urlscan.io logo urlscan.io
SecurityTrails logo

wellconnected.murad.com Open in urlscan Pro
2620:12a:8001::2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://trk.murad.com/ls/click?upn=bkaqLhKAS8FuleS4x8dBCfs2VLacnfSNbIYl4fiUiU88wJVGBgt9Cqn6ICdJJfK2aO6CgeztNGHPcXvBmY1...
Effective URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20...
Submission: On September 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 14 domains to perform 58 HTTP transactions. The main IP is 2620:12a:8001::2, located in United States and belongs to FASTLY, US. The main domain is wellconnected.murad.com.
TLS certificate: Issued by R3 on July 26th 2023. Valid for: 3 months.
This is the only time wellconnected.murad.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    167.89.118.83 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x83.outbound-mail.sendgrid.net
trk.murad.com
22    2620:12a:8001::2 (United States)

ASN54113 (FASTLY, US)
wellconnected.murad.com
3    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    192.200.160.253 (United States)

ASN399566 (BIGCOMMERCE, US)
cdn11.bigcommerce.com
2    2600:9000:26da:5000:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.ctfassets.net
1    45.54.15.10 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)
PTR: 10.15.54.45.ptr.anycast.net
www.murad.com
1    2.17.100.138 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-138.deploy.static.akamaitechnologies.com
c.evidon.com
4    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
4698620.fls.doubleclick.net
2    2a02:26f0:3500:88e::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
cdn.bttrack.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    151.101.0.84 (United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com
bttrack.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
Apex Domain
Subdomains		 Transfer
24 murad.com
trk.murad.com
wellconnected.murad.com
www.murad.com — Cisco Umbrella Rank: 857910
2 MB
7 bttrack.com
cdn.bttrack.com — Cisco Umbrella Rank: 7735
bttrack.com — Cisco Umbrella Rank: 862
8 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2547
22 KB
3 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 826
1 KB
3 doubleclick.net
4698620.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 87
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
222 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6457
adservice.google.de — Cisco Umbrella Rank: 13774
923 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 105
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
262 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 169
93 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 832
20 KB
2 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3776
3 KB
2 bigcommerce.com
cdn11.bigcommerce.com — Cisco Umbrella Rank: 10686
4 KB
1 evidon.com
c.evidon.com — Cisco Umbrella Rank: 1544
898 B
58 14
Domain Requested by
22 wellconnected.murad.com wellconnected.murad.com
5 bttrack.com wellconnected.murad.com
cdn.bttrack.com
bttrack.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 ct.pinterest.com s.pinimg.com
wellconnected.murad.com
3 www.googletagmanager.com wellconnected.murad.com
www.googletagmanager.com
2 www.facebook.com wellconnected.murad.com
2 connect.facebook.net wellconnected.murad.com
connect.facebook.net
2 cdn.bttrack.com www.googletagmanager.com
cdn.bttrack.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 4698620.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 images.ctfassets.net wellconnected.murad.com
2 cdn11.bigcommerce.com wellconnected.murad.com
1 adservice.google.de adservice.google.com
1 adservice.google.com 4698620.fls.doubleclick.net
1 www.google.de wellconnected.murad.com
1 www.google.com wellconnected.murad.com
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 c.evidon.com wellconnected.murad.com
1 www.murad.com wellconnected.murad.com
1 trk.murad.com 1 redirects
58 21
Subject Issuer Validity Valid
wellconnected.murad.com
R3		 2023-07-26 -
2023-10-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.bigcommerce.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-23 -
2024-03-25		 a year crt.sh
images.ctfassets.net
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-16		 a year crt.sh
www.murad.com
R3		 2023-07-27 -
2023-10-25		 3 months crt.sh
betrad.com
R3		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-14 -
2023-09-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Frame ID: BF6EB95F0C8A8F1B4CEAF3527EB875BF
Requests: 73 HTTP requests in this frame

Frame: https://4698620.fls.doubleclick.net/activityi;dc_pre=CNDOlqirk4EDFQymGAodSs4Gyg;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt
Frame ID: 487154EE01FAE44934A37C0BB5B63697
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNDOlqirk4EDFQymGAodSs4Gyg;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt
Frame ID: 8EB9AC59400794B199C2493C59DC7287
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNDOlqirk4EDFQymGAodSs4Gyg;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt
Frame ID: A3315591399E93D5162ACF9D7C2EADA4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0E31D08B33360FC76FD2FA6491921977
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 1D64AF8F4578B078AADD25D5F7E6B33F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Murad Skincare | Clinical Skin Care CompanyLogosearch r3

Page URL History Show full URLs

  1. http://trk.murad.com/ls/click?upn=bkaqLhKAS8FuleS4x8dBCfs2VLacnfSNbIYl4fiUiU88wJVGBgt9Cqn6ICdJJfK... HTTP 302
    https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\d+\.bigcommerce\.com/
Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • c\.evidon\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

58
Requests

100 %
HTTPS

62 %
IPv6

14
Domains

21
Subdomains

21
IPs

3
Countries

2470 kB
Transfer

3778 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trk.murad.com/ls/click?upn=bkaqLhKAS8FuleS4x8dBCfs2VLacnfSNbIYl4fiUiU88wJVGBgt9Cqn6ICdJJfK2aO6CgeztNGHPcXvBmY192hZvGTWeKmDELMzEMERsZdtUqrnkVUzT2gomSWBoqs3vgRLUUHe0UqycHm7LnUbB8hvu8s58Y3IoMOjDs2-2BYUSbp-2F8forN5GOLk7k3E4VvCB9EqE1MhCRW4u2ZFK2EOPk-2FHzOwwsGuuxlO9wNbFZQfEM53tfR3sJKRoPbSEMPWxyiRl9AwpR-2BEF9OKmgIb7DFskv0-2BqUubJH7PH94Fr4EY2ISYuoaNhkNuBV7Otf6O-2Blo-2FyRXKKC7FgbdspdBd3PinQD5XdDRmQfUrhIlmTUBdc-3DoFin_Q5Hp-2B8p5EthxnZBKoPXhKbE2mQY8rxzfOG8gRI1wRrvuIX5mpqrSyxCbBK3HN67mYUXTY4RSUfGSNvAxdjxLm-2BGTy9gw5bBCBKZrAKQVEmWq44cpTXAJX9mno5o6Eb-2BzduSbnOe2wSnYXzN-2FTTgOGc4GVtABe61GVkT5cSb-2FY0a1WctuJEtCG1AjqfxO7WDLGN6W0D7UfNi5oGF3t-2BrZrCiuKKT4TtQWUM2f2jObOWhDSAPK-2BfHcTQV9FljyMoif6V47EXWOn5Jc5iTdNDYXrzVEg-2BvskBpga1GeQoQfoh5cgOgkDKtg-2F70NsgODeg3PLS2rltSvn2eq6BU5aNWWsFmCv12-2F-2Fk56DqwuPwngKxKobAt4HjF9Ddec-2F9sArFCw21ZZ0ae0bbAa2LnTiilIWIrIaXEOp-2Bo54jZFYA8xIGA-3D HTTP 302
    https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://4698620.fls.doubleclick.net/activityi;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt HTTP 302
  • https://4698620.fls.doubleclick.net/activityi;dc_pre=CNDOlqirk4EDFQymGAodSs4Gyg;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wellconnected.murad.com/
Redirect Chain
  • http://trk.murad.com/ls/click?upn=bkaqLhKAS8FuleS4x8dBCfs2VLacnfSNbIYl4fiUiU88wJVGBgt9Cqn6ICdJJfK2aO6CgeztNGHPcXvBmY192hZvGTWeKmDELMzEMERsZdtUqrnkVUzT2gomSWBoqs3vgRLUUHe0UqycHm7LnUbB8hvu8s58Y3IoMOj...
  • https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD...
186 KB
70 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
34d3a42664933c0bfc961dcc10eeecf4b850fdadaa559007086696caf495ca1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
public, max-age=600
content-encoding
gzip
content-length
71441
content-type
text/html; charset=UTF-8
date
Tue, 05 Sep 2023 11:12:48 GMT
link
<https://wellconnected.murad.com/api/>; rel="https://api.w.org/" <https://wellconnected.murad.com/api/wp/v2/pages/18>; rel="alternate"; type="application/json" <https://wellconnected.murad.com/>; rel=shortlink
server
nginx
vary
Accept-Encoding, Cookie, Cookie
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-pantheon-styx-hostname
styx-fe2-a-75f45bdf4d-l4mt5
x-served-by
cache-chi-kigq8000139-CHI, cache-fra-eddf8230036-FRA
x-styx-req-id
24f732c0-4bdd-11ee-80e4-7aa0144e2b91
x-timer
S1693912367.449867,VS0,VE857

