-09-09		 3 months crt.sh
*.yottaa.com
GlobalSign RSA OV SSL CA 2018		 2023-07-13 -
2024-08-13		 a year crt.sh
images.ctfassets.net
Amazon RSA 2048 M02		 2023-12-19 -
2025-01-16		 a year crt.sh
*.yottaa.net
GlobalSign RSA OV SSL CA 2018		 2023-09-13 -
2024-10-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclickid=TdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0&irgwc=1&utm_content=NA_NA_all&ir_partnerid=2258022&ir_adid=1436277&ir_campaignid=&influencer_name=8534
Frame ID: 47389793AA5BCAB6D512BA09832D23C5
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hair Wellness from Within | Nutrafol

Page URL History Show full URLs

  1. https://est-vpn.aviw.com/ Page URL
  2. http://heimi-lwx.com/zclkvisitor/b9996980-482a-11ef-94ee-1282ebaf0abd/85aefdc2-9ed0-48aa-922d-60f... HTTP 307
    https://heimi-lwx.com/zclkvisitor/b9996980-482a-11ef-94ee-1282ebaf0abd/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. https://priam-hsj.com/zclkredirect?visitid=b9996980-482a-11ef-94ee-1282ebaf0abd&type=js&browserWid... Page URL
  4. https://tarles-amenceipt.com/zp-redirect?target=https%3A%2F%2Ftrack.revoffers.com%2Faff_c%3Foffer_id%3D10... HTTP 302
    https://track.revoffers.com/aff_c?offer_id=1031&aff_id=8534&url_id=500958&aff_click_id=wjjv5ndpvncdedt2j... HTTP 302
    https://nutrafol.pxf.io/c/2258022/1436277/17065?utm_source=Katalys&utm_campaign=affiliate&utm_medium... HTTP 302
    https://www.ojrq.net/p/?return=https%3A%2F%2Fnutrafol.pxf.io%2Fc%2F2258022%2F1436277%2F17065%3Fut... HTTP 302
    https://nutrafol.pxf.io/c/2258022/1436277/17065?utm_source=Katalys&utm_campaign=affiliate&utm_medium... HTTP 301
    https://www.nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclic... HTTP 301
    https://nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclic... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • c\.evidon\.com
Overall confidence: 100%
Detected patterns
  • cdn\.yottaa\.\w+/

Page Statistics

44
Requests

50 %
HTTPS

23 %
IPv6

14
Domains

16
Subdomains

10
IPs

2
Countries

1247 kB
Transfer

1720 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://est-vpn.aviw.com/ Page URL
  2. http://heimi-lwx.com/zclkvisitor/b9996980-482a-11ef-94ee-1282ebaf0abd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4d50fc40-4445-11ef-99f3-0affd04c9415 HTTP 307
    https://heimi-lwx.com/zclkvisitor/b9996980-482a-11ef-94ee-1282ebaf0abd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4d50fc40-4445-11ef-99f3-0affd04c9415 Page URL
  3. https://priam-hsj.com/zclkredirect?visitid=b9996980-482a-11ef-94ee-1282ebaf0abd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu Page URL
  4. https://tarles-amenceipt.com/zp-redirect?target=https%3A%2F%2Ftrack.revoffers.com%2Faff_c%3Foffer_id%3D1031%26aff_id%3D8534%26url_id%3D500958%26aff_click_id%3Dwjjv5ndpvncdedt2jl4pqt1j%26aff_sub2%3D5dbaf372-319c-4201-93e1-538aa66138c8&caid=5dbaf372-319c-4201-93e1-538aa66138c8&zpid=b9996980-482a-11ef-94ee-1282ebaf0abd&cid=wjjv5ndpvncdedt2jl4pqt1j&rt=R&ts=1721653386238&hash=6OjSRcsaxjMAF_VdbCO5ll7QzXCZF0PNc8c1UhFeFZk HTTP 302
    https://track.revoffers.com/aff_c?offer_id=1031&aff_id=8534&url_id=500958&aff_click_id=wjjv5ndpvncdedt2jl4pqt1j&aff_sub2=5dbaf372-319c-4201-93e1-538aa66138c8 HTTP 302
    https://nutrafol.pxf.io/c/2258022/1436277/17065?utm_source=Katalys&utm_campaign=affiliate&utm_medium=performance&offer_id=1031&publisher_id=8534&transaction_id=102dc2b84346bc6b5b5064e496e080&SubId1=102dc2b84346bc6b5b5064e496e080&SharedId=8534&SubId2=&SubId3=5dbaf372-319c-4201-93e1-538aa66138c8 HTTP 302
    https://www.ojrq.net/p/?return=https%3A%2F%2Fnutrafol.pxf.io%2Fc%2F2258022%2F1436277%2F17065%3Futm_source%3DKatalys%26utm_campaign%3Daffiliate%26utm_medium%3Dperformance%26offer_id%3D1031%26publisher_id%3D8534%26transaction_id%3D102dc2b84346bc6b5b5064e496e080%26SubId1%3D102dc2b84346bc6b5b5064e496e080%26SharedId%3D8534%26SubId2%3D%26SubId3%3D5dbaf372-319c-4201-93e1-538aa66138c8%26level%3D1%26srcref%3Dhttps%253A%252F%252Fpriam-hsj.com%252F&cid=17065&tpsync=yes&auth=57915cbf2f3bc1df HTTP 302
    https://nutrafol.pxf.io/c/2258022/1436277/17065?utm_source=Katalys&utm_campaign=affiliate&utm_medium=performance&offer_id=1031&publisher_id=8534&transaction_id=102dc2b84346bc6b5b5064e496e080&SubId1=102dc2b84346bc6b5b5064e496e080&SharedId=8534&SubId2=&SubId3=5dbaf372-319c-4201-93e1-538aa66138c8&level=1&srcref=https%3A%2F%2Fpriam-hsj.com%2F&brwsr=bd5cb38a-482a-11ef-adb6-1596c8151473&brwsrsig=10rz4DQSdQXywDiWUyzgfTqYR1zSFI HTTP 301
    https://www.nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclickid=TdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0&irgwc=1&utm_content=NA_NA_all&ir_partnerid=2258022&ir_adid=1436277&ir_campaignid=&influencer_name=8534 HTTP 301
    https://nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclickid=TdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0&irgwc=1&utm_content=NA_NA_all&ir_partnerid=2258022&ir_adid=1436277&ir_campaignid=&influencer_name=8534 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://heimi-lwx.com/zclkvisitor/b9996980-482a-11ef-94ee-1282ebaf0abd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4d50fc40-4445-11ef-99f3-0affd04c9415 HTTP 307
  • https://heimi-lwx.com/zclkvisitor/b9996980-482a-11ef-94ee-1282ebaf0abd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4d50fc40-4445-11ef-99f3-0affd04c9415

