urlscan.io logo urlscan.io
SecurityTrails logo

tcr.gundrymdtotalrestore.com Open in urlscan Pro
104.18.27.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tcr.gundrymdtotalrestore.com/
Effective URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Submission: On September 19 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 16 domains to perform 95 HTTP transactions. The main IP is 104.18.27.133, located in and belongs to CLOUDFLARENET, US. The main domain is tcr.gundrymdtotalrestore.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 6th 2021. Valid for: a year.
This is the only time tcr.gundrymdtotalrestore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
40 104.18.27.133 13335 (CLOUDFLAR...)
2 142.250.181.232 15169 (GOOGLE)
4 172.217.16.142 15169 (GOOGLE)
10 104.75.88.209 16625 (AKAMAI-AS)
2 208.118.62.69 7296 (ALCHEMYNET)
6 31.13.92.14 32934 (FACEBOOK)
1 74.125.133.154 15169 (GOOGLE)
10 31.13.92.36 32934 (FACEBOOK)
1 2.18.234.122 16625 (AKAMAI-AS)
1 104.18.7.232 13335 (CLOUDFLAR...)
2 13.224.186.208 16509 (AMAZON-02)
1 151.101.2.217 54113 (FASTLY)
5 35.244.232.184 15169 (GOOGLE)
1 13.224.193.146 16509 (AMAZON-02)
1 52.92.162.80 16509 (AMAZON-02)
3 151.101.66.27 54113 (FASTLY)
2 2.16.186.34 20940 (AKAMAI-ASN1)
95 18
40    104.18.27.133 (None, )

ASN13335 (CLOUDFLARENET, US)
tcr.gundrymdtotalrestore.com
2    142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
www.googletagmanager.com
4    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net
www.google-analytics.com
10    104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
s.pinimg.com
ct.pinterest.com
2    208.118.62.69 (United States)

ASN7296 (ALCHEMYNET, US)
www.upsellit.com
6    31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net
connect.facebook.net
1    74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net
stats.g.doubleclick.net
10    31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com
www.facebook.com
1    2.18.234.122 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-122.deploy.static.akamaitechnologies.com
players.brightcove.net
1    104.18.7.232 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.gundrymd.com
2    13.224.186.208 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-208.fra2.r.cloudfront.net
edge.api.brightcove.com
1    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
5    35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com
metrics.brightcove.com
1    13.224.193.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-146.fra2.r.cloudfront.net
cf-images.us-east-1.prod.boltdns.net
1    52.92.162.80 (Boardman, United States)

ASN16509 (AMAZON-02, US)
s3-us-west-2.amazonaws.com
3    151.101.66.27 (United States)

ASN54113 (FASTLY, US)
manifest.prod.boltdns.net
2    2.16.186.34 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-34.deploy.static.akamaitechnologies.com
bcboltgoldenh-a.akamaihd.net
Domain Requested by
40 tcr.gundrymdtotalrestore.com tcr.gundrymdtotalrestore.com
10 www.facebook.com tcr.gundrymdtotalrestore.com
6 ct.pinterest.com tcr.gundrymdtotalrestore.com
6 connect.facebook.net tcr.gundrymdtotalrestore.com
connect.facebook.net
5 metrics.brightcove.com
4 s.pinimg.com www.googletagmanager.com
s.pinimg.com
4 www.google-analytics.com www.googletagmanager.com
tcr.gundrymdtotalrestore.com
3 manifest.prod.boltdns.net tcr.gundrymdtotalrestore.com
2 bcboltgoldenh-a.akamaihd.net tcr.gundrymdtotalrestore.com
2 edge.api.brightcove.com tcr.gundrymdtotalrestore.com
2 www.upsellit.com www.googletagmanager.com
2 www.googletagmanager.com tcr.gundrymdtotalrestore.com
1 s3-us-west-2.amazonaws.com tcr.gundrymdtotalrestore.com
1 cf-images.us-east-1.prod.boltdns.net
1 vjs.zencdn.net players.brightcove.net
1 cdn.gundrymd.com
1 players.brightcove.net tcr.gundrymdtotalrestore.com
1 stats.g.doubleclick.net tcr.gundrymdtotalrestore.com
95 18

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-06 -
2022-07-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
*.upsellit.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-30 -
2022-11-01		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
players.brightcove.net
DigiCert SHA2 Secure Server CA		 2021-08-04 -
2022-08-04		 a year crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
*.api.brightcove.com
Amazon		 2021-09-09 -
2022-10-08		 a year crt.sh
metrics.brightcove.com
GTS CA 1D4		 2021-08-27 -
2021-11-25		 3 months crt.sh
*.prod.boltdns.net
Amazon		 2020-12-08 -
2022-01-06		 a year crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
*.adapter.ooyala.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-13 -
2022-06-14		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Frame ID: B701C2D80A55E9BFCF48B84124C7AC93
Requests: 94 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gut Cleanse Protocol

Page URL History Show full URLs

  1. https://tcr.gundrymdtotalrestore.com/ Page URL
  2. https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

95
Requests

97 %
HTTPS

0 %
IPv6

16
Domains

18
Subdomains

18
IPs

3
Countries

6736 kB
Transfer

31066 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tcr.gundrymdtotalrestore.com/ Page URL
  2. https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
tcr.gundrymdtotalrestore.com/ 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbc50b7f7b7b6e44ab0d91c20b0f91fd5c5c703584c505d991a27898de521c5f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tcr.gundrymdtotalrestore.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 19 Sep 2021 01:52:42 GMT
content-type
text/html; charset=UTF-8
cf-ray
690f2d18bd352181-DUS
cache-control
public, max-age = 31557600
last-modified
Sun, 19 Sep 2021 00:20:21 GMT
set-cookie
_csrf=hWEkA-2mR_OLjhiGwy-KHi6y; Path=/ _csrf=ftDrqotQVntzoFwgfIb-69QX; Path=/ XSRF-TOKEN=DhYQzVUZ-Rqp58ERm3h0h-I9g7eFi8QxG_CU; Path=/; Secure
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
server
cloudflare
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
process_env.js
tcr.gundrymdtotalrestore.com/ 		1 KB
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/process_env.js?ver=91920210
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ae57627239253c62620724bccfffc48666f60d30bae8abbb38461e3015aefba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/process_env.js?ver=91920210
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; XSRF-TOKEN=DhYQzVUZ-Rqp58ERm3h0h-I9g7eFi8QxG_CU
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 19 Sep 2021 01:20:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"456-17bfba3a519"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
via
1.1 vegur
vary
Accept-Encoding
cache-control
private, no-cache, max-age = 0
cf-ray
690f2d19be492181-DUS
funnel_confs.js
tcr.gundrymdtotalrestore.com/ 		4 MB
294 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/funnel_confs.js?ver=91920210
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da603088d1413544b7ab12d6da7ffb9c5aebd2d401958801fcadf446bfc290db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/funnel_confs.js?ver=91920210
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; XSRF-TOKEN=DhYQzVUZ-Rqp58ERm3h0h-I9g7eFi8QxG_CU
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 19 Sep 2021 01:05:13 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"46c81a-17bfb95f1cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
via
1.1 vegur
vary
Accept-Encoding
cache-control
public, max-age = 31557600
set-cookie
XSRF-TOKEN=yJARN0uS-GuiGlplAXfwMtopyi7FqSOQpva0; Path=/; Secure
accept-ranges
bytes
cf-ray
690f2d19be4a2181-DUS
countries.js
tcr.gundrymdtotalrestore.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/countries.js?ver=91920210
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81cd6879cea00a8aa75e3ed475c0e1b7c0174192b000f7936338b1642a68ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/countries.js?ver=91920210
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; XSRF-TOKEN=DhYQzVUZ-Rqp58ERm3h0h-I9g7eFi8QxG_CU
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 19 Sep 2021 01:20:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"972-17bfba3a4f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
via
1.1 vegur
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d19be4b2181-DUS
expires
Sun, 19 Sep 2021 02:52:42 GMT
polyfills.js
tcr.gundrymdtotalrestore.com/build/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
889b55a9f68c3f0b1b423c124f4876639920d29a171098d4e42d120d401290d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/polyfills.js?ver=91920210
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; XSRF-TOKEN=yJARN0uS-GuiGlplAXfwMtopyi7FqSOQpva0
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:17:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"17b9c-17bf0e6e548"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
via
1.1 vegur
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d1afc30c49a-DUS
expires
Sun, 19 Sep 2021 02:52:42 GMT
vendor.js
tcr.gundrymdtotalrestore.com/build/ 		2 MB
487 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/vendor.js?ver=91920210
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ccf947d1638d0b79f0a5af99d128f06c99bea781434021adc168e74ce321082
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/vendor.js?ver=91920210
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; XSRF-TOKEN=yJARN0uS-GuiGlplAXfwMtopyi7FqSOQpva0
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:20:08 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1fb94e-17bf0e90440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
via
1.1 vegur
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d1b5c6cc49a-DUS
expires
Sun, 19 Sep 2021 02:52:42 GMT
main.js
tcr.gundrymdtotalrestore.com/build/ 		468 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/main.js?ver=91920210
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd3fdfede32ed4dc738cdb3c41c997020931e9cd81599ea7b4f71fef3d4ce12d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/main.js?ver=91920210
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; XSRF-TOKEN=yJARN0uS-GuiGlplAXfwMtopyi7FqSOQpva0
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:19:33 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"74ebe-17bf0e87b88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
via
1.1 vegur
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d1b5c6fc49a-DUS
expires
Sun, 19 Sep 2021 02:52:42 GMT
main.css
tcr.gundrymdtotalrestore.com/build/ 		5 MB
516 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/main.css?ver=91920210
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2090017c341f953d7ed887f2b403aa40207a027b0b69388f77c8030fe45f38d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/main.css?ver=91920210
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; XSRF-TOKEN=DhYQzVUZ-Rqp58ERm3h0h-I9g7eFi8QxG_CU
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:19:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"4c7cfa-17bf0e848c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/css; charset=UTF-8
via
1.1 vegur
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d19be4c2181-DUS
expires
Sun, 19 Sep 2021 02:52:42 GMT
gtm.js
www.googletagmanager.com/ 		484 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
50381329d87a9ffff1735c62bf1103de252196f72f4a8d0d39b06b323847a5c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:42 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92293
x-xss-protection
0
last-modified
Sun, 19 Sep 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 19 Sep 2021 01:52:42 GMT
request-ip
tcr.gundrymdtotalrestore.com/ 		63 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/request-ip
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d29ed231dfed49451fd0192cfedd3c18d903dae11500b56ca71321329e6be32f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/request-ip
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; XSRF-TOKEN=yJARN0uS-GuiGlplAXfwMtopyi7FqSOQpva0
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:42 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3f-UivIIHleMu/R0IbqxVn4cbvXeLs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript; charset=utf-8
cache-control
private, no-cache, max-age = 0
set-cookie
XSRF-TOKEN=CKM7wMhO-st8XWqPnPp1wrJu71glFG5tL12Y; Path=/; Secure
cf-ray
690f2d1b5c71c49a-DUS
getsession
tcr.gundrymdtotalrestore.com/proxy/utils/ 		0
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/proxy/utils/getsession
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; XSRF-TOKEN=yJARN0uS-GuiGlplAXfwMtopyi7FqSOQpva0
:path
/proxy/utils/getsession
pragma
no-cache
x-brand
Gundry MD
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tcr.gundrymdtotalrestore.com/
x-brand
Gundry MD
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:42 GMT
via
1.1 vegur, 1.1 vegur
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
x-download-options
noopen
content-type
application/octet-stream
access-control-expose-headers
X-Brand
access-control-allow-credentials
true
set-cookie
XSRF-TOKEN=F2xIJAs7-t-mwgSHW4V0CRO1XWvrFHl-MJ3M; Path=/; Secure
cf-ray
690f2d1b5c73c49a-DUS
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
3643
date
Sun, 19 Sep 2021 00:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 19 Sep 2021 02:52:00 GMT
core.js
s.pinimg.com/ct/ 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
503f17f1ead39e733bbf304e686d367d5c7051a5df079f15b7e251b479959b13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding
gzip
x-check-cacheable
YES
x-cdn
akamai
x-akamai-pragma-client-ip
10.86.102.155, 80.155.7.50
etag
"57947439b864e017feed0d94316d5a8c"
x-serial
6449
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
accept-ranges
bytes
content-length
583
access-control-expose-headers
X-CDN
goldenhippo.jsp
www.upsellit.com/active/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upsellit.com/active/goldenhippo.jsp
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.118.62.69 , United States, ASN7296 (ALCHEMYNET, US),
Reverse DNS
Software
nginx /
Resource Hash
979bb59f878d5198b64f6984f8d16a4f0c1ee4e4f8b0c25ca86a663c5a067f02