Redirect headers

Connection
keep-alive
Content-Length
298
Content-Type
text/html; charset=utf-8
Date
Tue, 05 Sep 2023 11:12:47 GMT
Location
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Server
nginx
X-Robots-Tag
noindex, nofollow
js
www.googletagmanager.com/gtag/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-916292-23
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c29738153f4382cfb3a589e5774b0dd04369036a2b040bcb482f869491f584ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:12:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66669
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Sep 2023 11:12:48 GMT
style.min.css
wellconnected.murad.com/wp-includes/css/dist/block-library/ 		57 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wellconnected.murad.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
29778a6252b89c79ad8a313692c3f4b8ff5e300c463858732f28da488dd2cc05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 14 Aug 2024 14:21:22 GMT
date
Tue, 05 Sep 2023 11:12:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-b-5b96c454df-hzkgd
age
1889485
x-cache
HIT, HIT
content-length
10983
x-served-by
cache-chi-klot8100148-CHI, cache-fra-eddf8230036-FRA
last-modified
Sat, 12 Aug 2023 23:11:07 GMT
server
nginx
x-timer
S1693912368.318525,VS0,VE1
etag
W/"64d8118b-e358"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
d864af59-3aad-11ee-8874-ca52f8f3098b
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
app.css
wellconnected.murad.com/wp-content/themes/murad/build/ 		74 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wellconnected.murad.com/wp-content/themes/murad/build/app.css?ver=1693884472
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
756f49614b9d74983be1a8c751e6febf1d4cdda92c480e251fdacc0ab81ab5bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Thu, 05 Sep 2024 03:33:12 GMT
date
Tue, 05 Sep 2023 11:12:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-b-869d798c96-k5kjr
age
27576
x-cache
HIT, HIT
content-length
18164
x-served-by
cache-chi-klot8100064-CHI, cache-fra-eddf8230036-FRA
last-modified
Tue, 05 Sep 2023 03:27:52 GMT
server
nginx
x-timer
S1693912368.318674,VS0,VE1
etag
W/"64f6a038-1263f"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
f0e3481f-4b9c-11ee-bf95-f6ddde35eb87
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
16, 1
frontend-gtag.min.js
wellconnected.murad.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellconnected.murad.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=7.18.0
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Thu, 08 Aug 2024 15:03:29 GMT
date
Tue, 05 Sep 2023 11:12:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-a-67d675c8c9-m4dk8
age
2405359
x-cache
HIT, HIT
content-length
3031
x-served-by
cache-chi-kigq8000091-CHI, cache-fra-eddf8230036-FRA
last-modified
Tue, 08 Aug 2023 10:44:46 GMT
server
nginx
x-timer
S1693912368.318646,VS0,VE2
etag
W/"64d21c9e-23d2"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
bbe9c1b8-35fc-11ee-8ddd-268ed9a77419
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
jquery.min.js
wellconnected.murad.com/wp-includes/js/jquery/ 		87 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellconnected.murad.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Thu, 15 Aug 2024 10:49:11 GMT
date
Tue, 05 Sep 2023 11:12:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-b-76757478-xs284
age
1815817
x-cache
HIT, HIT
content-length
36073
x-served-by
cache-chi-kigq8000131-CHI, cache-fra-eddf8230036-FRA
last-modified
Mon, 14 Aug 2023 13:14:44 GMT
server
nginx
x-timer
S1693912368.318778,VS0,VE2
etag
W/"64da28c4-15d98"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
5e605ca4-3b59-11ee-bc01-72c0436b5917
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
jquery-migrate.min.js
wellconnected.murad.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellconnected.murad.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Fri, 02 Aug 2024 11:01:23 GMT
date
Tue, 05 Sep 2023 11:12:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-b-96855f667-gpsbz
age
2938285
x-cache
HIT, HIT
content-length
4565
x-served-by
cache-chi-klot8100144-CHI, cache-fra-eddf8230036-FRA
last-modified
Wed, 02 Aug 2023 08:10:51 GMT
server
nginx
x-timer
S1693912368.319141,VS0,VE1
etag
W/"64ca0f8b-2bd8"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
eb4ae22e-3123-11ee-a16a-2672df6793f9
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
2, 1
gtm.js
www.googletagmanager.com/ 		215 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-58BXKFP
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9bb69893a4526a13bfc0e226b602753d6390bcb0e4758285681b3eaa14148700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:12:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79591
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Sep 2023 11:12:48 GMT
wp-emoji-release.min.js
wellconnected.murad.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellconnected.murad.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Fri, 16 Aug 2024 14:26:05 GMT
date
Tue, 05 Sep 2023 11:12:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-b-76757478-mz8rt
age
1716404
x-cache
HIT, HIT
content-length
5269
x-served-by
cache-chi-kigq8000065-CHI, cache-fra-eddf8230036-FRA
last-modified
Sun, 13 Aug 2023 12:12:45 GMT
server
nginx
x-timer
S1693912368.381730,VS0,VE5
etag
W/"64d8c8bd-3795"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
d5585252-3c40-11ee-9c5c-c2904b3aa328
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
2, 1
small_logo_1554237675__33433.original.png
cdn11.bigcommerce.com/s-pk4lhtd86v/images/stencil/250x100/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn11.bigcommerce.com/s-pk4lhtd86v/images/stencil/250x100/small_logo_1554237675__33433.original.png
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d53b04d632881559406dbb64206e2874434cb94d2a95bd869458f8b6c3edfd5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:12:48 GMT
x-bc-is-ha
1
cf-cache-status
HIT
x-bc-origin-cache
MISS
bc-ray
1
age
9651519
cf-polished
origFmt=png, origSize=4950
content-disposition
inline; filename="small_logo_1554237675__33433.webp"
alt-svc
h3=":443"; ma=86400
content-length
3804
x-request-id
4f23e7b9bce76979f0d1dcfae465d5c4
cf-bgj
imgq:100,h2pri
last-modified
Thu, 11 May 2023 23:03:02 GMT
server
cloudflare
vary
Accept
access-control-max-age
604800
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31556926, public
accept-ranges
bytes
cf-ray
801e0a0e9f442c53-FRA
expires