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
est-vpn.aviw.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://est-vpn.aviw.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.247.81.51 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
112ee2879774768be807defbe67ae7ba5646389dd449e54cf31af86044d9c0af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-Ch-Lifetime
30
Content-Encoding
gzip
Content-Length
1343
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Jul 2024 13:03:01 GMT
Server
nginx
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_X5aPJ9cDf8M+3xoVh2CtHwz9dTBHLpnAkSCVTCLvVLguNBfBu3GO+BI0EyzcdN/SE88qejTYFSDjD7TUAhE2WA==
X-Buckets
bucket011,bucket077
X-Domain
aviw.com
X-Language
english
X-Redirect
zeropark_zeroclick
X-Subdomain
est-vpn
X-Template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: est-vpn.aviw.com
URL: https://est-vpn.aviw.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:1400:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

Referer
https://est-vpn.aviw.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 23:09:40 GMT
via
1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
EWR53-P1
age
50001
etag
"65fc1e7b-448"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1096
x-amz-cf-id
cbX8wk1b0SYOJ6RzodDSR_-qk5DRo7KhWmGXFX9rrEBsVvAzYmZesQ==
track.php
est-vpn.aviw.com/ 		0
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://est-vpn.aviw.com/track.php?domain=aviw.com&toggle=browserjs&uid=MTcyMTY1MzM4MS4wNjM1OmFiY2Q2MDU4Yzc4Yjc2MGVkNWVhNmY3MDU1MzU1MmI2MTFhNjczNDg2MTBjYWJjOTQ0Mzc0YzRmZDMyYzI5MjM6NjY5ZTU4ODUwZjgxNQ%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.247.81.51 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

device-memory
8
rtt
100
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://est-vpn.aviw.com/
dpr
1
downlink
10
ect
4g

Response headers

Date
Mon, 22 Jul 2024 13:03:03 GMT
Content-Encoding
gzip
Accept-Ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server
nginx
X-Custom-Track
browserjs
Vary
Accept-Encoding
Accept-Ch-Lifetime
30
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Content-Length
20
ls.php
est-vpn.aviw.com/ 		16 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://est-vpn.aviw.com/ls.php?t=669e5885&token=07b2b627bc9a329d460228db06b035fa2a60fa78
Requested by
Host: est-vpn.aviw.com
URL: https://est-vpn.aviw.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.247.81.51 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

device-memory
8
rtt
100
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://est-vpn.aviw.com/
dpr
1
downlink
10
ect
4g

Response headers

Date
Mon, 22 Jul 2024 13:03:04 GMT
Accept-Ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Accept-Ch-Lifetime
30
Charset
utf-8
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_oa2V6gPepoU6zlQC5DnXnpmREEon3HCbEID5584dPWUDLLlzRHKGWQ73L/Y7tEvf0u5yzVlQuDzoqRsIRyyS+w==
X-Log-Success
669e58886f05dae9f70f7b75
Content-Length
16
track.php
est-vpn.aviw.com/ 		0
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://est-vpn.aviw.com/track.php?click=942dafabda76e625a64a3a017cfeec692d7e7912&domain=aviw.com&uid=MTcyMTY1MzM4MS4wNjM1OmFiY2Q2MDU4Yzc4Yjc2MGVkNWVhNmY3MDU1MzU1MmI2MTFhNjczNDg2MTBjYWJjOTQ0Mzc0YzRmZDMyYzI5MjM6NjY5ZTU4ODUwZjgxNQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTEsYnVja2V0MDc3fHx8fHx8NjY5ZTU4ODUwZjc4Y3x8fDE3MjE2NTMzODEuMzY3fGU4MjQ5MGY5MGIwNzVmODQ5MDJjZGJhOTk0NDkyMDM0YzZlYTliZjd8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwwN2IyYjYyN2JjOWEzMjlkNDYwMjI4ZGIwNmIwMzVmYTJhNjBmYTc4fDB8fDB8MHx8fA%3D%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.247.81.51 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

device-memory
8
rtt
100
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://est-vpn.aviw.com/
dpr
1
downlink
10
ect
4g

