blog.well-being-review.com Open in urlscan Pro
2600:9000:225e:2800:a:315a:e1c0:93a1  Public Scan

Submitted URL: http://prouseum-cheads.xyz/88cf1816-d267-4123-8381-1806ee47b98e?campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id...
Effective URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuG...
Submission Tags: falconsandbox
Submission: On September 05 via api from US — Scanned from DE

Summary

This website contacted 16 IPs in 3 countries across 10 domains to perform 31 HTTP transactions. The main IP is 2600:9000:225e:2800:a:315a:e1c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is blog.well-being-review.com.
TLS certificate: Issued by Amazon on August 21st 2022. Valid for: a year.
This is the only time blog.well-being-review.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
11 cloudfront.net
d3fit27i5nzkqh.cloudfront.net
d10lpsik1i8c69.cloudfront.net
d1yei2z3i6k35z.cloudfront.net
7 MB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1080
q.stripe.com — Cisco Umbrella Rank: 7709
m.stripe.com — Cisco Umbrella Rank: 1025
83 KB
4 gstatic.com
fonts.gstatic.com
77 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 596
script.hotjar.com — Cisco Umbrella Rank: 779
vars.hotjar.com — Cisco Umbrella Rank: 880
69 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1166
16 KB
1 luckyorange.net
settings.luckyorange.net — Cisco Umbrella Rank: 7420
754 B
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2249
449 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
1 well-being-review.com
blog.well-being-review.com
208 KB
1 prouseum-cheads.xyz
prouseum-cheads.xyz — Cisco Umbrella Rank: 266541
3 KB
31 10
Domain Requested by
6 d1yei2z3i6k35z.cloudfront.net blog.well-being-review.com
4 fonts.gstatic.com fonts.googleapis.com
4 d3fit27i5nzkqh.cloudfront.net blog.well-being-review.com
3 q.stripe.com blog.well-being-review.com
3 js.stripe.com d3fit27i5nzkqh.cloudfront.net
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
1 m.stripe.com m.stripe.network
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 settings.luckyorange.net d10lpsik1i8c69.cloudfront.net
1 d10lpsik1i8c69.cloudfront.net blog.well-being-review.com
1 static.hotjar.com blog.well-being-review.com
1 cdn.polyfill.io blog.well-being-review.com
1 fonts.googleapis.com blog.well-being-review.com
1 blog.well-being-review.com
1 prouseum-cheads.xyz 1 redirects
31 16

This site contains links to these domains. Also see Links.

Domain
twitter.com
prouseum-cheads.xyz
blog.revue-bien-etre.com
Subject Issuer Validity Valid
blog.well-being-review.com
Amazon
2022-08-21 -
2023-09-19
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-03-08 -
2023-04-09
a year crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2022-08-31 -
2023-01-10
4 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-30 -
2023-05-30
a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-15 -
2022-11-13
3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-11 -
2022-10-19
3 months crt.sh

This page contains 4 frames:

Primary Page: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Frame ID: 405A319BAFA6DAF0D08EE895C51A1409
Requests: 23 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Frame ID: 5244406E1FDE3DEFDF772A97154CBCDC
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html
Frame ID: BFC4C3359E397AF039FAEAB3AFD7AEE6
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 7C49C82A1309C03C6328F334C884810B
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Well Being Review

Page URL History Show full URLs

  1. http://prouseum-cheads.xyz/88cf1816-d267-4123-8381-1806ee47b98e?campaign_id=00eb67d5d389d1b7ab6f2c2578c... HTTP 302
    https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

31
Requests

100 %
HTTPS

44 %
IPv6

10
Domains

16
Subdomains

16
IPs

3
Countries

7320 kB
Transfer

9436 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://prouseum-cheads.xyz/88cf1816-d267-4123-8381-1806ee47b98e?campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa HTTP 302
    https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request wonderpatch-slimming-patch
blog.well-being-review.com/
Redirect Chain
  • http://prouseum-cheads.xyz/88cf1816-d267-4123-8381-1806ee47b98e?campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PRE...
  • https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQB...
207 KB
208 KB
Document
General
Full URL
https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2800:a:315a:e1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
68e2da5adbbe983e450b8dacb25187b3197c6b567e35fdbf820385a9b10b4449