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:43 GMT
content-encoding
gzip
expires
Mon, 20 Sep 2021 01:52:43 GMT
server
nginx
cache-control
max-age=86400
content-type
application/x-javascript;charset=ISO-8859-1
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
N+2BWskq6L2qcEBm5rj4SUYu6JCJ79hqzHvYoWIIix3xIrFcq4fmUiSGZuY3Dm7nGTqiQlc+m6s6i3n/N3w01Q==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 19 Sep 2021 01:52:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
setaffparameters
tcr.gundrymdtotalrestore.com/proxy/affiliate/ 		20 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/proxy/affiliate/setaffparameters
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tcr.gundrymdtotalrestore.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; XSRF-TOKEN=F2xIJAs7-t-mwgSHW4V0CRO1XWvrFHl-MJ3M; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451
content-length
559
:path
/proxy/affiliate/setaffparameters
pragma
no-cache
x-brand
Gundry MD
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/
:scheme
https
sec-fetch-site
same-origin
xsrf-token
F2xIJAs7-t-mwgSHW4V0CRO1XWvrFHl-MJ3M
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tcr.gundrymdtotalrestore.com/
X-Brand
Gundry MD
Accept-Language
de-DE,de;q=0.9
XSRF-TOKEN
F2xIJAs7-t-mwgSHW4V0CRO1XWvrFHl-MJ3M
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 19 Sep 2021 01:52:43 GMT
via
1.1 vegur, 1.1 vegur
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tcr.gundrymdtotalrestore.com
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
set-cookie
connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; Path=/; Expires=Sat, 02 Oct 2021 23:12:43 GMT; HttpOnly
cf-ray
690f2d1f1ed5c49a-DUS
access-control-expose-headers
X-Brand
src_components_components_module_ts.js
tcr.gundrymdtotalrestore.com/build/ 		191 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/src_components_components_module_ts.js?v=4d9afd2205ad3cbd0589
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/main.js?ver=91920210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a4a5787d5e63703019da156c10a715babec5947c17754986421103c1e8de574
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/src_components_components_module_ts.js?v=4d9afd2205ad3cbd0589
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; XSRF-TOKEN=F2xIJAs7-t-mwgSHW4V0CRO1XWvrFHl-MJ3M; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/?sessionid=1421846043713
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/?sessionid=1421846043713
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:19:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2fa7d-17bf0e88358"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
via
1.1 vegur
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d1f1ee2c49a-DUS
expires
Sun, 19 Sep 2021 02:52:43 GMT
src_pages_funnel-settings-base_landing-base-fs-base_ts.js
tcr.gundrymdtotalrestore.com/build/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/src_pages_funnel-settings-base_landing-base-fs-base_ts.js?v=3e67f3ae55ab1c3b3b52
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/main.js?ver=91920210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af689bd40e62ea585824151113d991b6d8fbb712265af2f793de8b3081488f77
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/src_pages_funnel-settings-base_landing-base-fs-base_ts.js?v=3e67f3ae55ab1c3b3b52
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; XSRF-TOKEN=F2xIJAs7-t-mwgSHW4V0CRO1XWvrFHl-MJ3M; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/?sessionid=1421846043713
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/?sessionid=1421846043713
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:18:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2dfa-17bf0e7db60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
via
1.1 vegur
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d1f1ee3c49a-DUS
expires
Sun, 19 Sep 2021 02:52:43 GMT
src_pages__brand-pages-base_base-controllers_home_home-common_ts.js
tcr.gundrymdtotalrestore.com/build/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/src_pages__brand-pages-base_base-controllers_home_home-common_ts.js?v=6f2c4d174199fb464b1a
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/main.js?ver=91920210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc439d7a683c5a0fa2443683f400319cc760a6fba97c5a349d4de70b0d20490
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/src_pages__brand-pages-base_base-controllers_home_home-common_ts.js?v=6f2c4d174199fb464b1a
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; XSRF-TOKEN=F2xIJAs7-t-mwgSHW4V0CRO1XWvrFHl-MJ3M; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/?sessionid=1421846043713
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/?sessionid=1421846043713
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:18:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3f53-17bf0e7db60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
via
1.1 vegur
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d1f1ee4c49a-DUS
expires
Sun, 19 Sep 2021 02:52:43 GMT
src_pages_home_home_module_ts.js
tcr.gundrymdtotalrestore.com/build/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/src_pages_home_home_module_ts.js?v=279c3153e91b8afe24af
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/main.js?ver=91920210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b4c087adca07ff3fc4e240ce794133e985d48932e34c5dbbc9c0cbc8f445b8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/src_pages_home_home_module_ts.js?v=279c3153e91b8afe24af
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; XSRF-TOKEN=F2xIJAs7-t-mwgSHW4V0CRO1XWvrFHl-MJ3M; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/?sessionid=1421846043713
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/?sessionid=1421846043713
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:18:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3dd1-17bf0e7db60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
via
1.1 vegur
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d1f1ee5c49a-DUS
expires
Sun, 19 Sep 2021 02:52:43 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1018644566&t=pageview&_s=1&dl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2F%3Fsessionid%3D1421846043713&dp=%2F&ul=en-us&de=UTF-8&dt=Gundry%20MD%20-%20Is%20There%20A%20Solution%20For%20Leaky%20Gut%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=89186674&gjid=566954800&cid=457334474.1632016363&tid=UA-145012034-1&_gid=213294046.1632016363&_r=1&gtm=2wg9f05PNTFNV&z=1931803947
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tcr.gundrymdtotalrestore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 01:52:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tcr.gundrymdtotalrestore.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1054811594670732
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1054811594670732?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
5d6901c3e12668230b7f82ad7ef28cf1f9ee3c4cf3a0dc7786daa9a0395b4706
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
RThbg+OgL0/dlaSUT9diV9Grc49ZCyZyVihQ1Z3LIJk3y+R6fHMaCTfNAJu+4jRD6pqFTKBrKK40+g3tfpYV4Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 19 Sep 2021 01:52:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.c6ca189a.js
s.pinimg.com/ct/lib/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.c6ca189a.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e68c7f596671913cde21ea0a5c4367b743a79422d87b0659e22f00673c5aeb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"6ed3b8d9c0f104e8bf55431013d34078"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
accept-ranges
bytes
content-length
17534
access-control-expose-headers
X-CDN
/
ct.pinterest.com/user/ 		493 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2615447712663&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1632016363482
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20fd937dd145754a357d9b74f62992d77b7921cbcf64367b71f8f3047df30d5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:43 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.866656b8.1632016363.42a144
x-envoy-upstream-service-time
1
x-pinterest-rid
7585357321349112
pin-unauth
dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw
access-control-allow-origin
https://tcr.gundrymdtotalrestore.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
342
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2615447712663&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2F%3Fsessionid%3D1421846043713%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c6ca189a%22%2C%22floc_enabled%22%3Afalse%2C%22ecm_enabled%22%3Afalse%7D&cb=1632016363483
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/?sessionid=1421846043713
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 01:52:43 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.866656b8.1632016363.42a145
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
8829739253534908
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-145012034-1&cid=457334474.1632016363&jid=89186674&gjid=566954800&_gid=213294046.1632016363&_u=YEBAAAAAAAAAAC~&z=1681528704
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tcr.gundrymdtotalrestore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 19 Sep 2021 01:52:43 GMT
content-type
text/plain
access-control-allow-origin
https://tcr.gundrymdtotalrestore.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/md/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/md/
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://tcr.gundrymdtotalrestore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 01:52:44 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.866656b8.1632016364.42a1bb
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
0
x-pinterest-rid
1359218449714401
expires
Sat, 01 Jan 2000 00:00:00 GMT
106162701349700
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/106162701349700?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
2d8b3cd833ccac2a36d1bfaccf4449c9ffb2d5248fbf6d5286de66dc8af54c65
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
qFcUCBGcq3U3/qwRav4ucdD5cP7DrplAUS65OVvkhRVLfKwgbfp/1OUuLUB4CUaFRf25h2HY9co1hyne2PWuiw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 19 Sep 2021 01:52:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1054811594670732&ev=PageView&dl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2F%3Fsessionid%3D1421846043713&rl=&if=false&ts=1632016364087&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1632016364085.297265921&it=1632016363468&coo=false&dpo=&exp=p1&rqm=GET
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/?sessionid=1421846043713
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 19 Sep 2021 01:52:44 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=106162701349700&ev=PageView&dl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713&rl=&if=false&ts=1632016364193&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1632016364085.297265921&it=1632016363468&coo=false&dpo=&exp=p1&rqm=GET
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sun, 19 Sep 2021 01:52:44 GMT
Primary Request /
tcr.gundrymdtotalrestore.com/lp/ 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/src_pages_home_home_module_ts.js?v=279c3153e91b8afe24af
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbc50b7f7b7b6e44ab0d91c20b0f91fd5c5c703584c505d991a27898de521c5f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tcr.gundrymdtotalrestore.com
:scheme
https
:path
/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713
accept-encoding
gzip, deflate, br
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; XSRF-TOKEN=F2xIJAs7-t-mwgSHW4V0CRO1XWvrFHl-MJ3M; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713