Response headers

Date
Mon, 22 Jul 2024 13:03:05 GMT
Content-Encoding
gzip
Accept-Ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server
nginx
X-Custom-Track
none
Vary
Accept-Encoding
Accept-Ch-Lifetime
30
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
X-View-Match
true
Content-Length
20
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
heimi-lwx.com/zclkvisitor/b9996980-482a-11ef-94ee-1282ebaf0abd/
Redirect Chain
  • http://heimi-lwx.com/zclkvisitor/b9996980-482a-11ef-94ee-1282ebaf0abd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4d50fc40-4445-11ef-99f3-0affd04c9415
  • https://heimi-lwx.com/zclkvisitor/b9996980-482a-11ef-94ee-1282ebaf0abd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4d50fc40-4445-11ef-99f3-0affd04c9415
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heimi-lwx.com/zclkvisitor/b9996980-482a-11ef-94ee-1282ebaf0abd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4d50fc40-4445-11ef-99f3-0affd04c9415
Requested by
Host: est-vpn.aviw.com
URL: https://est-vpn.aviw.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.103.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-103-129.compute-1.amazonaws.com
Software
/
Resource Hash
d948a09afb800369747e600e65ca98f1fa1ac5e308e7b760f43e9ce14c3b579b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://est-vpn.aviw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Mon, 22 Jul 2024 13:03:05 GMT
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

Location
https://heimi-lwx.com/zclkvisitor/b9996980-482a-11ef-94ee-1282ebaf0abd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4d50fc40-4445-11ef-99f3-0affd04c9415
Non-Authoritative-Reason
HttpsUpgrades
zclkredirect
priam-hsj.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://priam-hsj.com/zclkredirect?visitid=b9996980-482a-11ef-94ee-1282ebaf0abd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu
Requested by
Host: heimi-lwx.com
URL: https://heimi-lwx.com/zclkvisitor/b9996980-482a-11ef-94ee-1282ebaf0abd/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=4d50fc40-4445-11ef-99f3-0affd04c9415
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.173.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-173-18.compute-1.amazonaws.com
Software
/
Resource Hash
37a31dcd4a3e5eb8d6bed09d90176122eeb893971fe0c85d4680a887d7b3920c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://heimi-lwx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
1055
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Mon, 22 Jul 2024 13:03:06 GMT
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'
Primary Request /
nutrafol.com/
Redirect Chain
  • https://tarles-amenceipt.com/zp-redirect?target=https%3A%2F%2Ftrack.revoffers.com%2Faff_c%3Foffer_id%3D1031%26aff_id%3D8534%26url_id%3D500958%26aff_click_id%3Dwjjv5ndpvncdedt2jl4pqt1j%26aff_sub2%3D...
  • https://track.revoffers.com/aff_c?offer_id=1031&aff_id=8534&url_id=500958&aff_click_id=wjjv5ndpvncdedt2jl4pqt1j&aff_sub2=5dbaf372-319c-4201-93e1-538aa66138c8
  • https://nutrafol.pxf.io/c/2258022/1436277/17065?utm_source=Katalys&utm_campaign=affiliate&utm_medium=performance&offer_id=1031&publisher_id=8534&transaction_id=102dc2b84346bc6b5b5064e496e080&SubId1...
  • https://www.ojrq.net/p/?return=https%3A%2F%2Fnutrafol.pxf.io%2Fc%2F2258022%2F1436277%2F17065%3Futm_source%3DKatalys%26utm_campaign%3Daffiliate%26utm_medium%3Dperformance%26offer_id%3D1031%26publish...
  • https://nutrafol.pxf.io/c/2258022/1436277/17065?utm_source=Katalys&utm_campaign=affiliate&utm_medium=performance&offer_id=1031&publisher_id=8534&transaction_id=102dc2b84346bc6b5b5064e496e080&SubId1...
  • https://www.nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclickid=TdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0&irgwc=1&utm_content=NA_NA_all&ir_partnerid=2258022&i...
  • https://nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclickid=TdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0&irgwc=1&utm_content=NA_NA_all&ir_partnerid=2258022&ir_ad...
502 KB
117 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclickid=TdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0&irgwc=1&utm_content=NA_NA_all&ir_partnerid=2258022&ir_adid=1436277&ir_campaignid=&influencer_name=8534
Requested by
Host: priam-hsj.com
URL: https://priam-hsj.com/zclkredirect?visitid=b9996980-482a-11ef-94ee-1282ebaf0abd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1150ea973234b56c64ba836c5efb35a58c88fa35735ee1cc070c8177ab33c888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://priam-hsj.com/zclkredirect?visitid=b9996980-482a-11ef-94ee-1282ebaf0abd&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
225373
cache-control
max-age=31536000
content-encoding
gzip
content-length
119782
content-type
text/html
date
Mon, 22 Jul 2024 13:03:07 GMT
etag
"669ae6ee-7d6c5"
expires
Sat, 19 Jul 2025 22:26:55 GMT
last-modified
Fri, 19 Jul 2024 22:21:34 GMT
media-src
fast.wistia.com
strict-transport-security
max-age=31536000
traceresponse
00-17e3bda8d057d0bebb95313108684394-577b223cbc1898e7-01
vary
Accept-Encoding,Cookie
x-cache
HIT
x-cache-hits
1
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-server
i-05d59ae4ff87bed8d
x-served-by
cache-ewr18164-EWR
x-timer
S1721653388.901647,VS0,VE1