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, must-revalidate, private max-age=0, no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 05 Sep 2022 02:29:18 GMT
expires
Mon, 05 Sep 2022 02:29:18 GMT
server
nginx/1.14.0 (Ubuntu)
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-cf-id
ZjxNEbd-km-RFKBCb-ezLSlADsjIcvzFsX_chUGgKbDtjX3EPGvs4A==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront

Redirect headers

Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Length
0
Date
Mon, 05 Sep 2022 02:29:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Pragma
no-cache
Server
nginx
css2
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Roboto:wght@400;700&display=swap
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d9ac51ac30607cdcd6d181d0d86153e3ba8255aad4af11e7fc1ea6cc2863977
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 01:43:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 05 Sep 2022 02:29:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Sep 2022 02:29:18 GMT
all.min.css
d3fit27i5nzkqh.cloudfront.net/assets/css/
486 KB
80 KB
Stylesheet
General
Full URL
https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4e00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 01:32:05 GMT
content-encoding
br
last-modified
Wed, 18 May 2022 12:25:57 GMT
server
AmazonS3
age
3718634
etag
W/"325672b036bab9b57f6873aed5eccc43"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
0WLfeRMk605ZrQKNiEPHtioJSVkO_79mtqmowA0PGhslmOpDX6qS-w==
polyfill.min.js
cdn.polyfill.io/v2/
222 B
449 B
Script
General
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en%2CmatchMedia
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 02:29:18 GMT
content-encoding
br
last-modified
Thu, 25 Aug 2022 05:27:41 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/105.0.0
server-timing
cache-hhn4030, PASS, fastly;desc="Edge time";dur=11
accept-ranges
bytes
content-length
126
runtime.0c8d331c9fe756a58f71.js
d3fit27i5nzkqh.cloudfront.net/js/
2 KB
1 KB
Script
General
Full URL
https://d3fit27i5nzkqh.cloudfront.net/js/runtime.0c8d331c9fe756a58f71.js
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4e00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e35f5142ecd3cc00c62b05e701baccc8d5a4af2097a6e725a8146411450d0a51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:08:09 GMT
content-encoding
gzip
last-modified
Sat, 02 Jul 2022 20:33:01 GMT
server
AmazonS3
age
5275270
etag
W/"15371dacdd8bf944a20eec097edf9242"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
2K18tHGysfOu1RrS3u3HalOAjwERQD8jkE_gIPrsfnDakpUdzye7Vw==
page.37b91c967ab1934965d1.js
d3fit27i5nzkqh.cloudfront.net/js/
695 KB
106 KB
Script
General
Full URL
https://d3fit27i5nzkqh.cloudfront.net/js/page.37b91c967ab1934965d1.js
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4e00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b10c0b60259087236d00f25d245553612e63f7a2d79c86002555d4a03432b4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 08:19:39 GMT
content-encoding
br
last-modified
Fri, 02 Sep 2022 08:19:32 GMT
server
AmazonS3
age
238180
etag
W/"11ecb9d7ee9e378bab2a78141e5f039c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
jXiO6hFWCqP89yIsN4bSd-SqNadTFt-12jWNn4FbfR83DYyaN4--bw==
vendors~page.8f7bf22af79aaf01d4db.js
d3fit27i5nzkqh.cloudfront.net/js/
877 KB
257 KB
Script
General
Full URL
https://d3fit27i5nzkqh.cloudfront.net/js/vendors~page.8f7bf22af79aaf01d4db.js
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4e00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f41e23af62583b87ddb28a7fddfd8acc1f460ae1408af3d5c7c6656f29079b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 04:46:45 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 12:30:10 GMT
server
AmazonS3
age
3966154
etag
W/"7ab0e974df43bfb0c1cf924e0cff8fe8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
H_ge-2ScsMmgqzTgkrAk30LbkOH5YBHMwf-1g8w0cal-NfhqIZlY4Q==
hotjar-2417203.js
static.hotjar.com/c/
5 KB
3 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-2417203.js?sv=6
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
/
Resource Hash
62175ccb4d3b1b42014b3bbf9c08650f8666d84ab95c633006e526f9f45fb966
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 02:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-C1
etag
W/5117741d103a631e2bab32dc6f2aadfb