Response headers

date
Sun, 19 Sep 2021 01:52:44 GMT
content-type
text/html; charset=UTF-8
cf-ray
690f2d254a76c49a-DUS
cache-control
public, max-age = 31557600
last-modified
Sun, 19 Sep 2021 00:20:21 GMT
set-cookie
XSRF-TOKEN=r9pyiu2B-FSgFQ_G1wbbbH_P6FcgutMK6U1E; Path=/; Secure
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
server
cloudflare
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
process_env.js
tcr.gundrymdtotalrestore.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/process_env.js?ver=91920210
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ae57627239253c62620724bccfffc48666f60d30bae8abbb38461e3015aefba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/process_env.js?ver=91920210
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=r9pyiu2B-FSgFQ_G1wbbbH_P6FcgutMK6U1E
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 19 Sep 2021 01:20:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"456-17bfba3a519"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
via
1.1 vegur
vary
Accept-Encoding
cache-control
private, no-cache, max-age = 0
cf-ray
690f2d26cb6fc49a-DUS
funnel_confs.js
tcr.gundrymdtotalrestore.com/ 		4 MB
294 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/funnel_confs.js?ver=91920210
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da603088d1413544b7ab12d6da7ffb9c5aebd2d401958801fcadf446bfc290db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/funnel_confs.js?ver=91920210
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=r9pyiu2B-FSgFQ_G1wbbbH_P6FcgutMK6U1E
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 19 Sep 2021 01:05:13 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"46c81a-17bfb95f1cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
via
1.1 vegur
vary
Accept-Encoding
cache-control
public, max-age = 31557600
set-cookie
XSRF-TOKEN=uRPZxwVl-D0axnsIHqrZM52K46b274Y2bZHc; Path=/; Secure
accept-ranges
bytes
cf-ray
690f2d26cb70c49a-DUS
countries.js
tcr.gundrymdtotalrestore.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/countries.js?ver=91920210
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d39bf0fadf65f23b6be787c557ec3288dd2c7bcf1b88a546817f26e8f63d8558
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/countries.js?ver=91920210
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=r9pyiu2B-FSgFQ_G1wbbbH_P6FcgutMK6U1E
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:44 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
age
2
cf-polished
origSize=2418
x-dns-prefetch-control
off
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 19 Sep 2021 01:20:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"972-17bfba3a4f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d26cb71c49a-DUS
expires
Sun, 19 Sep 2021 02:52:44 GMT
polyfills.js
tcr.gundrymdtotalrestore.com/build/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80b3dd379b1fd6b5972f04048efc7270d73680f0620d9a9dd0aed6dca2b539d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/polyfills.js?ver=91920210
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=uRPZxwVl-D0axnsIHqrZM52K46b274Y2bZHc
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:44 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
age
2
cf-polished
origSize=97180
x-dns-prefetch-control
off
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:17:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"17b9c-17bf0e6e548"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d280c27c49a-DUS
expires
Sun, 19 Sep 2021 02:52:44 GMT
vendor.js
tcr.gundrymdtotalrestore.com/build/ 		2 MB
501 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/vendor.js?ver=91920210
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4c3340c899f950a04d6736af2d6f4a60e2d05a8adc3631b4f02c0982e4914e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/vendor.js?ver=91920210
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=uRPZxwVl-D0axnsIHqrZM52K46b274Y2bZHc
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:44 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
age
2
cf-polished
origSize=2079054
x-dns-prefetch-control
off
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:20:08 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1fb94e-17bf0e90440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d285c4dc49a-DUS
expires
Sun, 19 Sep 2021 02:52:44 GMT
main.js
tcr.gundrymdtotalrestore.com/build/ 		468 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/main.js?ver=91920210
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
315ee30cf994623d2dae361adb97c8282b90243f6831cbb7a82a7bdcd6e1ffe8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/main.js?ver=91920210
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=uRPZxwVl-D0axnsIHqrZM52K46b274Y2bZHc
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:44 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
age
2
cf-polished
origSize=478910
x-dns-prefetch-control
off
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:19:33 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"74ebe-17bf0e87b88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d287c5bc49a-DUS
expires
Sun, 19 Sep 2021 02:52:44 GMT
main.css
tcr.gundrymdtotalrestore.com/build/ 		5 MB
551 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/main.css?ver=91920210
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1992a689b24567e1c2af92594cfe002b9b852768ea6b922ba3c4956bf97f1720
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/main.css?ver=91920210
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=r9pyiu2B-FSgFQ_G1wbbbH_P6FcgutMK6U1E
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:44 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
age
2
cf-polished
origSize=5012730
x-dns-prefetch-control
off
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:19:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"4c7cfa-17bf0e848c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d26cb72c49a-DUS
expires
Sun, 19 Sep 2021 02:52:44 GMT
gtm.js
www.googletagmanager.com/ 		484 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
50381329d87a9ffff1735c62bf1103de252196f72f4a8d0d39b06b323847a5c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92293
x-xss-protection
0
last-modified
Sun, 19 Sep 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 19 Sep 2021 01:52:44 GMT
request-ip
tcr.gundrymdtotalrestore.com/ 		63 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/request-ip
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d29ed231dfed49451fd0192cfedd3c18d903dae11500b56ca71321329e6be32f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/request-ip
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=uRPZxwVl-D0axnsIHqrZM52K46b274Y2bZHc
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:45 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3f-UivIIHleMu/R0IbqxVn4cbvXeLs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/javascript; charset=utf-8
cache-control
private, no-cache, max-age = 0
set-cookie
XSRF-TOKEN=71wAeZMP-0Ab8sY6Tq9cLyj3YVK-S2AY6R0c; Path=/; Secure
cf-ray
690f2d28cc8ac49a-DUS
getsession
tcr.gundrymdtotalrestore.com/proxy/utils/ 		0
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/proxy/utils/getsession
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=uRPZxwVl-D0axnsIHqrZM52K46b274Y2bZHc
:path
/proxy/utils/getsession
pragma
no-cache
x-brand
Gundry MD
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
x-brand
Gundry MD
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:45 GMT
via
1.1 vegur, 1.1 vegur
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
x-download-options
noopen
content-type
application/octet-stream
access-control-expose-headers
X-Brand
access-control-allow-credentials
true
set-cookie
XSRF-TOKEN=GifPb99Z-KRL6JUYPOgwIxoEQPQBzBBmzZiE; Path=/; Secure
cf-ray
690f2d28cc8bc49a-DUS
src_components_components_module_ts.js
tcr.gundrymdtotalrestore.com/build/ 		191 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/src_components_components_module_ts.js?v=4d9afd2205ad3cbd0589
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/main.js?ver=91920210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a4a5787d5e63703019da156c10a715babec5947c17754986421103c1e8de574
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/src_components_components_module_ts.js?v=4d9afd2205ad3cbd0589
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=71wAeZMP-0Ab8sY6Tq9cLyj3YVK-S2AY6R0c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:45 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
age
2
x-dns-prefetch-control
off
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:19:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2fa7d-17bf0e88358"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d2c1eb0c49a-DUS
expires
Sun, 19 Sep 2021 02:52:45 GMT
src_pages_funnel-settings-base_landing-base-fs-base_ts.js
tcr.gundrymdtotalrestore.com/build/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/src_pages_funnel-settings-base_landing-base-fs-base_ts.js?v=3e67f3ae55ab1c3b3b52
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/main.js?ver=91920210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58d6abdcb53e3eedeaba48d80aa59b99d1dfc483b1d65218631f0e816fb8dfb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/src_pages_funnel-settings-base_landing-base-fs-base_ts.js?v=3e67f3ae55ab1c3b3b52
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=71wAeZMP-0Ab8sY6Tq9cLyj3YVK-S2AY6R0c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:45 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
age
2
cf-polished
origSize=11770
x-dns-prefetch-control
off
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:18:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2dfa-17bf0e7db60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d2c1eb1c49a-DUS
expires
Sun, 19 Sep 2021 02:52:45 GMT
src_pages__brand-pages-base_base-controllers_home_home-common_ts.js
tcr.gundrymdtotalrestore.com/build/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/src_pages__brand-pages-base_base-controllers_home_home-common_ts.js?v=6f2c4d174199fb464b1a
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/main.js?ver=91920210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c037e0eb097e3f6b372755a8c5995bfe4be5490802f9802ce6f1bf28ad71b81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/src_pages__brand-pages-base_base-controllers_home_home-common_ts.js?v=6f2c4d174199fb464b1a
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=71wAeZMP-0Ab8sY6Tq9cLyj3YVK-S2AY6R0c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:45 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
age
2
cf-polished
origSize=16211
x-dns-prefetch-control
off
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:18:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3f53-17bf0e7db60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d2c1eb2c49a-DUS
expires
Sun, 19 Sep 2021 02:52:45 GMT
src_pages_home_home_module_ts.js
tcr.gundrymdtotalrestore.com/build/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/src_pages_home_home_module_ts.js?v=279c3153e91b8afe24af
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/main.js?ver=91920210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70bd2f26df7c121ed5b0e7fda14a394470da605bef84754c3cb69f7fe183fe8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/src_pages_home_home_module_ts.js?v=279c3153e91b8afe24af
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=71wAeZMP-0Ab8sY6Tq9cLyj3YVK-S2AY6R0c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:45 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
age
2
cf-polished
origSize=15825
x-dns-prefetch-control
off
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:18:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3dd1-17bf0e7db60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d2c1eb3c49a-DUS
expires
Sun, 19 Sep 2021 02:52:45 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
3645
date
Sun, 19 Sep 2021 00:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 19 Sep 2021 02:52:00 GMT
core.js
s.pinimg.com/ct/ 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
503f17f1ead39e733bbf304e686d367d5c7051a5df079f15b7e251b479959b13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding
gzip
x-check-cacheable
YES
x-cdn
akamai
x-akamai-pragma-client-ip
10.86.102.155, 80.155.7.50
etag
"57947439b864e017feed0d94316d5a8c"
x-serial
6449
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
accept-ranges
bytes
content-length
583
access-control-expose-headers
X-CDN
goldenhippo.jsp
www.upsellit.com/active/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upsellit.com/active/goldenhippo.jsp
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.118.62.69 , United States, ASN7296 (ALCHEMYNET, US),
Reverse DNS
Software
nginx /
Resource Hash
979bb59f878d5198b64f6984f8d16a4f0c1ee4e4f8b0c25ca86a663c5a067f02