Redirect headers

accept-ranges
bytes
content-length
0
date
Mon, 22 Jul 2024 13:03:07 GMT
location
https://nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclickid=TdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0&irgwc=1&utm_content=NA_NA_all&ir_partnerid=2258022&ir_adid=1436277&ir_campaignid=&influencer_name=8534
media-src
fast.wistia.com
retry-after
0
strict-transport-security
max-age=31536000
vary
x-cache
HIT
x-cache-hits
0
x-served-by
cache-ewr18164-EWR
x-timer
S1721653388.801255,VS0,VE0
dg.js
c.evidon.com/dg/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/dg/dg.js
Requested by
Host: nutrafol.com
URL: https://nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclickid=TdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0&irgwc=1&utm_content=NA_NA_all&ir_partnerid=2258022&ir_adid=1436277&ir_campaignid=&influencer_name=8534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-14.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2792095eabe77ed8eb66288ae4d7ef91a4dad7200ecea0516c73204189d56ef5

Request headers

Referer
https://nutrafol.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 13:03:08 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 16:42:03 GMT
server
AkamaiNetStorage
etag
"240bb6f8634d382bd6bcf3c5d819defd:1714063323.978238"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
4904
zhajjpgj7oxiFw.js
rapid-cdn.yottaa.com/rapid/lib/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rapid-cdn.yottaa.com/rapid/lib/zhajjpgj7oxiFw.js?key=zhajjpgj7oxiFw
Requested by
Host: nutrafol.com
URL: https://nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclickid=TdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0&irgwc=1&utm_content=NA_NA_all&ir_partnerid=2258022&ir_adid=1436277&ir_campaignid=&influencer_name=8534
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6e60eca27fae7dd3d1d3ec319e77c767ac0513a7cc6511f72b85d968212972e6

Request headers

Referer
https://nutrafol.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-served-by
cache-ewr18143-EWR
date
Mon, 22 Jul 2024 13:03:08 GMT
content-encoding
gzip
via
1.1 varnish
age
29
x-timer
S1721653388.297377,VS0,VE1
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=604800
accept-ranges
bytes
timing-allow-origin
*
content-length
28183
x-cache-hits
1
product-women-pills.png
images.ctfassets.net/0rbfqd9c4jdo/5NDic96IdPLZcQAh5dFmm2/0af9281ded8c41b5fc2d0427d0efc10e/ 		312 KB
313 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/0rbfqd9c4jdo/5NDic96IdPLZcQAh5dFmm2/0af9281ded8c41b5fc2d0427d0efc10e/product-women-pills.png?fl=progressive
Requested by
Host: nutrafol.com
URL: https://nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclickid=TdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0&irgwc=1&utm_content=NA_NA_all&ir_partnerid=2258022&ir_adid=1436277&ir_campaignid=&influencer_name=8534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
c6815187850fb3aa5eec8a38de69eae12825aef56b81722d38a424a385881534

Request headers

Referer
https://nutrafol.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 06:14:37 GMT
via
1.1 8ef35b07fe667674a2922c9d83a75c52.cloudfront.net (CloudFront)
last-modified
Wed, 10 Jul 2024 08:11:45 GMT
server
Contentful Images API
x-amz-cf-pop
JFK50-P3
age
24511
etag
"0ca0bb8947ab16365e98843e4f93ddaa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
319801
x-amz-cf-id
DRUSEo-RbIWeF-hceZ3lTSYjgc0ZSgYCJs8RkB6xdH5Dy5KAdwmmYQ==
product-balance-pills.png
images.ctfassets.net/0rbfqd9c4jdo/3SMUpWp804YgnTwGYLmZPu/b952671f4fc7a019e03bc296f8415d3b/ 		341 KB
342 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/0rbfqd9c4jdo/3SMUpWp804YgnTwGYLmZPu/b952671f4fc7a019e03bc296f8415d3b/product-balance-pills.png?fl=progressive
Requested by
Host: nutrafol.com
URL: https://nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclickid=TdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0&irgwc=1&utm_content=NA_NA_all&ir_partnerid=2258022&ir_adid=1436277&ir_campaignid=&influencer_name=8534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
b66fde4426aa400657f41970db19c05732b959b112211dcd30c89ddb4a65f63a