strict-transport-security
max-age=86400; includeSubDomains
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-amz-cf-id
hJJcuefLNtxnO1OvUHviUqPVN9iR7JHWx8DR-kKJie1gycKNKXLNCA==
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
w.js
d10lpsik1i8c69.cloudfront.net/
5 KB
3 KB
Script
General
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-209.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 01:58:23 GMT
content-encoding
gzip
last-modified
Fri, 02 Sep 2022 19:59:48 GMT
server
AmazonS3
age
1855
etag
W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
5Dmr_IVMJBCFPZ42aqSwzTchdFd-qUzg8RxI0jtY0w_dN1TUor89lg==
truncated
/
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Roboto:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.well-being-review.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 19:07:55 GMT
x-content-type-options
nosniff
age
544883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 19:07:55 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Roboto:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.well-being-review.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 17:07:14 GMT
x-content-type-options
nosniff
age
465724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 17:07:14 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Roboto:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.well-being-review.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 17:07:14 GMT
x-content-type-options
nosniff
age
465724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 17:07:14 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Roboto:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.well-being-review.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 16:44:52 GMT
x-content-type-options
nosniff
age
553466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 16:44:52 GMT
625fd028ec5f5_SLIMMINGNEWS.png
d1yei2z3i6k35z.cloudfront.net/1219996/
987 KB
988 KB
Image
General
Full URL
https://d1yei2z3i6k35z.cloudfront.net/1219996/625fd028ec5f5_SLIMMINGNEWS.png
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9a00:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cad0b24fdf1d74647552bf6891aafa59c9ca3d882c5133c57f99ba58ade4e3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 09:20:43 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Wed, 20 Apr 2022 09:19:38 GMT
server
AmazonS3
age
11898516
etag
"55bebe18976b16d99375ad1a61d0ca44"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
1010459
x-amz-cf-id
UoGeE0yzcN3JjrUSb61BLhuISvCz_MaHdT0h-6a-ZD79mrVFrdQwgg==
60ddc6a9e3ee8_Capturedecran2021-07-01a15.19.39.png
d1yei2z3i6k35z.cloudfront.net/1012525/
2 MB
2 MB
Image
General
Full URL
https://d1yei2z3i6k35z.cloudfront.net/1012525/60ddc6a9e3ee8_Capturedecran2021-07-01a15.19.39.png
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9a00:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b05a57a273722bc258153f3dd490d9a962eedb9fbd8d6a4b3e41b698e228f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 12:16:05 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jul 2021 13:44:11 GMT
server
AmazonS3
age
4630394
etag
"eed33cffd9f1c9b355233a863242b9d3"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
1760475
x-amz-cf-id
XwR8zT7c1JbvyBZrAS0IdzXs7phfT18F0vkPBoA0jrTxMqzJCkwX8Q==
61669b19bb2e9_entree1.png
d1yei2z3i6k35z.cloudfront.net/1219996/
2 MB
2 MB
Image
General
Full URL
https://d1yei2z3i6k35z.cloudfront.net/1219996/61669b19bb2e9_entree1.png
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9a00:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5a150d3a5be9e7491f53a85110e80ef3dd13aaa778a3e685102c81f0c4539bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 01:14:21 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Wed, 13 Oct 2021 08:38:51 GMT
server
AmazonS3
age
2250898
etag
"bb0b8eb0f0acc26857cc13f3d62c74e9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
2027274
x-amz-cf-id
7Xd10r6MU5kyOqlhHbefjX_AsOK4FvzH92GmcuzYNF1zEbK6w611eg==
61b462ec9f083_spec.jpg
d1yei2z3i6k35z.cloudfront.net/1012525/
8 KB
8 KB
Image
General
Full URL
https://d1yei2z3i6k35z.cloudfront.net/1012525/61b462ec9f083_spec.jpg
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9a00:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55b2f452fadf86f3fbd10be4e3aac8ae1612b99fca5b9a6240aa1ea17b207894