Sat, 11 May 2024 04:51:48 GMT
Instagram.svg
images.ctfassets.net/xkrknvgqff10/6d5e2kFIFAHV8gZ4jsOgK9/9216bf18a3ab33d3372501831e0c88f3/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/xkrknvgqff10/6d5e2kFIFAHV8gZ4jsOgK9/9216bf18a3ab33d3372501831e0c88f3/Instagram.svg
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:5000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
3195b0d40512efda54e02e3ebd50fae21abbffbc9c62a9b133364e4a3ac97a41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 04:44:49 GMT
content-encoding
gzip
via
1.1 0b2ae559ee268e62d32798bba4c8c014.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 22:58:30 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P4
age
23280
etag
W/"c7095977cefa08902d14aec11faeb53a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
MIq6-WZFAahJihF3eyIvbaGez9EpmHe-16v6Nk2M3Xc9UG-60hGnXw==
Facebook.svg
images.ctfassets.net/xkrknvgqff10/3GElpW9StusQa8S596LvSx/a13ddf07c2689c14a754618d921d41f9/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/xkrknvgqff10/3GElpW9StusQa8S596LvSx/a13ddf07c2689c14a754618d921d41f9/Facebook.svg
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:5000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
081349b14796948ce58f7191a8b489812c91f76019d0c042d37c22263f825c6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 03:42:03 GMT
content-encoding
gzip
via
1.1 0b2ae559ee268e62d32798bba4c8c014.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 23:00:39 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P4
age
27046
etag
W/"468e78322ef8faa026adf56ae006c7ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
0Mzo3h5SlGprCjhDqwao6bicunQWGMscu70XohVhwQdq3bV-UK6mFw==
english-ea-icon.png
www.murad.com/content/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.murad.com/content/english-ea-icon.png
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.54.15.10 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
10.15.54.45.ptr.anycast.net
Software
cloudflare /
Resource Hash
9b9eca7a574c9aa4b6d86f2dc8837bef810055b8c07f0d642f22c3d4f51a27b5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:12:48 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
zy-accelerated
0
content-transfer-encoding
binary
zy-server
Zcachex/17.29:R
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3662
x-request-id
d3ecbca0c2e5373c396a7a548d40660e
last-modified
Thu, 08 Apr 2021 17:39:13 +0000
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
604800
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4EvZhS8T8aN%2B3x43NSqRemJwlNLUNP7657wuy43LOG3B6ImyccbEZRYo3Bzn5CdORSnWOVo6lRrqbO5lOYSe6UgOuRrnYCIciqrCAtwACTOxyXJ51mSNzNwiDTeUeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
zy-cache-status
REVALIDATED
cache-control
max-age=10
zy-exp
3
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
73aaee21791b9b51-FRA
expires
Sun, 14 Aug 2022 16:05:17 GMT
icon1.png
c.evidon.com/pub/ 		600 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/pub/icon1.png
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-138.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:12:48 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2011 18:30:38 GMT
server
AkamaiNetStorage
etag
"d08da9f445b63100a56646de99043059:1307039438"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=864000
accept-ranges
bytes
access-control-allow-headers
*
content-length
623
top-10-tracker.min.js
wellconnected.murad.com/wp-content/plugins/top-10/includes/js/ 		286 B
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wellconnected.murad.com/wp-content/plugins/top-10/includes/js/top-10-tracker.min.js?ver=1.0
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d0a77e495359613dd0f75850a9b9a541f059b6f215c76acddb418bedb7a2cf6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 14 Aug 2024 17:30:55 GMT
date
Tue, 05 Sep 2023 11:12:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-a-67d675c8c9-nlxn4
age
1878112
x-cache
HIT, HIT
content-length
154
x-served-by
cache-chi-kigq8000162-CHI, cache-fra-eddf8230036-FRA
last-modified
Sat, 12 Aug 2023 23:11:07 GMT
server
nginx
x-timer
S1693912368.364394,VS0,VE5
etag
W/"64d8118b-11e"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
533771e8-3ac8-11ee-b0ee-5aada2cb589f
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
2, 1
app.js
wellconnected.murad.com/wp-content/themes/murad/build/ 		378 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellconnected.murad.com/wp-content/themes/murad/build/app.js?ver=1693884472
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8b648b9a18c128cbf76a822460d0c37416aaee20161ccfef41d7342925c4434e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Thu, 05 Sep 2024 03:33:12 GMT
date
Tue, 05 Sep 2023 11:12:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-a-75f45bdf4d-cdpk8
age
27576
x-cache
HIT, HIT
content-length
138236
x-served-by
cache-chi-kigq8000109-CHI, cache-fra-eddf8230036-FRA
last-modified
Mon, 04 Sep 2023 02:25:42 GMT
server
nginx
x-timer
S1693912368.381312,VS0,VE2
etag
W/"64f54026-5e7db"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
f0e28588-4b9c-11ee-bbe8-aee58b288ed2
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
wp-embed.min.js
wellconnected.murad.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellconnected.murad.com/wp-includes/js/wp-embed.min.js?ver=5.7
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Mon, 12 Aug 2024 11:17:03 GMT
date
Tue, 05 Sep 2023 11:12:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-a-67d675c8c9-m4dk8
age
2073346
x-cache
HIT, HIT
content-length
779
x-served-by
cache-chi-kigq8000179-CHI, cache-fra-eddf8230036-FRA
last-modified
Thu, 10 Aug 2023 15:00:48 GMT
server
nginx
x-timer
S1693912368.381408,VS0,VE1
etag
W/"64d4fba0-592"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
c355ab6b-3901-11ee-ab85-268ed9a77419
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 71
truncated
/ 		474 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26dbe9181be3226b0f77e2f469aaab3d06934b8b26f5a10640336045c206acd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		451 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79ad58670c6451676deba0ccba7dfad86d46c91726cde1f2d7cce046212e9943

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2353b64c73537da988dbb4e4f1c5a98cfda905cf5e64a50aa947a8557b94495b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76c34a90db3ace194d6649877b3d25d5dcebe64eb48f755da6250d7d66caa617

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
097179019e5389846952769fadd2fe5d8b2c8b7f91e4ce7c5bb3363aa780ea43