Request headers

Referer
https://nutrafol.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 06:57:50 GMT
via
1.1 8ef35b07fe667674a2922c9d83a75c52.cloudfront.net (CloudFront)
last-modified
Fri, 12 Jul 2024 01:30:53 GMT
server
Contentful Images API
x-amz-cf-pop
JFK50-P3
age
22024
etag
"188cfc3a34c9c67c1b8272dc2c1fb326"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
349364
x-amz-cf-id
eV-4jLYieI7b6hnm6Sx0xQE7dq_POST_Tf9eO25mL1RfEaGhcDKjzQ==
vegan-pills.png
images.ctfassets.net/0rbfqd9c4jdo/5OWwX7V8OBTmK2iDNmRhQC/dc5331d0ffca6b7c7bf7814f6c89db24/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/0rbfqd9c4jdo/5OWwX7V8OBTmK2iDNmRhQC/dc5331d0ffca6b7c7bf7814f6c89db24/vegan-pills.png?fl=progressive
Requested by
Host: nutrafol.com
URL: https://nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclickid=TdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0&irgwc=1&utm_content=NA_NA_all&ir_partnerid=2258022&ir_adid=1436277&ir_campaignid=&influencer_name=8534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
5c644bc82108b6ce4237624505e9b5705bae99aef6cceef46396f49c4857e5a5

Request headers

Referer
https://nutrafol.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 08:47:24 GMT
via
1.1 8ef35b07fe667674a2922c9d83a75c52.cloudfront.net (CloudFront)
last-modified
Mon, 01 Jul 2024 11:56:23 GMT
server
Contentful Images API
x-amz-cf-pop
JFK50-P3
age
15344
etag
"2e15451008bca8e5e807fc7c56ef9cdb"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
95071
x-amz-cf-id
zJmFYjVoe50kk7PIKUgD_HOcR-7gyU8sc3kegjbpFot2s9mxvjBSmQ==
product-postpartum-pills.png
images.ctfassets.net/0rbfqd9c4jdo/4pWAqKs8B4ygq8YBMUpEEY/6a801e7952b236a0e00576e72854120a/ 		324 KB
325 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/0rbfqd9c4jdo/4pWAqKs8B4ygq8YBMUpEEY/6a801e7952b236a0e00576e72854120a/product-postpartum-pills.png?fl=progressive
Requested by
Host: nutrafol.com
URL: https://nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclickid=TdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0&irgwc=1&utm_content=NA_NA_all&ir_partnerid=2258022&ir_adid=1436277&ir_campaignid=&influencer_name=8534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
dc92452ecd88e815273485eed5ae0c3b655a6edf370ebf71208d115efb349565

Request headers

Referer
https://nutrafol.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 06:56:52 GMT
via
1.1 8ef35b07fe667674a2922c9d83a75c52.cloudfront.net (CloudFront)
last-modified
Fri, 05 Jul 2024 21:40:57 GMT
server
Contentful Images API
x-amz-cf-pop
JFK50-P3
age
21976
etag
"df989da3c8bc1fe7ea8876b4eac67999"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
331746
x-amz-cf-id
JFfHOK3q_JkgBiH1Bhp9x5GF6o-RaTwn8-_mIFGSUdRkjwinkoCNQw==
Harpers-Bazaar-logo__1_.png
images.ctfassets.net/0rbfqd9c4jdo/1ItKW29fPWQH92DZpboQEP/3de1bc4e9b2e47e49e09d739da9ea1cd/ 		0
0
FORTUNE-LOGO-2016.png
images.ctfassets.net/0rbfqd9c4jdo/CKSYkaRYU7O5dH1sMIeuX/8f1349edda4d7f6b042d0c5d23c7531d/ 		0
0
people-magazine-logo.png
images.ctfassets.net/0rbfqd9c4jdo/7ElHEiux9YA9mANft28j55/ba4bb6bc7d985bb261ecd3b110c1e35f/ 		0
0
UsWeekly_Logo_pink_DrkShadow.png
images.ctfassets.net/0rbfqd9c4jdo/WLorKfyEVHy7bgaCZA1aD/aa845efdbe40e0ce5af514d8beeedff5/ 		0
0
sts-rumer-tn.png
images.ctfassets.net/0rbfqd9c4jdo/TmpmIuINyeykoFP50vFAG/6983263a45767b88759f989453e7c077/ 		0
0
sts-karla-tn.png
images.ctfassets.net/0rbfqd9c4jdo/6KZkbqnHS6IRq8xnmHNudH/c12a94cc9f8fb663d288f60ee0d02fdd/ 		0
0
webpack-runtime-f089b93a3f03456afb8b.js
nutrafol.com/gatsby-assets/ 		0
0
framework-efb382cdd58b891d1a4b.js
nutrafol.com/gatsby-assets/ 		0
0
94726e6d-d02cf88a2ba431c62448.js
nutrafol.com/gatsby-assets/ 		0
0
0c6624f4-ce7475d54371de0df5a4.js
nutrafol.com/gatsby-assets/ 		0
0
d840801f-820ede4487ff13a8cc70.js
nutrafol.com/gatsby-assets/ 		0
0
f6b92436-0031754fef0509da6ad7.js
nutrafol.com/gatsby-assets/ 		0
0
12da07bf-1f2f27e98be445c5e015.js
nutrafol.com/gatsby-assets/ 		0
0
a99650a4-023509410058fb6f863b.js
nutrafol.com/gatsby-assets/ 		0
0
eda1f086-e49f554b015e9c015cae.js
nutrafol.com/gatsby-assets/ 		0
0
08144b5d-a302808dd6a9060214cb.js
nutrafol.com/gatsby-assets/ 		0
0
11cc4c69-4c62c3e17815a7f0a5a4.js
nutrafol.com/gatsby-assets/ 		0
0
app-d36cd1be931631cec0b6.js
nutrafol.com/gatsby-assets/ 		0
0
companyConfig.json
c.evidon.com/dg/2523/ 		17 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/dg/2523/companyConfig.json?c=2523&org=https://nutrafol.com
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/dg/dg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-14.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8956f116ecb52ff1d219c570d29127cdcde2481a3af58489d306dfce5ab3d2d4