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 03:53:17 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Sat, 11 Dec 2021 08:35:58 GMT
server
AmazonS3
age
17188562
etag
"751906031641d30ce5421faccb555243"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
8187
x-amz-cf-id
VaVoSz0FA9nmLVAYH4DmQv6sIhhoz8MkT7YB_ZCVJWL9DqcBW3_KjA==
622cd923e60a7_ElianeAnglais.png
d1yei2z3i6k35z.cloudfront.net/1219996/
1 MB
1 MB
Image
General
Full URL
https://d1yei2z3i6k35z.cloudfront.net/1219996/622cd923e60a7_ElianeAnglais.png
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9a00:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dabde9da9853fc3a65dc2c9a88c9d472b4557a9a7be22e2b11c356109b922743

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 16 May 2022 22:37:35 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Sat, 12 Mar 2022 17:32:21 GMT
server
AmazonS3
age
9604304
etag
"8b4cd26c2604f61bc344639cb1e9396e"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
1291041
x-amz-cf-id
3U50dsBL-K_Gbr5Vjf13kLvYuRMVn99TbPasSOliVtE3myoKk-61ag==
61668c6b00dfb_boite.png
d1yei2z3i6k35z.cloudfront.net/1219996/
453 KB
453 KB
Image
General
Full URL
https://d1yei2z3i6k35z.cloudfront.net/1219996/61668c6b00dfb_boite.png
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9a00:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35080c8a6eecef00cbcf691cdd8ab7597f6a9172a0969d97f3eb352aaaa25818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 16:50:04 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Wed, 13 Oct 2021 07:36:12 GMT
server
AmazonS3
age
16969155
etag
"a8923c49d146669067975a38b657c035"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-robots-tag
noindex
content-length
463367
x-amz-cf-id
6NTg8ahFCaXwJGARvWZrisLQUyeFYFmVp3ovY_VMmQc0ZrBg-EitXQ==
v3
js.stripe.com/
327 KB
80 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: d3fit27i5nzkqh.cloudfront.net
URL: https://d3fit27i5nzkqh.cloudfront.net/js/vendors~page.8f7bf22af79aaf01d4db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
5c1a97171b0ac89a0ba20428ba069f1db2fcdb96280b99f991fcffe743eca72e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
44
x-cache
HIT
content-length
81054
etag
"c60bded5fc23fe5642fa6fa5eed6fe25"
x-request-id
43da53b7-9e01-414c-9850-2abe40f9422a
x-served-by
cache-hhn4028-HHN
access-control-allow-origin
*
last-modified
Fri, 02 Sep 2022 19:27:28 GMT
server
Fastly
date
Mon, 05 Sep 2022 02:29:18 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3
/
settings.luckyorange.net/
129 B
754 B
Fetch
General
Full URL
https://settings.luckyorange.net/?u=https%3A%2F%2Fblog.well-being-review.com%2Fwonderpatch-slimming-patch%3Fcep%3DGRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc%26lptoken%3D16ca62aa34a967f25787%26campaign_id%3D00eb67d5d389d1b7ab6f2c2578cd25d2fa%26publisher_id%3D009abd1e8a2bc8f2a4f9e058936643cb1e%26publisher_name%3DMSN%252BMalaysia%252B%2528PREMIUM%252BHeader%252BBidding%2529%26ad_id%3D00b38ff20154838e236a273c6b779154fa%26ad_title%3DAn%252Bincredible%252Bslimming%252Bproduct%252Bfor%252Bthe%252Bstomach%26section_id%3D007f3e6df9e0d2917c150612b869259fb4%26section_name%3DMSN%252B-%252BEN-MY%252B-%252BCatchall%252B-%252BPREMIUM%252BHeader%252BBidding%26req_id%3D71ca01d82ad211edba25e62a2be703f7%26promoted_link_id%3D00b38ff20154838e236a273c6b779154fa&s=298244