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9523b236b4599e4d5cfb130744b6939ef096c374dddd1306a417352061a66a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0988e1aa2a617eb201eef89f2f20f5628324c1fd1fb3c7e0962ad66a695cddb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73da0ef794cc657a970e1bd31751c23d41f9bd1a294d3411f6ca988cfa16c008

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90c5c8771c57f3f8829034135835306bdbf0288d0954168326199efe696a3bdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
805f381f4bcd9e24d36bf5a3e2f6910ab3317e71eb24ec6e34d1c0b3a7072e2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
251faae80a9d7418c73101080632f92c5597ce0393cb7d561f4960a926525c4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6086f45d8bde9f86c8d28d4f139929b89ed225cd377ce5359232378c6217b3e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a78681079967ea2c29adf245672bdb69671af8f154478b9613dd153b11c5a7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3065ec70a405794f179819632a4d3a309540d70bc54969c4ac78fea4b0a44a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02df0d2c312e3b1b78073d123b704fe25da0e46a907b91d6e65187d32f59152f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a37e5c0dedd2f1c8cfab683a324fe1a1c46c3414ae716902c1d8c6d93e6fdbf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f19ae1b0f9785862a9513a652f1e52f420c56bf65d150bd0f2b8ab48a2cfd439

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
Cruelty-Free.png
cdn11.bigcommerce.com/s-pk4lhtd86v/stencil/1f746b80-8056-0139-d09c-7e0cfece785b/e/a4ea4cc0-a828-0137-2c5a-0242ac11003d/img/ 		9 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn11.bigcommerce.com/s-pk4lhtd86v/stencil/1f746b80-8056-0139-d09c-7e0cfece785b/e/a4ea4cc0-a828-0137-2c5a-0242ac11003d/img/Cruelty-Free.png
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.200.160.253 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3ebaa16dd9d9b9fc107c42183fb6cf9d22927e1af03dbbdfa0ccc38e4e4ac31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:12:48 GMT
cf-cache-status
EXPIRED
bc-ray
1
server
cloudflare
etag
"625850d6-9"
access-control-max-age
604800
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=30
cf-ray
801e0a0e9f462c53-FRA
alt-svc
h3=":443"; ma=86400
content-length
9
x-request-id
2a49aee8d663a17f08d8668659b928fc
truncated
/ 		290 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2aa98ca8c8ec3d6746f9cc086ce99229d273603428c69fedb41d4a29a35293a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
tt_norms_medium-webfont.woff
wellconnected.murad.com/wp-content/themes/murad/src/fonts/tt_norms/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wellconnected.murad.com/wp-content/themes/murad/src/fonts/tt_norms/tt_norms_medium-webfont.woff
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/wp-content/themes/murad/build/app.css?ver=1693884472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ba3ec4b5fcdedd725f2a67e7442e4ec06fac66ddd0706a93bc9faf65560d4c10

Request headers

Referer
https://wellconnected.murad.com/wp-content/themes/murad/build/app.css?ver=1693884472
Origin
https://wellconnected.murad.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Thu, 08 Aug 2024 11:47:50 GMT
date
Tue, 05 Sep 2023 11:12:48 GMT
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-b-5b96c454df-zlvbw
age
2417098
x-cache
HIT, HIT
content-length
26048
x-served-by
cache-chi-kigq8000112-CHI, cache-fra-eddf8230036-FRA
last-modified
Mon, 07 Aug 2023 00:14:33 GMT
server
nginx
x-timer
S1693912368.399327,VS0,VE2
etag
"64d03769-65c0"
content-type
font/woff
access-control-allow-origin
*
x-styx-req-id
66b4c2eb-35e1-11ee-a93e-66af8b1b1f47
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
tt_norms_regular-webfont.woff
wellconnected.murad.com/wp-content/themes/murad/src/fonts/tt_norms/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wellconnected.murad.com/wp-content/themes/murad/src/fonts/tt_norms/tt_norms_regular-webfont.woff
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/wp-content/themes/murad/build/app.css?ver=1693884472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
46795caa76fbb3eea41d66d6f9fc8f9eb7de01930009ab36353c4795527d04bc

Request headers

Referer
https://wellconnected.murad.com/wp-content/themes/murad/build/app.css?ver=1693884472
Origin
https://wellconnected.murad.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 07 Aug 2024 17:27:56 GMT
date
Tue, 05 Sep 2023 11:12:48 GMT
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-a-67d675c8c9-qrhbn
age
2483092
x-cache
HIT, HIT
content-length
26368
x-served-by
cache-chi-kigq8000147-CHI, cache-fra-eddf8230036-FRA
last-modified
Sat, 05 Aug 2023 22:01:08 GMT
server
nginx
x-timer
S1693912368.399334,VS0,VE2
etag
"64cec6a4-6700"
content-type
font/woff
access-control-allow-origin
*
x-styx-req-id
bfa34269-3547-11ee-aac3-3a16f4fdc8bf
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
tt_norms_bold-webfont.woff
wellconnected.murad.com/wp-content/themes/murad/src/fonts/tt_norms/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wellconnected.murad.com/wp-content/themes/murad/src/fonts/tt_norms/tt_norms_bold-webfont.woff
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/wp-content/themes/murad/build/app.css?ver=1693884472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
46189e8ca0429fcd323814b655dbe0e7a25347fd636156ceae8d14019ac7f141

Request headers

Referer
https://wellconnected.murad.com/wp-content/themes/murad/build/app.css?ver=1693884472
Origin
https://wellconnected.murad.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 04 Sep 2024 13:23:13 GMT
date
Tue, 05 Sep 2023 11:12:48 GMT
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-a-75f45bdf4d-8fpp2
age
78575
x-cache
HIT, HIT
content-length
26900
x-served-by
cache-chi-kigq8000070-CHI, cache-fra-eddf8230036-FRA
last-modified
Mon, 04 Sep 2023 02:25:42 GMT
server
nginx
x-timer
S1693912368.399442,VS0,VE2
etag
"64f54026-6914"
content-type
font/woff
access-control-allow-origin
*
x-styx-req-id
3308e629-4b26-11ee-a95f-e2f86a7ba4f0
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
NoeDisplay-Medium.woff
wellconnected.murad.com/wp-content/themes/murad/src/fonts/NoeDisplay/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wellconnected.murad.com/wp-content/themes/murad/src/fonts/NoeDisplay/NoeDisplay-Medium.woff
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/wp-content/themes/murad/build/app.css?ver=1693884472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3a32f14c4f2968e78f165211c15c460017bb9d49c7673adbd0291e82c38e97ad

Request headers

Referer
https://wellconnected.murad.com/wp-content/themes/murad/build/app.css?ver=1693884472
Origin
https://wellconnected.murad.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Thu, 08 Aug 2024 02:21:54 GMT
date
Tue, 05 Sep 2023 11:12:48 GMT
via
1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname
styx-fe2-a-67d675c8c9-thx64
age
2451053
x-cache
HIT, HIT
content-length
45556
x-served-by
cache-chi-klot8100118-CHI, cache-fra-eddf8230036-FRA
last-modified
Sun, 06 Aug 2023 08:55:19 GMT
server
nginx
x-timer
S1693912368.399475,VS0,VE2
etag
"64cf5ff7-b1f4"
content-type
font/woff
access-control-allow-origin
*
x-styx-req-id
57b4c37c-3592-11ee-b967-d2521ba5c3eb
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin
https://wellconnected.murad.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
757b7dc9770c95cb0b511b6b6107374b4d5dc3bb76e90e0df601bb3c8ec3cb13