Request headers

Referer
https://nutrafol.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 13:03:08 GMT
content-encoding
gzip
last-modified
Fri, 19 Jul 2024 07:29:31 GMT
server
AkamaiNetStorage
etag
"af63ae8bc9ac88ed4547baa078dd71bc:1721374171.338123"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/json
access-control-allow-origin
https://nutrafol.com
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
4930
siteConfig.json
c.evidon.com/dg/2523/61717681/ 		93 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/dg/2523/61717681/siteConfig.json?c=2523&s=61717681
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/dg/dg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-14.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fbbcf06e56a3bcc59c17dca44d89d520d8c12c2d07c49da5f92c03873151a656

Request headers

Referer
https://nutrafol.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 13:03:08 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2024 20:02:46 GMT
server
AkamaiNetStorage
etag
"df06ae59ee6e0a855313f91072bd7b12:1711656166.957368"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/json
access-control-allow-origin
https://nutrafol.com
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
75
sitePolicy.json
c.evidon.com/dg/2523/61717681/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/dg/2523/61717681/sitePolicy.json?c=2523&s=61717681
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/dg/dg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-14.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
16e1961feff5b347312997cad977e2252c884e2f821dfb2ba16f4aefd6603d4b

Request headers

Referer
https://nutrafol.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 13:03:08 GMT
content-encoding
gzip
last-modified
Wed, 17 Jul 2024 21:27:27 GMT
server
AkamaiNetStorage
etag
"7818a0b248f37b9aaafd1428ca940d37:1721251647.070636"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/json
access-control-allow-origin
https://nutrafol.com
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
1808
country.js
c.evidon.com/geo/ 		241 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/country.js?c=2523&s=61717681
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/dg/dg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-14.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
117dee899993c626522c4002c5a03a64794b48b85320da34ebf02e3f36ec49de

Request headers

Referer
https://nutrafol.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 13:03:08 GMT
content-encoding
gzip
last-modified
Sun, 15 Mar 2020 00:11:44 GMT
server
AkamaiNetStorage
etag
"bc3e82e1b424c4a301fc7e27a0229562:1584231104.499892"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
https://nutrafol.com
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
168
siteConsentGeo.json
c.evidon.com/dg/2523/61717681/ 		72 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/dg/2523/61717681/siteConsentGeo.json?c=2523&s=61717681
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/dg/dg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-14.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c02687d5584960f770e17979be1c01f41c82ff4712751213b7be663b3459990c

Request headers

Referer
https://nutrafol.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 13:03:08 GMT
content-encoding
gzip
last-modified
Mon, 22 Jul 2024 11:54:54 GMT
server
AkamaiNetStorage
etag
"08e34bdba46fd8dd10c01c751bccffd2:1721649294.175185"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/json
access-control-allow-origin
https://nutrafol.com
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
75
cc.js
c.evidon.com/dg/ 		2 KB
1010 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/dg/cc.js?c=2523&s=61717681
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/dg/dg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-14.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ef7bce31edcc747098eeca664958d6eadc3011dec4c8a8139f86ae0ed3c028c7

Request headers

Referer
https://nutrafol.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 13:03:08 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 16:42:05 GMT
server
AkamaiNetStorage
etag
"79058f73c1475729e61960019ae7e8dd:1714063325.039928"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
https://nutrafol.com
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
719
gcc.js
c.evidon.com/dg/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/dg/gcc.js?c=2523&s=61717681
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/dg/dg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-14.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6d3e837806daaf890e49cdfedf943ace71c4818d4d3486bf2025f0aec7b0cf52

Request headers

Referer
https://nutrafol.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 13:03:08 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 16:42:07 GMT
server
AkamaiNetStorage
etag
"3051ab835e35edf990e614f413794136:1714063327.779373"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
https://nutrafol.com
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
1898
tcv2.js
c.evidon.com/dg/ 		1 KB
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/dg/tcv2.js?c=2523&s=61717681
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/dg/dg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-14.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f63a192587d28d08d150009ab0e66df48f23a41ceefe558070d4107ad6c3ca15

Request headers

Referer
https://nutrafol.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 13:03:08 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 16:42:08 GMT
server
AkamaiNetStorage
etag
"328f7059b6f95363fc92fce72d6cc82b:1714063328.082695"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
https://nutrafol.com
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
497
observe.js
c.evidon.com/dg/ 		0
0
j.php
dev.visualwebsiteoptimizer.com/ 		0
0
analytics.min.js
sc.nutrafol.com/analytics.js/v1/27eHFUsVp3BIlMHftXL7kHsjFRXAyqLW/ 		0
0
configure.rapid.js
qoe-1.yottaa.net/api/v1/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qoe-1.yottaa.net/api/v1/configure.rapid.js?key=zhajjpgj7oxiFw&ul=en-US&dl=https%3A%2F%2Fnutrafol.com%2F%3Futm_source%3Dimpact%26utm_campaign%3Devergreen_NA_NA_%26utm_medium%3Daffiliate%26irclickid%3DTdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0%26irgwc%3D1%26utm_content%3DNA_NA_all%26ir_partnerid%3D2258022%26ir_adid%3D1436277%26ir_campaignid%3D%26influencer_name%3D8534&dt=Hair%20Wellness%20from%20Within%20%7C%20Nutrafol&sd=24&sr=1600,1200&vp=1600,1200&ct=4g&rtt=100
Requested by
Host: nutrafol.com
URL: https://nutrafol.com/?utm_source=impact&utm_campaign=evergreen_NA_NA_&utm_medium=affiliate&irclickid=TdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0&irgwc=1&utm_content=NA_NA_all&ir_partnerid=2258022&ir_adid=1436277&ir_campaignid=&influencer_name=8534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.2.50.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fb61e39d8fee6853e76529b42b39ace26f36e955a67562b153a46f667f69dc9