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43e5dce7640e369a21ba0d22eea1692573cec81a8cc91ad26b3816b1da34b087
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 02:29:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://blog.well-being-review.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkFw%2FfO0ZanNHaj6VUj1Stw5xdLDSGcizQKR9fJRT1XqmuKrbKjLtopTSA55NoC%2BjcO8Je%2BJeQoOGLEV4hXgavhyNPJyqdDdHK9I54w2RWvO%2FbGVbCdg3aJTDtiSJWrR5OuGZBAI4Gno%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
745b8958dd0a921d-FRA
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
modules.d5eb3c97b67a0b8958ff.js
script.hotjar.com/
251 KB
65 KB
Script
General
Full URL
https://script.hotjar.com/modules.d5eb3c97b67a0b8958ff.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2417203.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-101.fra6.r.cloudfront.net
Software
/
Resource Hash
4ca35ab6756046c8b94ea3bde35009f35f981bbcb8fa3e8937c6dd956a36b3e1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 09:50:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
232752
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
65509
access-control-allow-origin
*
last-modified
Fri, 02 Sep 2022 09:49:47 GMT
etag
"5a03435fb2b1019b1b00d7bc5c267f72"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
VbtZUZweSPgJv7tvPJ-iI9eSwYc4XYQBZbRbsMKNzV9_gjBX87oxpA==
box-1ada912494ba7fc7aca15fcef1c2a7ae.html
vars.hotjar.com/ Frame 5244
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2417203.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-95.fra53.r.cloudfront.net
Software
/
Resource Hash
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://blog.well-being-review.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4643772
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Jul 2022 08:33:06 GMT
etag
"0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified
Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-id
XlI0DtS2V39Tz3lGGdFwrw3P9xOWO7O10Cnupb0B3D8bqFWLZjZObw==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-robots-tag
none
m-outer-e52e635988f6f4658a329b4b948f1007.html
js.stripe.com/v3/ Frame BFC4
186 B
842 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
5903ac62a504525a0c57b90ed548c2415f542e242d4c64edd369db6cf82aab6f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.well-being-review.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
201097
cache-control
max-age=31536000
content-encoding
br
content-length
114
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 05 Sep 2022 02:29:19 GMT
etag
"e52e635988f6f4658a329b4b948f1007"
last-modified
Fri, 02 Sep 2022 18:36:32 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
90510
x-content-type-options
nosniff
x-request-id
17ddf1b8-96d8-44dd-99b0-224c40a8cf36
x-served-by
cache-hhn4028-HHN
csp-report
q.stripe.com/ Frame BFC4
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 05 Sep 2022 02:29:19 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame BFC4
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 05 Sep 2022 02:29:19 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-a0304d3ea31e8647892809f01854788c.js
js.stripe.com/v3/fingerprinted/js/ Frame BFC4
526 B
361 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-a0304d3ea31e8647892809f01854788c.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
36
x-cache
HIT
content-length
256
etag