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/jpeg
SkincareDupes_Desktop-1460x948.jpg
wellconnected.murad.com/wp-content/uploads/2023/08/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellconnected.murad.com/wp-content/uploads/2023/08/SkincareDupes_Desktop-1460x948.jpg
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
96292b88ddb3614d82ac751c80d4254322895872b2f44a4b89040e9ba6fcb512

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-a-85758c8d7d-jscv5
date
Tue, 05 Sep 2023 11:12:48 GMT
via
1.1 varnish, 1.1 varnish
expires
Wed, 21 Aug 2024 20:50:02 GMT
age
1261366
x-cache
HIT, HIT
content-length
118608
x-served-by
cache-chi-klot8100044-CHI, cache-fra-eddf8230036-FRA
last-modified
Fri, 18 Aug 2023 17:55:14 GMT
server
nginx
x-timer
S1693912369.567892,VS0,VE3
etag
"64dfb082-1cf50"
content-type
image/jpeg
x-styx-req-id
4d0a5b7b-4064-11ee-9eb8-1a1317d010e2
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
4, 1
AmpUpHydration_Desktop.jpg
wellconnected.murad.com/wp-content/uploads/2023/07/ 		447 KB
447 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellconnected.murad.com/wp-content/uploads/2023/07/AmpUpHydration_Desktop.jpg
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
129ccdcd95a192eaeb4dfd28d5e6eecbd43b320270869414f8224dc61442612f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-b-76757478-l4cn8
date
Tue, 05 Sep 2023 11:12:48 GMT
via
1.1 varnish, 1.1 varnish
expires
Sat, 17 Aug 2024 06:56:34 GMT
age
1656974
x-cache
HIT, HIT
content-length
457396
x-served-by
cache-chi-klot8100064-CHI, cache-fra-eddf8230036-FRA
last-modified
Thu, 13 Jul 2023 16:55:22 GMT
server
nginx
x-timer
S1693912369.568085,VS0,VE3
etag
"64b02c7a-6fab4"
content-type
image/jpeg
x-styx-req-id
33e9637e-3ccb-11ee-b2b7-e606943b64d7
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
/
wellconnected.murad.com/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wellconnected.murad.com/
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-cache-hits
0, 0
date
Tue, 05 Sep 2023 11:12:48 GMT
via
1.1 varnish, 1.1 varnish
x-served-by
cache-chi-klot8100087-CHI, cache-fra-eddf8230036-FRA
server
nginx
x-timer
S1693912369.596515,VS0,VE171
age
0
vary
Cookie, Cookie
x-cache
MISS, MISS
content-type
text/html; charset=UTF-8
x-styx-req-id
25a57584-4bdd-11ee-a827-6ea7dbf5f937
cache-control
max-age=15, s-maxage=0
accept-ranges
bytes
x-pantheon-styx-hostname
styx-fe2-a-75f45bdf4d-ls9ws
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9Q2VVRXBH1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-916292-23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
799c058054edbfa739a3e03c1620a3adb2ed314019c79ca81cc350046e662e4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:12:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80287
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 11:12:48 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-916292-23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 05 Sep 2023 09:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4985
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 05 Sep 2023 11:49:43 GMT
activityi;dc_pre=CNDOlqirk4EDFQymGAodSs4Gyg;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=https%3A%2F%2Fwellconnected.murad.com...
4698620.fls.doubleclick.net/ Frame 4871
Redirect Chain
  • https://4698620.fls.doubleclick.net/activityi;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=https%3A%2F%2Fwellconnected.murad.c...
  • https://4698620.fls.doubleclick.net/activityi;dc_pre=CNDOlqirk4EDFQymGAodSs4Gyg;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=h...
768 B
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4698620.fls.doubleclick.net/activityi;dc_pre=CNDOlqirk4EDFQymGAodSs4Gyg;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58BXKFP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
fa97d9f5c551aabe68ad73f828dcb18361b4d0c1ae9ed5126e347f76947f73ad
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wellconnected.murad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
484
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 11:12:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 11:12:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://4698620.fls.doubleclick.net/activityi;dc_pre=CNDOlqirk4EDFQymGAodSs4Gyg;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
core.js
s.pinimg.com/ct/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58BXKFP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88e::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ead6823661424768b4c9937e621bb9d9d2761d76b8833ba91814db8f6ac64d88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"7df08062d435f555b71cfccfc318ebf5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1471
22661
cdn.bttrack.com/universal/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bttrack.com/universal/22661
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58BXKFP
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
f03b7ae54bd87cc8e1331a03819e8d2a643274bce3152c9f662f12b6472ce6df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 11:12:49 GMT
Cache-Control
max-age=900
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2791
X-HW
1693912368.dop206.am5.t,1693912368.cds152.am5.shn,1693912368.dop206.am5.t,1693912368.cds300.am5.p
Content-Type
application/javascript; charset=utf-8
fbevents.js
connect.facebook.net/en_US/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 05 Sep 2023 11:12:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
gaQTBLpSTpOCCiIcMERDqhsFGlYdgh0R24b8YK1l04L4e5QLkh01hYpHDX8Z4Jwkd79am4FvoMjupSL8zxi23g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
292431100948576
connect.facebook.net/signals/config/ 		158 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/292431100948576?v=2.9.125&r=stable&domain=wellconnected.murad.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b0842d47db50b098a7efbdcfbab3a0e498a22813a7da6fd142ce0b1e0b4970e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 05 Sep 2023 11:12:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
Mm2AVF8q8xx0AsYJeoS5h84agVw+7vNgPNxZCh2ExZPhBqHYuaAYKXinjiUhLuEcLEeMITG6hvtffF9XXjRBsA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9Q2VVRXBH1&gtm=45je38u0&_p=1904450058&gdid=dZGIzZG&cid=665929142.1693912369&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1693912368&sct=1&seg=0&dl=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt&dt=Murad%20Skincare%20%7C%20Clinical%20Skin%20Care%20Company&en=page_view&_fv=1&_nsi=1&_ss=1&ep.forceSSL=true&ep.link_attribution=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9Q2VVRXBH1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 11:12:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wellconnected.murad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.c4ef6d39.js
s.pinimg.com/ct/lib/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.c4ef6d39.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88e::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
329e9bb6bfed9cb78a0335435bb2d7864dfb82b05f4a485a0fa0f4651078dff2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"11df831a6dba22ec7a85dcb9b7c7b3d7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18185
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 10:23:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
2959
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 05 Sep 2023 11:23:29 GMT
/
ct.pinterest.com/user/ 		562 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2618621410025&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1693912368784&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.c4ef6d39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:12:48 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
4
x-pinterest-rid
1653497954068802
content-length
385
pin-unauth
dWlkPU5qbGxZbUpqT1RNdE1UZzFNeTAwTURFekxUazBaVFF0T0RVNE9ERXlOR05tTTJFeQ
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wellconnected.murad.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
1fa57918b882768a5be70264ab996037bc2e4b6f
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2618621410025&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c4ef6d39%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1693912368786
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 11:12:48 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
pinterest-version
1fa57918b882768a5be70264ab996037bc2e4b6f
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
x-pinterest-rid
1552392975756125
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1904450058&t=pageview&_s=1&dl=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt&ul=en-us&de=UTF-8&dt=Murad%20Skincare%20%7C%20Clinical%20Skin%20Care%20Company&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUIhAAAAACAAI~&jid=1834710806&gjid=614896758&cid=665929142.1693912369&tid=UA-916292-23&_gid=651272874.1693912369&_r=1&gtm=457e38u0&did=dZGIzZG&gdid=dZGIzZG&jsscut=1&z=1296912170
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wellconnected.murad.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 11:12:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wellconnected.murad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1904450058&t=pageview&_s=1&dl=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt&ul=en-us&de=UTF-8&dt=Murad%20Skincare%20%7C%20Clinical%20Skin%20Care%20Company&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACUIhBAAAACAAI~&jid=1535653501&gjid=871853641&cid=665929142.1693912369&tid=UA-916292-1&_gid=651272874.1693912369&_r=1&_slc=1&gtm=45He38u0n8158BXKFP&z=1689782404
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wellconnected.murad.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 11:12:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wellconnected.murad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=292431100948576&ev=PageView&dl=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt&rl=&if=false&ts=1693912368850&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693912368840.411722939&ic=fbpixel&cs_est=true&it=1693912368703&coo=false&rqm=GET
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 05 Sep 2023 11:12:48 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
stats.g.doubleclick.net/j/ 		4 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-916292-1&cid=665929142.1693912369&jid=1535653501&gjid=871853641&_gid=651272874.1693912369&_u=aCDACUIhBAAAACAAI~&z=1071297455
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wellconnected.murad.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 05 Sep 2023 11:12:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wellconnected.murad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-916292-1&cid=665929142.1693912369&jid=1535653501&_u=aCDACUIhBAAAACAAI~&z=2049884907
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 11:12:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-916292-1&cid=665929142.1693912369&jid=1535653501&_u=aCDACUIhBAAAACAAI~&z=2049884907
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 11:12:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CNDOlqirk4EDFQymGAodSs4Gyg;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_...
adservice.google.com/ddm/fls/i/ Frame 8EB9 		767 B
861 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CNDOlqirk4EDFQymGAodSs4Gyg;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt
Requested by
Host: 4698620.fls.doubleclick.net
URL: https://4698620.fls.doubleclick.net/activityi;dc_pre=CNDOlqirk4EDFQymGAodSs4Gyg;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96ccc66d01fc9318517a92c34742c504e754dbad806cd62dedcbc75d55669d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4698620.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
486
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 11:12:49 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
analytics.min.js
cdn.bttrack.com/js/15781/analytics/1.0/ 		599 B
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bttrack.com/js/15781/analytics/1.0/analytics.min.js
Requested by
Host: cdn.bttrack.com
URL: https://cdn.bttrack.com/universal/22661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
067481a1794051bb0cff5981c5a0edf8c2c45542752623903a719a21d8a9c848