Request headers

Referer
https://nutrafol.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 13:03:08 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-yottaa-optstate
active
timing-allow-origin
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
images.ctfassets.net
URL
https://images.ctfassets.net/0rbfqd9c4jdo/1ItKW29fPWQH92DZpboQEP/3de1bc4e9b2e47e49e09d739da9ea1cd/Harpers-Bazaar-logo__1_.png?w=450
Domain
images.ctfassets.net
URL
https://images.ctfassets.net/0rbfqd9c4jdo/CKSYkaRYU7O5dH1sMIeuX/8f1349edda4d7f6b042d0c5d23c7531d/FORTUNE-LOGO-2016.png?w=450
Domain
images.ctfassets.net
URL
https://images.ctfassets.net/0rbfqd9c4jdo/7ElHEiux9YA9mANft28j55/ba4bb6bc7d985bb261ecd3b110c1e35f/people-magazine-logo.png?w=450
Domain
images.ctfassets.net
URL
https://images.ctfassets.net/0rbfqd9c4jdo/WLorKfyEVHy7bgaCZA1aD/aa845efdbe40e0ce5af514d8beeedff5/UsWeekly_Logo_pink_DrkShadow.png?w=450
Domain
images.ctfassets.net
URL
https://images.ctfassets.net/0rbfqd9c4jdo/TmpmIuINyeykoFP50vFAG/6983263a45767b88759f989453e7c077/sts-rumer-tn.png?fl=progressive
Domain
images.ctfassets.net
URL
https://images.ctfassets.net/0rbfqd9c4jdo/6KZkbqnHS6IRq8xnmHNudH/c12a94cc9f8fb663d288f60ee0d02fdd/sts-karla-tn.png?fl=progressive
Domain
nutrafol.com
URL
https://nutrafol.com/gatsby-assets/webpack-runtime-f089b93a3f03456afb8b.js
Domain
nutrafol.com
URL
https://nutrafol.com/gatsby-assets/framework-efb382cdd58b891d1a4b.js
Domain
nutrafol.com
URL
https://nutrafol.com/gatsby-assets/94726e6d-d02cf88a2ba431c62448.js
Domain
nutrafol.com
URL
https://nutrafol.com/gatsby-assets/0c6624f4-ce7475d54371de0df5a4.js
Domain
nutrafol.com
URL
https://nutrafol.com/gatsby-assets/d840801f-820ede4487ff13a8cc70.js
Domain
nutrafol.com
URL
https://nutrafol.com/gatsby-assets/f6b92436-0031754fef0509da6ad7.js
Domain
nutrafol.com
URL
https://nutrafol.com/gatsby-assets/12da07bf-1f2f27e98be445c5e015.js
Domain
nutrafol.com
URL
https://nutrafol.com/gatsby-assets/a99650a4-023509410058fb6f863b.js
Domain
nutrafol.com
URL
https://nutrafol.com/gatsby-assets/eda1f086-e49f554b015e9c015cae.js
Domain
nutrafol.com
URL
https://nutrafol.com/gatsby-assets/08144b5d-a302808dd6a9060214cb.js
Domain
nutrafol.com
URL
https://nutrafol.com/gatsby-assets/11cc4c69-4c62c3e17815a7f0a5a4.js
Domain
nutrafol.com
URL
https://nutrafol.com/gatsby-assets/app-d36cd1be931631cec0b6.js
Domain
c.evidon.com
URL
https://c.evidon.com/dg/observe.js
Domain
dev.visualwebsiteoptimizer.com
URL
https://dev.visualwebsiteoptimizer.com/j.php?a=585707&u=https%3A%2F%2Fnutrafol.com%2F%3Futm_source%3Dimpact%26utm_campaign%3Devergreen_NA_NA_%26utm_medium%3Daffiliate%26irclickid%3DTdATXWwsOxyKWffxnnQslxhbUkC2htUKkSZkQg0%26irgwc%3D1%26utm_content%3DNA_NA_all%26ir_partnerid%3D2258022%26ir_adid%3D1436277%26ir_campaignid%3D%26influencer_name%3D8534&f=1&r=0.513294678673005
Domain
sc.nutrafol.com
URL
https://sc.nutrafol.com/analytics.js/v1/27eHFUsVp3BIlMHftXL7kHsjFRXAyqLW/analytics.min.js