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:45 GMT
content-encoding
gzip
expires
Mon, 20 Sep 2021 01:52:45 GMT
server
nginx
cache-control
max-age=86400
content-type
application/x-javascript;charset=ISO-8859-1
fbevents.js
connect.facebook.net/en_US/ 		99 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
N+2BWskq6L2qcEBm5rj4SUYu6JCJ79hqzHvYoWIIix3xIrFcq4fmUiSGZuY3Dm7nGTqiQlc+m6s6i3n/N3w01Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 19 Sep 2021 01:52:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
Montserrat-regular.woff2
tcr.gundrymdtotalrestore.com/assets/fonts/Montserrat-regular/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/assets/fonts/Montserrat-regular/Montserrat-regular.woff2
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/main.css?ver=91920210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6d5f3361200b9841322bf424d7d49b1e7d81ad6ed193b81787b9915f867755b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tcr.gundrymdtotalrestore.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=71wAeZMP-0Ab8sY6Tq9cLyj3YVK-S2AY6R0c
:path
/assets/fonts/Montserrat-regular/Montserrat-regular.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/build/main.css?ver=91920210
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://tcr.gundrymdtotalrestore.com/build/main.css?ver=91920210
Origin
https://tcr.gundrymdtotalrestore.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9768
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:17:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2628-17bf0e6e548"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
690f2d2ff925c49a-DUS
expires
Sun, 19 Sep 2021 02:52:46 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1780064261&t=pageview&_s=1&dl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713%26uid%3Dgundrymdtotalrestore.com&dp=%2Flp%2F&ul=en-us&de=UTF-8&dt=Gundry%20MD%20-%20Is%20There%20A%20Solution%20For%20Leaky%20Gut%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAAAB~&jid=&gjid=&cid=457334474.1632016363&tid=UA-145012034-1&_gid=213294046.1632016363&gtm=2wg9f05PNTFNV&cd1=1421846043713&z=2082988603
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 00:25:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5228
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
main.c6ca189a.js
s.pinimg.com/ct/lib/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.c6ca189a.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e68c7f596671913cde21ea0a5c4367b743a79422d87b0659e22f00673c5aeb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"6ed3b8d9c0f104e8bf55431013d34078"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
accept-ranges
bytes
content-length
17534
access-control-expose-headers
X-CDN
1054811594670732
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1054811594670732?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
5d6901c3e12668230b7f82ad7ef28cf1f9ee3c4cf3a0dc7786daa9a0395b4706
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
89198
x-xss-protection
0
pragma
public
x-fb-debug
RThbg+OgL0/dlaSUT9diV9Grc49ZCyZyVihQ1Z3LIJk3y+R6fHMaCTfNAJu+4jRD6pqFTKBrKK40+g3tfpYV4Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 19 Sep 2021 01:52:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/ 		493 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2615447712663&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw%22%7D&cb=1632016366104
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20fd937dd145754a357d9b74f62992d77b7921cbcf64367b71f8f3047df30d5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.866656b8.1632016366.42a450
x-envoy-upstream-service-time
1
x-pinterest-rid
5430900228351826
pin-unauth
dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw
access-control-allow-origin
https://tcr.gundrymdtotalrestore.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
342
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2615447712663&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713%26uid%3Dgundrymdtotalrestore.com%22%2C%22ref%22%3A%22https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c6ca189a%22%2C%22floc_enabled%22%3Afalse%2C%22ecm_enabled%22%3Afalse%7D&cb=1632016366105
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 01:52:46 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.866656b8.1632016366.42a451
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
content-length
35
x-pinterest-rid
1184345455239863
expires
Sat, 01 Jan 2000 00:00:00 GMT
106162701349700
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/106162701349700?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
2d8b3cd833ccac2a36d1bfaccf4449c9ffb2d5248fbf6d5286de66dc8af54c65
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
89217
x-xss-protection
0
pragma
public
x-fb-debug
qFcUCBGcq3U3/qwRav4ucdD5cP7DrplAUS65OVvkhRVLfKwgbfp/1OUuLUB4CUaFRf25h2HY9co1hyne2PWuiw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 19 Sep 2021 01:52:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1054811594670732&ev=PageView&dl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713%26uid%3Dgundrymdtotalrestore.com&rl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713&if=false&ts=1632016366118&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1632016364085.297265921&it=1632016366091&coo=false&dpo=&rqm=GET
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sun, 19 Sep 2021 01:52:46 GMT
/
ct.pinterest.com/md/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/md/
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://tcr.gundrymdtotalrestore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 01:52:46 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.866656b8.1632016366.42a45b
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
1
x-pinterest-rid
1442774665430683
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=106162701349700&ev=PageView&dl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713%26uid%3Dgundrymdtotalrestore.com&rl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713&if=false&ts=1632016366145&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1632016364085.297265921&it=1632016366091&coo=false&dpo=&rqm=GET
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sun, 19 Sep 2021 01:52:46 GMT
save
tcr.gundrymdtotalrestore.com/proxy/funnel/stats/ 		16 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/proxy/funnel/stats/save
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://tcr.gundrymdtotalrestore.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=71wAeZMP-0Ab8sY6Tq9cLyj3YVK-S2AY6R0c
content-length
581
:path
/proxy/funnel/stats/save
pragma
no-cache
x-brand
Gundry MD
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
xsrf-token
71wAeZMP-0Ab8sY6Tq9cLyj3YVK-S2AY6R0c
:method
POST
Accept
application/json, text/plain, */*
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
X-Brand
Gundry MD
Accept-Language
de-DE,de;q=0.9
XSRF-TOKEN
71wAeZMP-0Ab8sY6Tq9cLyj3YVK-S2AY6R0c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
via
1.1 vegur, 1.1 vegur
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"10-MxB4y4MLcx6QDsp8b8vgp7iFMFo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tcr.gundrymdtotalrestore.com
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
set-cookie
XSRF-TOKEN=AQEVxiPD-fJB4zYpr3iEueWaHYNM75k2SlN8; Path=/; Secure
cf-ray
690f2d31da58c49a-DUS
access-control-expose-headers
X-Brand
src_pages__brand-pages-base_base-controllers_video_video-common-gh_ts.js
tcr.gundrymdtotalrestore.com/build/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/src_pages__brand-pages-base_base-controllers_video_video-common-gh_ts.js?v=17d7940470832126388a
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/main.js?ver=91920210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae2d8e6aaade326e9f0dcd9aeb251e0ce922e21c719ff3b7937ba05a400a611
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/src_pages__brand-pages-base_base-controllers_video_video-common-gh_ts.js?v=17d7940470832126388a
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=71wAeZMP-0Ab8sY6Tq9cLyj3YVK-S2AY6R0c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:18:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"8ede-17bf0e7db60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
via
1.1 vegur
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d31da5ac49a-DUS
expires
Sun, 19 Sep 2021 02:52:46 GMT
src_pages_video_video_module_ts.js
tcr.gundrymdtotalrestore.com/build/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tcr.gundrymdtotalrestore.com/build/src_pages_video_video_module_ts.js?v=eb3a7e18f9d2f62c40df
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/main.js?ver=91920210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2b8b2bacb97f4dec66bc1f99bdd4eb16ebc850bb02e086b76a802bbf8a6f3f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/build/src_pages_video_video_module_ts.js?v=eb3a7e18f9d2f62c40df
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=71wAeZMP-0Ab8sY6Tq9cLyj3YVK-S2AY6R0c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:18:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"64a7-17bf0e7db60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
via
1.1 vegur
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
690f2d31da5bc49a-DUS
expires
Sun, 19 Sep 2021 02:52:46 GMT
index.min.js
players.brightcove.net/6058004206001/default_default/ 		798 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://players.brightcove.net/6058004206001/default_default/index.min.js
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/src_pages__brand-pages-base_base-controllers_video_video-common-gh_ts.js?v=17d7940470832126388a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.234.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8cf0a38e0504bc9de846cbfcf6abd5ef9b4263c7a9266b11e6ed86ba8a2d4ac2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
TNH8sS3w7IKHf1oYL_Ys.62_iXxaZEcP
Content-Encoding
gzip
ETag
"cd64b72e1a2412070f6cb3beaf88a754"
x-amz-request-id
EF8TAHBTCJ2VTY6K
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
217638
x-amz-id-2
dqziTIbfLwx79PXAaYGQY5CaeU/PKgpdGuCU/DDl0HOkyPDrxPDb8TJhgQbfd1pSVTQieu6Ndig=
X-BCOV-Response-Mode
1
X-Served-By
cache-ams21025-AMS
Last-Modified
Thu, 09 Sep 2021 20:33:14 GMT
Server
AmazonS3
X-Timer
S1631219615.004578,VS0,VE506
Date
Sun, 19 Sep 2021 01:52:46 GMT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=286
Accept-Ranges
bytes
X-Cache-Hits
0
gundry-logo.jpg