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 11:12:49 GMT
Content-Encoding
gzip
X-HW
1693912368.dop206.am5.t,1693912368.cds152.am5.shn,1693912369.dop206.am5.t,1693912369.cds125.am5.c
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=9950
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
369
default
bttrack.com/Pixel/Conversion/15781/ 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/Pixel/Conversion/15781/default?type=img
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.46.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-servername
Track003-iad
pragma
no-cache
date
Tue, 05 Sep 2023 11:12:00 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
js
bttrack.com/engagement/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bttrack.com/engagement/js?goalId=15781&cb=1693912369103
Requested by
Host: cdn.bttrack.com
URL: https://cdn.bttrack.com/js/15781/analytics/1.0/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.46.bidtellect.com
Software
/
Resource Hash
668d0f4a86033cfc51e5b88a1d7bcbbc98c41bedda8d71d471192a05f59a9a29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-servername
Track004-iad
pragma
no-cache
date
Tue, 05 Sep 2023 11:12:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
content-type
text/javascript; charset=utf-8
cache-control
private,no-cache
expires
-1
dc_pre=CNDOlqirk4EDFQymGAodSs4Gyg;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_...
adservice.google.de/ddm/fls/i/ Frame A331 		194 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CNDOlqirk4EDFQymGAodSs4Gyg;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNDOlqirk4EDFQymGAodSs4Gyg;src=4698620;type=baretarg;cat=wellc0;ord=1;num=8153688650434;auiddc=832134814.1693912369;gtm=45He38u0;epver=2;~oref=https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 11:12:49 GMT
expires
Tue, 05 Sep 2023 11:12:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ Frame 0E31 		0
77 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: wellconnected.murad.com
URL: https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://wellconnected.murad.com
Referer
https://wellconnected.murad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://wellconnected.murad.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 11:12:49 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
event
bttrack.com/engagement/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215781%22%2C%22sessionId%22%3A%22a5ee7584-f549-4fdd-bd1d-f0dd061d4254%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
Requested by
Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15781&cb=1693912369103
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.46.bidtellect.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-servername
Track002-iad
pragma
no-cache
date
Tue, 05 Sep 2023 11:12:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
content-type
text/plain
access-control-allow-origin
*
cache-control
private,no-cache
content-length
0
expires
-1
getpixels
bttrack.com/engagement/ 		0
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bttrack.com/engagement/getpixels?gid=15781
Requested by
Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15781&cb=1693912369103
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.46.bidtellect.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-servername
Track004-iad
pragma
no-cache
date
Tue, 05 Sep 2023 11:12:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
content-type
text/html
access-control-allow-origin
*
cache-control
private,no-cache
content-length
0
expires
-1
ct.html
ct.pinterest.com/ Frame 1D64 		565 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.c4ef6d39.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer
https://wellconnected.murad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Tue, 05 Sep 2023 11:12:49 GMT
pinterest-version
1fa57918b882768a5be70264ab996037bc2e4b6f
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
1
x-pinterest-rid
4609001325732964
BeautyTourism_Desktop-1-1460x948.jpg
wellconnected.murad.com/wp-content/uploads/2023/08/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellconnected.murad.com/wp-content/uploads/2023/08/BeautyTourism_Desktop-1-1460x948.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c378bdadb9cde260d081619a34444265d1295d633fb9fc5e4961f72cdf36aa6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-b-76757478-4r9xt
date
Tue, 05 Sep 2023 11:12:50 GMT
via
1.1 varnish, 1.1 varnish
expires
Wed, 21 Aug 2024 20:50:03 GMT
age
1261366
x-cache
HIT, HIT
content-length
137217
x-served-by
cache-chi-klot8100121-CHI, cache-fra-eddf8230036-FRA
last-modified
Fri, 18 Aug 2023 17:58:46 GMT
server
nginx
x-timer
S1693912370.472186,VS0,VE3
etag
"64dfb156-21801"
content-type
image/jpeg
x-styx-req-id
4daff205-4064-11ee-8bc3-eaafcc6e8322
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
SweatingDosAndDonts_Desktop-1460x948.jpg
wellconnected.murad.com/wp-content/uploads/2023/07/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellconnected.murad.com/wp-content/uploads/2023/07/SweatingDosAndDonts_Desktop-1460x948.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7412d4258d53156784258d6f214d68d65b002b871f9348c013513da8a862975