"d96c709017743c0759cf3853d1806ba5"
x-request-id
2aa9698c-9a30-4baf-9d27-a9f7e47a6ab0
x-served-by
cache-hhn4028-HHN
access-control-allow-origin
*
last-modified
Fri, 02 Sep 2022 18:36:32 GMT
server
Fastly
date
Mon, 05 Sep 2022 02:29:19 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4
inner.html
m.stripe.network/ Frame 7C49
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a0304d3ea31e8647892809f01854788c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
55
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 05 Sep 2022 02:28:24 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-id
Qg2TdNNxvWj-TgfihyCEEsOQBGP00MZ4Af0cm_aIxDy1KDJDGSkE0Q==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 7C49
0
345 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/wonderpatch-slimming-patch?cep=GRs-gOZMq6AJenHIxEUk57IlE_6xlDma3NY9trUgqMy1u8rAn-Dktc5BSlT7XHwuGR7sLlIGXUBay__yCqP9M6qe7l_gKIyeQd58c8ZZBXq487eEHh9ZjMtyAfNeFslabQBqXxZFIT3wOZGqGXFUnx6KK13nayJHbw8zNIUxitfse7MZI9eh2sMK9EvCYmovo8PKzB_kSNPC9eq7mrws-okz8dVadJ4wRH_4-uaMxBGFkGE8G4XYG9fD6M38E6ps_DAkw5XcS-cRVYVTniGoUrk0Yk8HeaKh-6iKzG-ONvvWhDb5PQKyspF-t891ebLEnmLmsMglBwploNXAEDhJeFOrmc8IqKJI6ZwBKI9kvoWwcOLM02SQ2b4yXIii7n-OVoOuNHr9pSUQuYNfSRgDh106EYmNPYOjTo92asvjbPRR63fks4891xgpqQS4KHYePDKwdaJ5n-ru23ogOGUx0ypfOM7OiAIASBIVDkYjHb0oNUCm9GdxLlL3TbCugTufQeMjvrO9D1NOgrdmb9S_oAB_nhuYJ4HZ_vWm9i3v1MuYVOMgX0yVjaSOXEL02kiJUyOnCxgJWlYR1YBsSxp2zLFoGFE3-Bb9ixFXh-3oouelreugWRO_nIBNugnZ3qMlEUEY8ilXhhFjlyDXZGKIJja9StHt3NCoMAIIJNszqyFZNPvY3usHnSXdd5k9MwEMN40OpZBnuM4e5FXwHvkwrQHJQ4Wuex7PIz1RXuvyCvvKGrv3XbhK_4LXtTdR4IESH-9W671DAbZVUaibPJWKx7cuirq_TDt4-vdYQzcDEaiRG8JiLA7JCbe2Y60oAc6bBA7nRME2bFr8tnzAWHXdu3nHoI6Sn3y4im2iM1BwIsc&lptoken=16ca62aa34a967f25787&campaign_id=00eb67d5d389d1b7ab6f2c2578cd25d2fa&publisher_id=009abd1e8a2bc8f2a4f9e058936643cb1e&publisher_name=MSN%2BMalaysia%2B%28PREMIUM%2BHeader%2BBidding%29&ad_id=00b38ff20154838e236a273c6b779154fa&ad_title=An%2Bincredible%2Bslimming%2Bproduct%2Bfor%2Bthe%2Bstomach&section_id=007f3e6df9e0d2917c150612b869259fb4&section_name=MSN%2B-%2BEN-MY%2B-%2BCatchall%2B-%2BPREMIUM%2BHeader%2BBidding&req_id=71ca01d82ad211edba25e62a2be703f7&promoted_link_id=00b38ff20154838e236a273c6b779154fa
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 02:29:19 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
out-4.5.42.js
m.stripe.network/ Frame 7C49
86 KB
14 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
age
41
date
Mon, 05 Sep 2022 02:28:39 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Mhj97NsCzOeKkN2WIPPiwSdHx9IGCwVsxO-5QAYYbbMgxoHK9JtHWg==
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
6
m.stripe.com/ Frame 7C49
156 B
522 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.23.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-23-244.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f9d1790ebc8f5af536ca189d3a8a766fd79bac8505fcb953c5d47a180958ac3f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Sep 2022 02:29:20 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| hj object| _hjSettings number| __lo_site_id object| initialI18nStore string| initialLanguage object| webpackChunkeditor object| scCGSHMRCache object| regeneratorRuntime function| setImmediate function| clearImmediate boolean| __lo_csr_added object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| webpackChunkstripe_js_v3 function| Stripe