tcr.gundrymdtotalrestore.com/assets/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcr.gundrymdtotalrestore.com/assets/img/gundry-logo.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41d8143650ebdb9d9a962cab5f83b121b3422940e3e2d0688026bccd6699a877
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/img/gundry-logo.jpg
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=AQEVxiPD-fJB4zYpr3iEueWaHYNM75k2SlN8; gundryMDUserVisited=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4571
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:17:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"11db-17bf0e6e548"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
690f2d330af3c49a-DUS
expires
Sun, 19 Sep 2021 02:52:46 GMT
phone.png
tcr.gundrymdtotalrestore.com/assets/img/ 		489 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcr.gundrymdtotalrestore.com/assets/img/phone.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4b93c225168fc8fa90fe402bd1c8ab42fe7f81c3ac3323f2978790bfc5878a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/img/phone.png
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=AQEVxiPD-fJB4zYpr3iEueWaHYNM75k2SlN8; gundryMDUserVisited=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
489
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:17:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1e9-17bf0e6e548"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
690f2d330af4c49a-DUS
expires
Sun, 19 Sep 2021 02:52:46 GMT
speaker.png
tcr.gundrymdtotalrestore.com/assets/img/ 		460 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcr.gundrymdtotalrestore.com/assets/img/speaker.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4c1d935ba0e700bc28d004397e0298e35c1528967d571394c0bc4a38dac15f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/img/speaker.png
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=AQEVxiPD-fJB4zYpr3iEueWaHYNM75k2SlN8; gundryMDUserVisited=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
460
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:17:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1cc-17bf0e6e548"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
690f2d330af7c49a-DUS
expires
Sun, 19 Sep 2021 02:52:46 GMT
Playbutton.png
cdn.gundrymd.com/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gundrymd.com/images/Playbutton.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cdbcf84acabb10f658e198b06d3497be86b6291f1eeb23b581ffe46f8924c97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
cf-cache-status
HIT
x-amz-request-id
25MGM736GXZYZGMG
cf-polished
origFmt=png, origSize=31455
content-disposition
inline; filename="Playbutton.webp"
cf-bgj
imgq:85,h2pri
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10982
x-amz-id-2
IkmDp6m+lgjFPaxpaMYtasgz4iVQgV3QShP0Q3quoblBXZxnpfs7t+BQiEpiIiyH3Yn64q5tIAI=
last-modified
Mon, 13 Jul 2020 19:33:32 GMT
server
cloudflare
etag
"94f19f0c88361f988382b41db9dd5c8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=3600
x-amz-version-id
null
accept-ranges
bytes
cf-ray
690f2d3358082169-DUS
expires
Sun, 19 Sep 2021 02:52:46 GMT
gundry-309x300_2.png
tcr.gundrymdtotalrestore.com/assets/img/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcr.gundrymdtotalrestore.com/assets/img/gundry-309x300_2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99cf12de7fb05dbf461560d8e0388a5ca5ce80ce367068eaa7852472d2d87197
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/img/gundry-309x300_2.png
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=AQEVxiPD-fJB4zYpr3iEueWaHYNM75k2SlN8; gundryMDUserVisited=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39103
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:17:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"98bf-17bf0e6e548"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
690f2d330af8c49a-DUS
expires
Sun, 19 Sep 2021 02:52:46 GMT
gundry_ab.png
tcr.gundrymdtotalrestore.com/assets/img/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcr.gundrymdtotalrestore.com/assets/img/gundry_ab.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be8edb4f5633a4cb06d3c81818902c44e785d810504e2cd42b67c258a637d420
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/img/gundry_ab.png
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=AQEVxiPD-fJB4zYpr3iEueWaHYNM75k2SlN8; gundryMDUserVisited=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
87167
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:17:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1547f-17bf0e6e548"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
690f2d330af9c49a-DUS
expires
Sun, 19 Sep 2021 02:52:46 GMT
favicon.png
tcr.gundrymdtotalrestore.com/assets/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcr.gundrymdtotalrestore.com/assets/img/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7bbbae8e3dfd2bacc18f2c86937981bdf385286269f57f030b26957ebf36c02
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/img/favicon.png
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=AQEVxiPD-fJB4zYpr3iEueWaHYNM75k2SlN8; gundryMDUserVisited=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2247
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:17:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"8c7-17bf0e6e548"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
690f2d330afac49a-DUS
expires
Sun, 19 Sep 2021 02:52:46 GMT
greater.png
tcr.gundrymdtotalrestore.com/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcr.gundrymdtotalrestore.com/assets/img/greater.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.133 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbce315f59b77f0f5db1f1f96cb42191fa404aa0dcf7d689356db2c257938dd0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/img/greater.png
pragma
no-cache
cookie
_csrf=ftDrqotQVntzoFwgfIb-69QX; _gcl_au=1.1.1764249768.1632016363; GAID=1b136ec0-d39a-dc7e-a961-dc002cc81451; _ga=GA1.3.457334474.1632016363; _gid=GA1.3.213294046.1632016363; _gat_UA-145012034-1=1; connect.sid=s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss; _pin_unauth=dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw; _fbp=fb.1.1632016364085.297265921; XSRF-TOKEN=AQEVxiPD-fJB4zYpr3iEueWaHYNM75k2SlN8; gundryMDUserVisited=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
tcr.gundrymdtotalrestore.com
referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/lp/?sessionid=1421846043713&uid=gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1921
x-xss-protection
1; mode=block
last-modified
Thu, 16 Sep 2021 23:17:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"781-17bf0e6e548"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
690f2d333b0cc49a-DUS
expires
Sun, 19 Sep 2021 02:52:46 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1054811594670732&ev=PageView&dl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2F1btotalrestorevid1%2F%3Fsessionid%3D1421846043713%26uid%3Dgundrymdtotalrestore.com&rl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713&if=false&ts=1632016366592&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1632016364085.297265921&it=1632016366091&coo=false&dpo=&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sun, 19 Sep 2021 01:52:46 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=106162701349700&ev=PageView&dl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2F1btotalrestorevid1%2F%3Fsessionid%3D1421846043713%26uid%3Dgundrymdtotalrestore.com&rl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713&if=false&ts=1632016366593&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1632016364085.297265921&it=1632016366091&coo=false&dpo=&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sun, 19 Sep 2021 01:52:46 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1054811594670732&ev=PageView&dl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2F1btotalrestorevid1%2F%3Fsessionid%3D1421846043713%26uid%3Dgundrymdtotalrestore.com%26step%3D2&rl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713&if=false&ts=1632016366599&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1632016364085.297265921&it=1632016366091&coo=false&dpo=&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sun, 19 Sep 2021 01:52:46 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=106162701349700&ev=PageView&dl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2F1btotalrestorevid1%2F%3Fsessionid%3D1421846043713%26uid%3Dgundrymdtotalrestore.com%26step%3D2&rl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713&if=false&ts=1632016366600&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1632016364085.297265921&it=1632016366091&coo=false&dpo=&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sun, 19 Sep 2021 01:52:46 GMT
6080982921001
edge.api.brightcove.com/playback/v1/accounts/6058004206001/videos/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/6058004206001/videos/6080982921001
Protocol
HTTP/1.1
Server
13.224.186.208 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-208.fra2.r.cloudfront.net
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
accept
Origin
https://tcr.gundrymdtotalrestore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Length
0
Connection
keep-alive
Server
Varnish
Retry-After
0
access-control-max-age
86400
Accept-Ranges
bytes
Date
Sun, 19 Sep 2021 01:52:47 GMT
Via
1.1 varnish, 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
X-Served-By
cache-fra19128-FRA
X-Cache-Hits
0
X-Timer
S1632016367.166328,VS0,VE0
BCOV-Debug-Cache-Stats
unknown
BCOV-instance
unknown
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Cache-Control
max-age=0, no-cache, no-store
X-Cache
Miss from cloudfront
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
Du-sPDYNix0iIANynpkr6xLaxOICkXs8YFimqZ2Mgt4_ZcDStsk_Ng==
vtt.global.min.js
vjs.zencdn.net/vttjs/0.12.5/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by
Host: players.brightcove.net
URL: https://players.brightcove.net/6058004206001/default_default/index.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:47 GMT
content-encoding
gzip
last-modified
Thu, 31 Aug 2017 21:04:55 GMT
etag
"f30dac97e5c2aaa10a7695b93cc66699"
x-served-by
cache-hhn4032-HHN
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
7231
x-cache-hits
471168
6080982921001
edge.api.brightcove.com/playback/v1/accounts/6058004206001/videos/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/6058004206001/videos/6080982921001
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.208 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-208.fra2.r.cloudfront.net
Software
/
Resource Hash
58b03b23eb47c5d2540ad3628d679e1f79660e7b2ce8b2747ada58e6107ded25