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| evidon_dg object| evidon object| tagControl number| settings_timer number| _vwo_settings_timer object| _vwo_code function| gatsbyPluginSegmentPageviewCaller object| analytics object| webpackChunkNRBA object| NREUM object| newrelic object| NRBA function| _loadCookieConfig function| _domready function| _delayed function| _findTags function| _srcAttr function| _needsEval function| _loadFromDOM function| _clearEvents function| _lastChainedResource function| _isImageLike function| _abTest function| _getCookieVariant function| _setCookieVariant function| _configureAbTestAnalytics function| _executeAllAbTest function| _executeAllAbTestUniversal function| _executeAllAbTestClassic function| _executeAbTest function| _abTestScript function| _chooseVariant function| _abTestAnalyticsUniversal function| _abTestAnalyticsClassic object| _serviceWorkerConfig object| Yo number| iPos

8 Cookies

Domain/Path Name / Value
.tarles-amenceipt.com/ Name: voluum-cid-v4
Value: %7B%22cid%22%3A%22wjjv5ndpvncdedt2jl4pqt1j%22%2C%22caid%22%3A%225dbaf372-319c-4201-93e1-538aa66138c8%22%7D
track.revoffers.com/ Name: enc_aff_session_1031
Value: ENC032124b24090587a0a77a050de28cb6092c4692c33c46043815f9d180a6ab4b4f8e779899a17e533e72c7f24835ddbd82721f7b9b159df8ab188f20bcba3875f60328e674eff4964da4c781160e6736706fa6b1322b369907136b4662fc171f2030005d674a430d770997191093288b3fbeb8fdeb5cc227063abd1ab1f27e07f64ab71387a2d4587724d5e8e3de80ae6f8f1914040f7e0f28071473a4a3a876fe055272679274f426bfd573c63b52503c1b532be5913b46ebaab8eb7eb10612b561556d42f
track.revoffers.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
.ojrq.net/ Name: brwsr
Value: bd5cb38a-482a-11ef-adb6-1596c8151473
.pxf.io/ Name: brwsr
Value: bd5cb38a-482a-11ef-adb6-1596c8151473
nutrafol.pxf.io/ Name: irld
Value: L2e5TdEzrrREtysywbz0FPT8gywNyIZT%3AH1L0TKsVLZxFAQi8
www.nutrafol.com/ Name: nutr_client_ip
Value: 208.252.80.197
nutrafol.com/ Name: nutr_client_ip
Value: 208.252.80.197

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.evidon.com
d38psrni17bvxu.cloudfront.net
dev.visualwebsiteoptimizer.com
est-vpn.aviw.com
heimi-lwx.com
images.ctfassets.net
nutrafol.com
nutrafol.pxf.io
priam-hsj.com
qoe-1.yottaa.net
rapid-cdn.yottaa.com
sc.nutrafol.com
tarles-amenceipt.com
track.revoffers.com
www.nutrafol.com
www.ojrq.net
c.evidon.com
dev.visualwebsiteoptimizer.com
images.ctfassets.net
nutrafol.com
sc.nutrafol.com
104.247.81.51
151.101.1.124
151.101.66.133
204.2.50.21
23.212.248.14
2600:9000:204d:3e00:1c:469d:abc0:93a1
2600:9000:2209:1400:1d:4618:5c80:21
2600:9000:24f0:b000:12:94b3:c380:93a1
34.232.28.11
34.95.127.121
35.201.76.231
52.22.173.18
54.205.103.129
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
0fb61e39d8fee6853e76529b42b39ace26f36e955a67562b153a46f667f69dc9
112ee2879774768be807defbe67ae7ba5646389dd449e54cf31af86044d9c0af
1150ea973234b56c64ba836c5efb35a58c88fa35735ee1cc070c8177ab33c888
117dee899993c626522c4002c5a03a64794b48b85320da34ebf02e3f36ec49de
16e1961feff5b347312997cad977e2252c884e2f821dfb2ba16f4aefd6603d4b
2792095eabe77ed8eb66288ae4d7ef91a4dad7200ecea0516c73204189d56ef5
37a31dcd4a3e5eb8d6bed09d90176122eeb893971fe0c85d4680a887d7b3920c
5c644bc82108b6ce4237624505e9b5705bae99aef6cceef46396f49c4857e5a5
6d3e837806daaf890e49cdfedf943ace71c4818d4d3486bf2025f0aec7b0cf52
6e60eca27fae7dd3d1d3ec319e77c767ac0513a7cc6511f72b85d968212972e6
8956f116ecb52ff1d219c570d29127cdcde2481a3af58489d306dfce5ab3d2d4
b66fde4426aa400657f41970db19c05732b959b112211dcd30c89ddb4a65f63a
c02687d5584960f770e17979be1c01f41c82ff4712751213b7be663b3459990c
c6815187850fb3aa5eec8a38de69eae12825aef56b81722d38a424a385881534
d948a09afb800369747e600e65ca98f1fa1ac5e308e7b760f43e9ce14c3b579b
dc92452ecd88e815273485eed5ae0c3b655a6edf370ebf71208d115efb349565
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef7bce31edcc747098eeca664958d6eadc3011dec4c8a8139f86ae0ed3c028c7
f63a192587d28d08d150009ab0e66df48f23a41ceefe558070d4107ad6c3ca15
fbbcf06e56a3bcc59c17dca44d89d520d8c12c2d07c49da5f92c03873151a656