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-b-76757478-xs284
date
Tue, 05 Sep 2023 11:12:50 GMT
via
1.1 varnish, 1.1 varnish
expires
Thu, 15 Aug 2024 13:11:04 GMT
age
1807306
x-cache
HIT, HIT
content-length
117992
x-served-by
cache-chi-kigq8000028-CHI, cache-fra-eddf8230036-FRA
last-modified
Tue, 25 Jul 2023 22:00:29 GMT
server
nginx
x-timer
S1693912370.472233,VS0,VE2
etag
"64c045fd-1cce8"
content-type
image/jpeg
x-styx-req-id
305920a8-3b6d-11ee-bc01-72c0436b5917
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
IrishSeaMoss-Algae_Desktop-1-1460x948.jpg
wellconnected.murad.com/wp-content/uploads/2023/07/ 		267 KB
267 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellconnected.murad.com/wp-content/uploads/2023/07/IrishSeaMoss-Algae_Desktop-1-1460x948.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a62b007c13beb696ad74cd1316a5b684b3e16775fdcc5f98f984da59f60970a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-b-76757478-mz8rt
date
Tue, 05 Sep 2023 11:12:50 GMT
via
1.1 varnish, 1.1 varnish
expires
Thu, 15 Aug 2024 13:11:04 GMT
age
1807306
x-cache
HIT, HIT
content-length
273165
x-served-by
cache-chi-klot8100082-CHI, cache-fra-eddf8230036-FRA
last-modified
Tue, 25 Jul 2023 22:02:47 GMT
server
nginx
x-timer
S1693912370.472993,VS0,VE3
etag
"64c04687-42b0d"
content-type
image/jpeg
x-styx-req-id
30583636-3b6d-11ee-9c5c-c2904b3aa328
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
SEO_Blackheads_Desktop.jpg
wellconnected.murad.com/wp-content/uploads/2023/07/ 		408 KB
408 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellconnected.murad.com/wp-content/uploads/2023/07/SEO_Blackheads_Desktop.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
532e3a45b1fc950802a8c587e7f82e3534e36905a4ea49dcec5dc0918685b317

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-a-7b694cf97c-2wfdn
date
Tue, 05 Sep 2023 11:12:50 GMT
via
1.1 varnish, 1.1 varnish
expires
Fri, 02 Aug 2024 19:00:28 GMT
age
2909541
x-cache
HIT, HIT
content-length
417399
x-served-by
cache-chi-kigq8000136-CHI, cache-fra-eddf8230036-FRA
last-modified
Tue, 25 Jul 2023 21:42:03 GMT
server
nginx
x-timer
S1693912370.472465,VS0,VE3
etag
"64c041ab-65e77"
content-type
image/jpeg
x-styx-req-id
d8a7f542-3166-11ee-ab18-1ec39d5a2690
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
NeckWrinkles_Desktop-scaled.jpg
wellconnected.murad.com/wp-content/uploads/2021/12/ 		191 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellconnected.murad.com/wp-content/uploads/2021/12/NeckWrinkles_Desktop-scaled.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c953f6a1acca8896e7d99b2fb7b0b01cb4e5d13ce82fa7e7c93799c9630ac9c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/?utm_source=Skin%20Quiz%20Promote&utm_medium=email&utm_campaign=Skin%20quiz%20promote%20email%20%232&utm_content=automation&utm_klaviyo_id=01EJ96R8XC5TNMJS89EMSE45VD&_kx=_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%3D.RMWZEt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-b-76757478-2m92z
date
Tue, 05 Sep 2023 11:12:50 GMT
via
1.1 varnish, 1.1 varnish
expires
Thu, 22 Aug 2024 14:02:00 GMT
age
1199450
x-cache
HIT, HIT
content-length
195209
x-served-by
cache-chi-klot8100063-CHI, cache-fra-eddf8230036-FRA
last-modified
Mon, 20 Dec 2021 17:13:16 GMT
server
nginx
x-timer
S1693912370.472433,VS0,VE2
etag
"61c0b9ac-2fa89"
content-type
image/jpeg
x-styx-req-id
76e157f8-40f4-11ee-811a-b666013b3cd7
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1
event
bttrack.com/engagement/ 		0
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215781%22%2C%22sessionId%22%3A%22a5ee7584-f549-4fdd-bd1d-f0dd061d4254%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A2%2C%22url%22%3A%22https%3A%2F%2Fwellconnected.murad.com%2F%3Futm_source%3DSkin%2520Quiz%2520Promote%26utm_medium%3Demail%26utm_campaign%3DSkin%2520quiz%2520promote%2520email%2520%25232%26utm_content%3Dautomation%26utm_klaviyo_id%3D01EJ96R8XC5TNMJS89EMSE45VD%26_kx%3D_t6XFAsyQic9QFBlmVP44j1jvCHClnwKEeMh0sMNjec%253D.RMWZEt%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
Requested by
Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15781&cb=1693912369103
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.46.bidtellect.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellconnected.murad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-servername
Track004-iad
pragma
no-cache
date
Tue, 05 Sep 2023 11:12:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
content-type
text/plain
access-control-allow-origin
*
cache-control
private,no-cache
content-length
0
expires
-1

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| dataLayer string| mi_version boolean| mi_track_user string| mi_no_track_reason string| disableStr function| __gtagTrackerIsOptedOut function| __gtagTrackerOptout function| gaOptout function| __gtagTracker function| gtag function| __gaTracker object| _wpemojiSettings object| monsterinsights_frontend function| MonsterInsights object| MonsterInsightsObject undefined| $ function| jQuery object| postsQuery object| ajax_tptn_tracker object| twemoji object| wp function| clearImmediate function| setImmediate object| regeneratorRuntime object| Modernizr object| lazySizes object| picturefillCFG function| picturefill undefined| s_code object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| pintrk function| fbq function| _fbq object| gaGlobal object| gaplugins object| gaData object| bidtellectEngagement object| bidtellect