Request headers

Accept
application/json;pk=BCpkADawqM1xV1MNL_N5fmbsfxkoSYIVpSiiclr_CxXM_dnMY3mrR1Uz5YDP_xqpWEiVjjVyAI0MrKPM8R4IQUSrpj-3znsS8epdzR0naL5hMZ33xYxH0FzRflAKgjmYHslX4TS-WAKkmr3j
Referer
https://tcr.gundrymdtotalrestore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Bc-Override-Client-Ip
216.131.111.156
Date
Sun, 19 Sep 2021 01:52:47 GMT
Powered-From
eu-central-1c
Bcov-Request-Id
efd8d27c-e78d-4a40-ba3d-f317e38a81d7
Age
0
Policy-Key-Accountid
6058004206001
X-Cache
Miss from cloudfront
Connection
keep-alive
Powered-By
BC
Content-Length
3928
Via
1.1 varnish, 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
X-Served-By
cache-fra19158-FRA
BCOV-instance
unknown
Policy-Key-Raw
BCpkADawqM1xV1MNL_N5fmbsfxkoSYIVpSiiclr_CxXM_dnMY3mrR1Uz5YDP_xqpWEiVjjVyAI0MrKPM8R4IQUSrpj-3znsS8epdzR0naL5hMZ33xYxH0FzRflAKgjmYHslX4TS-WAKkmr3j
X-Timer
S1632016367.176197,VS0,VE74
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control
max-age=0, no-cache, no-store
Account-Status
APPROVED
BCOV-Debug-Cache-Stats
unknown
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id
nFKEinRUAO0upX3Yyku7TaSgP1SGPyJsZ4V0G3Zg_8KklpHvybol2g==
X-Cache-Hits
0
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=1d1b2bc75692b1dfbc56d9ef&account=6058004206001&destination=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2F1btotalrestorevid1%2F%3Fsessionid%3D1421846043713%26uid%3Dgundrymdtotalrestore.com%26step%3D2&platform_version=6.60.0&player=players.brightcove.com%2F6058004206001%2Fdefault_default&player_name=Brightcove%20Default%20Player&source=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713&event=player_init&time=1632016367073&seq=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sun, 19 Sep 2021 01:52:47 GMT
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
content-type
image/gif
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=1d1b2bc75692b1dfbc56d9ef&account=6058004206001&destination=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2F1btotalrestorevid1%2F%3Fsessionid%3D1421846043713%26uid%3Dgundrymdtotalrestore.com%26step%3D2&platform_version=6.60.0&player=players.brightcove.com%2F6058004206001%2Fdefault_default&player_name=Brightcove%20Default%20Player&source=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F6058004206001%2Fvideos%2F6080982921001&time=1632016367074&seq=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sun, 19 Sep 2021 01:52:47 GMT
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
content-type
image/gif
tracker
metrics.brightcove.com/v2/ 		35 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=1d1b2bc75692b1dfbc56d9ef&account=6058004206001&destination=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2F1btotalrestorevid1%2F%3Fsessionid%3D1421846043713%26uid%3Dgundrymdtotalrestore.com%26step%3D2&platform_version=6.60.0&player=players.brightcove.com%2F6058004206001%2Fdefault_default&player_name=Brightcove%20Default%20Player&source=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713&usage=inpage-embed&event=player_load&time=1632016367091&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=81400000&qos.performance.memory.totalJSHeapSize=139000000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=1632016366210&qos.performance.timing.loadEventStart=1632016366210&qos.performance.timing.domComplete=1632016366210&qos.performance.timing.domContentLoadedEventEnd=1632016365450&qos.performance.timing.domContentLoadedEventStart=1632016365450&qos.performance.timing.domInteractive=1632016364975&qos.performance.timing.domLoading=1632016364587&qos.performance.timing.responseEnd=1632016364584&qos.performance.timing.responseStart=1632016364583&qos.performance.timing.requestStart=1632016364362&qos.performance.timing.secureConnectionStart=0&qos.performance.timing.connectEnd=1632016364360&qos.performance.timing.connectStart=1632016364360&qos.performance.timing.domainLookupEnd=1632016364360&qos.performance.timing.domainLookupStart=1632016364360&qos.performance.timing.fetchStart=1632016364360&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=1632016364586&qos.performance.timing.unloadEventStart=1632016364586&qos.performance.timing.navigationStart=1632016364360&qos.player.dimensions=%5B%5B1632016367091%2C%220x0%22%2C%22680x382.5%22%5D%5D&qos.player.pixelratio=%5B%5B1632016367091%2C1%5D%5D&qos.player.screendimensions=%5B%5B1632016367091%2C%221600x1200%22%5D%5D&seq=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sun, 19 Sep 2021 01:52:47 GMT
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
content-type
image/gif
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=1d1b2bc75692b1dfbc56d9ef&account=6058004206001&destination=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2F1btotalrestorevid1%2F%3Fsessionid%3D1421846043713%26uid%3Dgundrymdtotalrestore.com%26step%3D2&platform_version=6.60.0&player=players.brightcove.com%2F6058004206001%2Fdefault_default&player_name=Brightcove%20Default%20Player&source=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F6058004206001%2Fvideos%2F6080982921001&time=1632016367255&response_time_ms=181&seq=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sun, 19 Sep 2021 01:52:47 GMT
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
content-type
image/gif
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/6058004206001/5dba3fbe-f67b-446f-8d4f-0836221fa219/a4f2cbe9-6cf3-45c1-b62b-a1ca84c431c0/1280x720/match/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/6058004206001/5dba3fbe-f67b-446f-8d4f-0836221fa219/a4f2cbe9-6cf3-45c1-b62b-a1ca84c431c0/1280x720/match/image.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-146.fra2.r.cloudfront.net
Software
/ BC
Resource Hash
07333ac6255743c1524ccfaf65bfbbd4bb7cb82184e55f2bdf47890fd058ebbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 08 Feb 2021 02:30:46 GMT
Via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
19264921
X-Powered-From
gantry
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
i3UEnl7s8TlLrt7oQsLQbymtN2S31Z_6JaLxqfTfAj7A4SHOWqDwsg==
Expires
Tue, 08 Feb 2022 02:30:46 GMT
Gundry-Finger3.gif
s3-us-west-2.amazonaws.com/cdn.gundrymd.com/images/ 		645 KB
645 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-us-west-2.amazonaws.com/cdn.gundrymd.com/images/Gundry-Finger3.gif
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/main.css?ver=91920210
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.162.80 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7381334d5fcf676ef52967742bc7275fd976e6cd10c1fac31572508aeb96ac80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 01:52:48 GMT
Last-Modified
Thu, 20 Aug 2020 06:24:43 GMT
Server
AmazonS3
x-amz-request-id
R0KAKTGEGQ1TXF2J
ETag
"b8f323ab50cc3193dba6ef3d0287eea1"
Content-Type
image/gif
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
660456
x-amz-id-2
94lIrus8TCchOTRR+PW7ZcVY6ackJr+KHH6ra1czQBIBjKL+RRswzu4xPIxnnTXlWaY0klBgPng=
master.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004206001/5dba3fbe-f67b-446f-8d4f-0836221fa219/10s/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004206001/5dba3fbe-f67b-446f-8d4f-0836221fa219/10s/master.m3u8?fastly_token=NjE0NmZlYmRfMDIwMDU0MWE4M2M4YjgwNzQ2YWVlY2ViM2U1MmU1YTk1NGRmNzQ1NTViMjE1NmFlMDVmOWNkMWI3ZGM0NzA5MA%3D%3D
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
d9e2240726de5388ddbac93226fa3b42d43dfb0fe05a9452bf87afc1d89de9c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:47 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
x-bolt-device-group
desktop-chrome
content-length
2032
x-served-by
cache-hhn4050-HHN
x-device-group
desktop-chrome
x-timer
S1632016367.336148,VS0,VE39
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
f0060f94-8ff9-4580-bd02-97419ca92971
https://tcr.gundrymdtotalrestore.com/ 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tcr.gundrymdtotalrestore.com/f0060f94-8ff9-4580-bd02-97419ca92971
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c8080b8db8443b7e4a1c5021e0490917c6b2bf5439be933dbf43ff90902d9d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
5914
Content-Type
application/javascript
b9b160e7-e6db-4e89-a2d5-ddb3bcc1fafb
https://tcr.gundrymdtotalrestore.com/ 		85 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tcr.gundrymdtotalrestore.com/b9b160e7-e6db-4e89-a2d5-ddb3bcc1fafb
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f08963da609bbe4b16d10a2a9bb4a5f082ecbdb113adb78465b525423a80dda6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
86623
Content-Type
application/javascript
f0abe75f-5b7c-4bfc-8c88-53a52c43fb1d
https://tcr.gundrymdtotalrestore.com/ 		85 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tcr.gundrymdtotalrestore.com/f0abe75f-5b7c-4bfc-8c88-53a52c43fb1d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f08963da609bbe4b16d10a2a9bb4a5f082ecbdb113adb78465b525423a80dda6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
86623
Content-Type
application/javascript
tracker
metrics.brightcove.com/v2/ 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=1d1b2bc75692b1dfbc56d9ef&account=6058004206001&destination=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2F1btotalrestorevid1%2F%3Fsessionid%3D1421846043713%26uid%3Dgundrymdtotalrestore.com%26step%3D2&platform_version=6.60.0&player=players.brightcove.com%2F6058004206001%2Fdefault_default&player_name=Brightcove%20Default%20Player&source=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713&time=1632016367279&event=video_impression&video=6080982921001&video_name=Gundry_ProPlant_VSL_191121A.mp4&video_duration=3272&autoplay=false&preload=metadata&qos.content.sourceMimeType=application%2Fvnd.apple.mpegurl&seq=4_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
via
1.1 google
date
Sun, 19 Sep 2021 01:52:47 GMT
cache-control
must-revalidate,no-cache,no-store
alt-svc
clear
content-length
35
content-type
image/gif
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004206001/5dba3fbe-f67b-446f-8d4f-0836221fa219/13db2f28-8db1-4050-99b3-80941c8c9b93/10s/ 		57 KB
58 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004206001/5dba3fbe-f67b-446f-8d4f-0836221fa219/13db2f28-8db1-4050-99b3-80941c8c9b93/10s/rendition.m3u8?fastly_token=NjE0NmZlYmRfMDJkOWFiZTE2NWFlNDBiN2I1YTYzN2E2NGI3NjcwNzNhNDdkNjNhNWQxNTY4Y2YzZGRiOGNiZjJjNDk3YjUxMA%3D%3D
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
b856d2ded5362947468b83b16ae501439bd74f3cabc96f8916c4294e23bdc516

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:47 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
58863
x-served-by
cache-hhn4050-HHN
x-device-group
desktop-chrome
x-timer
S1632016367.387913,VS0,VE180
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004206001/5dba3fbe-f67b-446f-8d4f-0836221fa219/651b6c6a-7504-4efc-b1fd-dd41d0049fcd/10s/ 		58 KB
58 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004206001/5dba3fbe-f67b-446f-8d4f-0836221fa219/651b6c6a-7504-4efc-b1fd-dd41d0049fcd/10s/rendition.m3u8?fastly_token=NjE0NmZlYmRfNzFlMTQ0MTViZGEzZDkwY2UzMzhlMTZiZDY2MWVlNDg4ZWQwZGIzN2I3MzY2ZWYwZWRmYWIzMTUwNjNmMGVjNg%3D%3D
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
384ab8ba1e229ccc78e4dbd8c16ae6088e0b848dd237239bf25e763f57a43bd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:47 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
59074
x-served-by
cache-hhn4050-HHN
x-device-group
desktop-chrome
x-timer
S1632016368.592561,VS0,VE207
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
segment0.ts
bcboltgoldenh-a.akamaihd.net/media/v1/hls/v4/clear/6058004206001/5dba3fbe-f67b-446f-8d4f-0836221fa219/13db2f28-8db1-4050-99b3-80941c8c9b93/5x/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcboltgoldenh-a.akamaihd.net/media/v1/hls/v4/clear/6058004206001/5dba3fbe-f67b-446f-8d4f-0836221fa219/13db2f28-8db1-4050-99b3-80941c8c9b93/5x/segment0.ts
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-34.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
7295352089a9c639eb3b1f799e4014e0d45fbea631f7138a5fd377dca76a26ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 01:52:47 GMT
X-Powered-By
BC
Backend-IP
35.169.71.132
BC-MID
true
Connection
keep-alive
Content-Length
1742008
X-Served-By
cache-ewr18135-EWR
Akamai-Mon-Iucid-Del
888514
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1608486411.031734,VS0,VE8
X-Powered-From
gantry
ETag
"98e8abc9fb926db98b3f9ce9dce3dd6d"
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=7948130
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
Expires
Mon, 20 Dec 2021 01:41:37 GMT
X-Cache-Hits
1
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1054811594670732&ev=Microdata&dl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2F1btotalrestorevid1%2F%3Fsessionid%3D1421846043713%26uid%3Dgundrymdtotalrestore.com%26step%3D2&rl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713&if=false&ts=1632016367621&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gut%20Cleanse%20Protocol%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=3&o=30&fbp=fb.1.1632016364085.297265921&it=1632016366091&coo=false&dpo=&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sun, 19 Sep 2021 01:52:47 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=106162701349700&ev=Microdata&dl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2F1btotalrestorevid1%2F%3Fsessionid%3D1421846043713%26uid%3Dgundrymdtotalrestore.com%26step%3D2&rl=https%3A%2F%2Ftcr.gundrymdtotalrestore.com%2Flp%2F%3Fsessionid%3D1421846043713&if=false&ts=1632016367648&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gut%20Cleanse%20Protocol%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=3&o=30&fbp=fb.1.1632016364085.297265921&it=1632016366091&coo=false&dpo=&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:52:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sun, 19 Sep 2021 01:52:47 GMT
segment0.ts
bcboltgoldenh-a.akamaihd.net/media/v1/hls/v4/clear/6058004206001/5dba3fbe-f67b-446f-8d4f-0836221fa219/651b6c6a-7504-4efc-b1fd-dd41d0049fcd/5x/ 		171 KB
172 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcboltgoldenh-a.akamaihd.net/media/v1/hls/v4/clear/6058004206001/5dba3fbe-f67b-446f-8d4f-0836221fa219/651b6c6a-7504-4efc-b1fd-dd41d0049fcd/5x/segment0.ts
Requested by
Host: tcr.gundrymdtotalrestore.com
URL: https://tcr.gundrymdtotalrestore.com/build/polyfills.js?ver=91920210
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-34.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
46ba0ae594cd7c94fea90a626ec78c1734ada04f648b05c45d15b1cb7c8f31f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tcr.gundrymdtotalrestore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 01:52:47 GMT
X-Amz-Cf-Pop
EWR53-C1
X-Powered-By
BC
Backend-IP
13.225.71.45
BC-MID
true
Connection
keep-alive
Content-Length
174840
X-Served-By
cache-ewr18161-EWR
Akamai-Mon-Iucid-Del
888514
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1627441968.684703,VS0,VE2
X-Powered-From
gantry
ETag
"9d12832a2fa10c935e6fa043d037d076"
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Cache-Control
public, max-age=25912851
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id
fatUwymsFYEvyDHFmSwfPkldU73a_vnO6zk4y3Z76ms1-qVWhf9szA==
Expires
Fri, 15 Jul 2022 23:53:38 GMT
X-Cache-Hits
1