12 Cookies

Domain/Path Name / Value
.murad.com/ Name: _gcl_au
Value: 1.1.832134814.1693912369
.www.murad.com/ Name: zy_did
Value: 94E53C8A-BAD5-0433-6EC5-537E824BB0AE
.www.murad.com/ Name: zy_bid
Value: 8
.murad.com/ Name: _ga_9Q2VVRXBH1
Value: GS1.1.1693912368.1.0.1693912368.0.0.0
.murad.com/ Name: _ga
Value: GA1.2.665929142.1693912369
.murad.com/ Name: _gid
Value: GA1.2.651272874.1693912369
.murad.com/ Name: _gat_gtag_UA_916292_23
Value: 1
.murad.com/ Name: _gat_UA-916292-1
Value: 1
.murad.com/ Name: _fbp
Value: fb.1.1693912368840.411722939
.pinterest.com/ Name: ar_debug
Value: 1
.wellconnected.murad.com/ Name: _pin_unauth
Value: dWlkPU5qbGxZbUpqT1RNdE1UZzFNeTAwTURFekxUazBaVFF0T0RVNE9ERXlOR05tTTJFeQ
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://cdn11.bigcommerce.com/s-pk4lhtd86v/stencil/1f746b80-8056-0139-d09c-7e0cfece785b/e/a4ea4cc0-a828-0137-2c5a-0242ac11003d/img/Cruelty-Free.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4698620.fls.doubleclick.net
adservice.google.com
adservice.google.de
bttrack.com
c.evidon.com
cdn.bttrack.com
cdn11.bigcommerce.com
connect.facebook.net
ct.pinterest.com
images.ctfassets.net
region1.google-analytics.com
s.pinimg.com
stats.g.doubleclick.net
trk.murad.com
wellconnected.murad.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.murad.com
142.250.186.102
151.101.0.84
167.89.118.83
192.132.33.46
192.200.160.253
2.17.100.138
2001:4860:4802:34::36
2600:9000:26da:5000:12:94b3:c380:93a1
2620:12a:8001::2
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:400c:c04::9d
2a02:26f0:3500:88e::1931
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
45.54.15.10
69.16.175.10
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02df0d2c312e3b1b78073d123b704fe25da0e46a907b91d6e65187d32f59152f
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
067481a1794051bb0cff5981c5a0edf8c2c45542752623903a719a21d8a9c848
081349b14796948ce58f7191a8b489812c91f76019d0c042d37c22263f825c6b
097179019e5389846952769fadd2fe5d8b2c8b7f91e4ce7c5bb3363aa780ea43
0988e1aa2a617eb201eef89f2f20f5628324c1fd1fb3c7e0962ad66a695cddb2
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
129ccdcd95a192eaeb4dfd28d5e6eecbd43b320270869414f8224dc61442612f
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
2353b64c73537da988dbb4e4f1c5a98cfda905cf5e64a50aa947a8557b94495b
251faae80a9d7418c73101080632f92c5597ce0393cb7d561f4960a926525c4c
26dbe9181be3226b0f77e2f469aaab3d06934b8b26f5a10640336045c206acd2
29778a6252b89c79ad8a313692c3f4b8ff5e300c463858732f28da488dd2cc05
3195b0d40512efda54e02e3ebd50fae21abbffbc9c62a9b133364e4a3ac97a41
329e9bb6bfed9cb78a0335435bb2d7864dfb82b05f4a485a0fa0f4651078dff2
34d3a42664933c0bfc961dcc10eeecf4b850fdadaa559007086696caf495ca1f
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a32f14c4f2968e78f165211c15c460017bb9d49c7673adbd0291e82c38e97ad
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91
46189e8ca0429fcd323814b655dbe0e7a25347fd636156ceae8d14019ac7f141
46795caa76fbb3eea41d66d6f9fc8f9eb7de01930009ab36353c4795527d04bc
532e3a45b1fc950802a8c587e7f82e3534e36905a4ea49dcec5dc0918685b317
5a62b007c13beb696ad74cd1316a5b684b3e16775fdcc5f98f984da59f60970a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
6086f45d8bde9f86c8d28d4f139929b89ed225cd377ce5359232378c6217b3e3
668d0f4a86033cfc51e5b88a1d7bcbbc98c41bedda8d71d471192a05f59a9a29
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73da0ef794cc657a970e1bd31751c23d41f9bd1a294d3411f6ca988cfa16c008
756f49614b9d74983be1a8c751e6febf1d4cdda92c480e251fdacc0ab81ab5bb
757b7dc9770c95cb0b511b6b6107374b4d5dc3bb76e90e0df601bb3c8ec3cb13
76c34a90db3ace194d6649877b3d25d5dcebe64eb48f755da6250d7d66caa617
799c058054edbfa739a3e03c1620a3adb2ed314019c79ca81cc350046e662e4f
79ad58670c6451676deba0ccba7dfad86d46c91726cde1f2d7cce046212e9943
7a78681079967ea2c29adf245672bdb69671af8f154478b9613dd153b11c5a7f
805f381f4bcd9e24d36bf5a3e2f6910ab3317e71eb24ec6e34d1c0b3a7072e2b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b648b9a18c128cbf76a822460d0c37416aaee20161ccfef41d7342925c4434e
90c5c8771c57f3f8829034135835306bdbf0288d0954168326199efe696a3bdf
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96292b88ddb3614d82ac751c80d4254322895872b2f44a4b89040e9ba6fcb512
96ccc66d01fc9318517a92c34742c504e754dbad806cd62dedcbc75d55669d36
9b0842d47db50b098a7efbdcfbab3a0e498a22813a7da6fd142ce0b1e0b4970e
9b9eca7a574c9aa4b6d86f2dc8837bef810055b8c07f0d642f22c3d4f51a27b5
9bb69893a4526a13bfc0e226b602753d6390bcb0e4758285681b3eaa14148700
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a37e5c0dedd2f1c8cfab683a324fe1a1c46c3414ae716902c1d8c6d93e6fdbf9
a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
ba3ec4b5fcdedd725f2a67e7442e4ec06fac66ddd0706a93bc9faf65560d4c10
c29738153f4382cfb3a589e5774b0dd04369036a2b040bcb482f869491f584ee
c3065ec70a405794f179819632a4d3a309540d70bc54969c4ac78fea4b0a44a2
c378bdadb9cde260d081619a34444265d1295d633fb9fc5e4961f72cdf36aa6b
c953f6a1acca8896e7d99b2fb7b0b01cb4e5d13ce82fa7e7c93799c9630ac9c3
d0a77e495359613dd0f75850a9b9a541f059b6f215c76acddb418bedb7a2cf6b
d53b04d632881559406dbb64206e2874434cb94d2a95bd869458f8b6c3edfd5c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2aa98ca8c8ec3d6746f9cc086ce99229d273603428c69fedb41d4a29a35293a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ebaa16dd9d9b9fc107c42183fb6cf9d22927e1af03dbbdfa0ccc38e4e4ac31
ead6823661424768b4c9937e621bb9d9d2761d76b8833ba91814db8f6ac64d88
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03b7ae54bd87cc8e1331a03819e8d2a643274bce3152c9f662f12b6472ce6df
f19ae1b0f9785862a9513a652f1e52f420c56bf65d150bd0f2b8ab48a2cfd439
f7412d4258d53156784258d6f214d68d65b002b871f9348c013513da8a862975
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f9523b236b4599e4d5cfb130744b6939ef096c374dddd1306a417352061a66a9
fa97d9f5c551aabe68ad73f828dcb18361b4d0c1ae9ed5126e347f76947f73ad