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| Ionic function| roundHalfEven function| hashCode string| dd object| process_env object| funnel_confs object| countries function| getCookie function| getSearchParameters function| transformToAssocArray string| TouchCRBase__UTM_Campaign_V2__c object| dataLayer function| getPCIRandom function| getIP object| ipscript object| headtab undefined| head undefined| script object| sessionRequest string| url undefined| token undefined| script1 undefined| script2 object| MyBundle object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader object| webpackChunktouchcr_funnel boolean| ghbundle boolean| ngDevMode function| Hammer object| __zone_symbol__beforeunloadfalse object| __zone_symbol__ON_PROPERTYmessage object| __zone_symbol__messagefalse object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| __zone_symbol__ON_PROPERTYpopstate object| gh string| ip object| google_tag_manager function| postscribe object| google_tag_manager_external object| __zone_symbol__loadfalse object| google_tag_data string| tvc_ua string| browserType object| con string| connectionSpeed number| downloadSpeed string| GoogleAnalyticsObject function| ga function| pintrk function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse string| cookieName string| decodedCookie object| cookieVals undefined| cookieValue string| cookie function| fbq function| _fbq object| __zone_symbol__orientationchangefalse object| gaplugins object| gaGlobal object| gaData function| hasOwnProperty object| usi_commons string| usi_cookieless string| usi_session_storage object| usi_cookies object| usi_app object| __zone_symbol__unloadfalse function| __zone_symbol__ON_PROPERTYload object| __zone_symbol__resizefalse boolean| VIDEOJS_NO_DYNAMIC_STYLE function| videojs function| videojsFlash object| videojsFlashlsSourceHandler object| httpStreaming function| videojsPerSourceBehaviors function| videojsContextmenu function| videojsContextmenuUi function| videojsBcAnalytics function| videojsErrors object| videojsBcCatalog object| videojsDock function| videojsPlaylist function| bc function| WebVTT object| vttjs object| __zone_symbol__onlinefalse object| __zone_symbol__offlinefalse object| __zone_symbol__statusTapfalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

12 Cookies

Domain/Path Name / Value
tcr.gundrymdtotalrestore.com/ Name: _csrf
Value: ftDrqotQVntzoFwgfIb-69QX
.gundrymdtotalrestore.com/ Name: _gcl_au
Value: 1.1.1764249768.1632016363
tcr.gundrymdtotalrestore.com/ Name: GAID
Value: 1b136ec0-d39a-dc7e-a961-dc002cc81451
.tcr.gundrymdtotalrestore.com/ Name: _ga
Value: GA1.3.457334474.1632016363
.tcr.gundrymdtotalrestore.com/ Name: _gid
Value: GA1.3.213294046.1632016363
.tcr.gundrymdtotalrestore.com/ Name: _gat_UA-145012034-1
Value: 1
tcr.gundrymdtotalrestore.com/ Name: connect.sid
Value: s%3AMLjgbj4Aubq0jRXWgiE68G1YvlkRHiJ1.6x1bhO9%2F%2B93rCBXfxWOHnExl1x80Y63jEhPp34zn4ss
.tcr.gundrymdtotalrestore.com/ Name: _pin_unauth
Value: dWlkPU1HTmtabVUxTm1ZdE56UXdNeTAwTURZMUxUZzJNemt0WW1FNE5XSmxaVEZsWVRBdw
.gundrymdtotalrestore.com/ Name: _fbp
Value: fb.1.1632016364085.297265921
.facebook.com/ Name: fr
Value: 0CSEASxkZaPuXyPDh..BhRpfs...1.0.BhRpfs.
tcr.gundrymdtotalrestore.com/ Name: XSRF-TOKEN
Value: AQEVxiPD-fJB4zYpr3iEueWaHYNM75k2SlN8
tcr.gundrymdtotalrestore.com/ Name: gundryMDUserVisited
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcboltgoldenh-a.akamaihd.net
cdn.gundrymd.com
cf-images.us-east-1.prod.boltdns.net
connect.facebook.net
ct.pinterest.com
edge.api.brightcove.com
manifest.prod.boltdns.net
metrics.brightcove.com
players.brightcove.net
s.pinimg.com
s3-us-west-2.amazonaws.com
stats.g.doubleclick.net
tcr.gundrymdtotalrestore.com
vjs.zencdn.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.upsellit.com
104.18.27.133
104.18.7.232
104.75.88.209
13.224.186.208
13.224.193.146
142.250.181.232
151.101.2.217
151.101.66.27
172.217.16.142
2.16.186.34
2.18.234.122
208.118.62.69
31.13.92.14
31.13.92.36
35.244.232.184
52.92.162.80
74.125.133.154
07333ac6255743c1524ccfaf65bfbbd4bb7cb82184e55f2bdf47890fd058ebbc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1992a689b24567e1c2af92594cfe002b9b852768ea6b922ba3c4956bf97f1720
1a4a5787d5e63703019da156c10a715babec5947c17754986421103c1e8de574
1b4c087adca07ff3fc4e240ce794133e985d48932e34c5dbbc9c0cbc8f445b8a
1ccf947d1638d0b79f0a5af99d128f06c99bea781434021adc168e74ce321082
2090017c341f953d7ed887f2b403aa40207a027b0b69388f77c8030fe45f38d2
20fd937dd145754a357d9b74f62992d77b7921cbcf64367b71f8f3047df30d5b
2c037e0eb097e3f6b372755a8c5995bfe4be5490802f9802ce6f1bf28ad71b81
2d8b3cd833ccac2a36d1bfaccf4449c9ffb2d5248fbf6d5286de66dc8af54c65
315ee30cf994623d2dae361adb97c8282b90243f6831cbb7a82a7bdcd6e1ffe8
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
384ab8ba1e229ccc78e4dbd8c16ae6088e0b848dd237239bf25e763f57a43bd8
3d2b8b2bacb97f4dec66bc1f99bdd4eb16ebc850bb02e086b76a802bbf8a6f3f
41d8143650ebdb9d9a962cab5f83b121b3422940e3e2d0688026bccd6699a877
46ba0ae594cd7c94fea90a626ec78c1734ada04f648b05c45d15b1cb7c8f31f9
4ae2d8e6aaade326e9f0dcd9aeb251e0ce922e21c719ff3b7937ba05a400a611
50381329d87a9ffff1735c62bf1103de252196f72f4a8d0d39b06b323847a5c8
503f17f1ead39e733bbf304e686d367d5c7051a5df079f15b7e251b479959b13
58b03b23eb47c5d2540ad3628d679e1f79660e7b2ce8b2747ada58e6107ded25
58d6abdcb53e3eedeaba48d80aa59b99d1dfc483b1d65218631f0e816fb8dfb5
5d6901c3e12668230b7f82ad7ef28cf1f9ee3c4cf3a0dc7786daa9a0395b4706
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8080b8db8443b7e4a1c5021e0490917c6b2bf5439be933dbf43ff90902d9d6
6e68c7f596671913cde21ea0a5c4367b743a79422d87b0659e22f00673c5aeb8
70bd2f26df7c121ed5b0e7fda14a394470da605bef84754c3cb69f7fe183fe8a
7295352089a9c639eb3b1f799e4014e0d45fbea631f7138a5fd377dca76a26ef
7381334d5fcf676ef52967742bc7275fd976e6cd10c1fac31572508aeb96ac80
7ae57627239253c62620724bccfffc48666f60d30bae8abbb38461e3015aefba
80b3dd379b1fd6b5972f04048efc7270d73680f0620d9a9dd0aed6dca2b539d0
81cd6879cea00a8aa75e3ed475c0e1b7c0174192b000f7936338b1642a68ac86
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
889b55a9f68c3f0b1b423c124f4876639920d29a171098d4e42d120d401290d7
8cf0a38e0504bc9de846cbfcf6abd5ef9b4263c7a9266b11e6ed86ba8a2d4ac2
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
979bb59f878d5198b64f6984f8d16a4f0c1ee4e4f8b0c25ca86a663c5a067f02
99cf12de7fb05dbf461560d8e0388a5ca5ce80ce367068eaa7852472d2d87197
9cdbcf84acabb10f658e198b06d3497be86b6291f1eeb23b581ffe46f8924c97
9e4b93c225168fc8fa90fe402bd1c8ab42fe7f81c3ac3323f2978790bfc5878a
a7bbbae8e3dfd2bacc18f2c86937981bdf385286269f57f030b26957ebf36c02
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
af689bd40e62ea585824151113d991b6d8fbb712265af2f793de8b3081488f77
b4c3340c899f950a04d6736af2d6f4a60e2d05a8adc3631b4f02c0982e4914e9
b856d2ded5362947468b83b16ae501439bd74f3cabc96f8916c4294e23bdc516
bbce315f59b77f0f5db1f1f96cb42191fa404aa0dcf7d689356db2c257938dd0
be8edb4f5633a4cb06d3c81818902c44e785d810504e2cd42b67c258a637d420
cf4c1d935ba0e700bc28d004397e0298e35c1528967d571394c0bc4a38dac15f
d29ed231dfed49451fd0192cfedd3c18d903dae11500b56ca71321329e6be32f
d39bf0fadf65f23b6be787c557ec3288dd2c7bcf1b88a546817f26e8f63d8558
d9e2240726de5388ddbac93226fa3b42d43dfb0fe05a9452bf87afc1d89de9c5
da603088d1413544b7ab12d6da7ffb9c5aebd2d401958801fcadf446bfc290db
dbc50b7f7b7b6e44ab0d91c20b0f91fd5c5c703584c505d991a27898de521c5f
dd3fdfede32ed4dc738cdb3c41c997020931e9cd81599ea7b4f71fef3d4ce12d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f08963da609bbe4b16d10a2a9bb4a5f082ecbdb113adb78465b525423a80dda6
f6d5f3361200b9841322bf424d7d49b1e7d81ad6ed193b81787b9915f867755b
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
fbc439d7a683c5a0fa2443683f400319cc760a6fba97c5a349d4de70b0d20490
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62