12 Cookies

Domain/Path Name / Value
.prouseum-cheads.xyz/ Name: 88cf1816-d267-4123-8381-1806ee47b98e-v4
Value: qDnWczQoj8oGdXsrjFxc3wfGcMv_mQ91cgRx3dMTjY8
.prouseum-cheads.xyz/ Name: cep-v4
Value: yllFVwSi4pqe-QDHSZ5qoqn36Zn2wD39NSe8IvM2xpjRaQqhkPlMdjbBLhmO-uhexhkz2vg9hsDi-FFWV4djkFtN4vUzbZ-0eaK6MPY96Q9MnyK-cOzdJ7LvAHqgnFxdCZOEn0jtq4FjVoZzEmuJ6jbEYmE9kgqPUuq9f8EwS08ezAh84y_Fath4FNXsXDFxxj_rGNK0R-rV6rc-Yj2F-bGtXJEX_q7QfODgKwL3u9a9a-ct4fRIw27TaVpRKcHUSbATIc1J_XbDufCTAcr-8aADTdYJ0lvEC3p6qekxhHIHIsSJxPTKDkesParAsiYLE7CLGrCXwV4McePTGCXZpkj146J1njGB5UwGfz0X7CRrAUxbG_3h3aZ4P7PbtKuNC5yQitx-Tl20jeNGuHOI3ETduMF8cpWZvE5qPyl3o7HbuQSFqB-_TaGP-Fpxzg49VTWy8ZNZewBj0pegMwGDejl2wu7MkurTze0MHjHx0UxYmTwgOxNSMspQM0MVNCZTmmaAaYQ4NwKXlhAVLuDX_nrT6Z3tvtN34T4ExdsdPNylN8rPVIKuXliKcSS_bb-G-3RhnxlpuVpwPxDcp77auD8GnEHHXlQsWxNgdDo8GZ78HzNxS6Oj6dByIQhRIx0gioF8PIi3Duak2w50NKUUlPvIEKEgDzQTYrmt2Pr5Eis-jrQQhAx2_hU3-e9VO8e1XYvsRDJzMuY4gq-adNSzAMxCohGraWvmjPfb4sZkiITEYNwYODwdzNvWvWg2RFDD5eH-doe6Pi0-Lf3d2WsqLcElLv0mjH0EB8Gjjej60IHAilTzLVgDTBp6tuTIMpyKKfAtkYop_GHaDBUi7YK4MzSQWJ-he8y7XZ7gO-QVzfw
.blog.well-being-review.com/ Name: si
Value: bkei874r5n164qc2ob606on80m
blog.well-being-review.com/ Name: v
Value: ab7302fae0d1158e0ac36e223a0d37d457e9a8102cd206232163e003f6da1a2d
.well-being-review.com/ Name: _hjSessionUser_2417203
Value: eyJpZCI6IjMyYzc2ZDlhLWQ3NjYtNTg4NS04YWQ0LTAyOTk0MjUxMjM1ZSIsImNyZWF0ZWQiOjE2NjIzNDQ5NTg5MjMsImV4aXN0aW5nIjpmYWxzZX0=
.well-being-review.com/ Name: _hjFirstSeen
Value: 1
blog.well-being-review.com/ Name: _hjIncludedInSessionSample
Value: 0
.well-being-review.com/ Name: _hjSession_2417203
Value: eyJpZCI6ImE1MDU4N2YyLWYxZmUtNGViMC1hZWVlLTc0ZWNhYWI2OGY0ZSIsImNyZWF0ZWQiOjE2NjIzNDQ5NTkwMzcsImluU2FtcGxlIjpmYWxzZX0=
.well-being-review.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
m.stripe.com/ Name: m
Value: 2f5d831f-d1d8-4ee2-9e15-90a09a1e660b687bf9
.blog.well-being-review.com/ Name: __stripe_mid
Value: 0e62d2fa-7eee-438e-898b-a1d88db96182f6c6e4
.blog.well-being-review.com/ Name: __stripe_sid
Value: 416b50e5-7374-4dcb-8243-aadd9de07dad805fb5

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.well-being-review.com
cdn.polyfill.io
d10lpsik1i8c69.cloudfront.net
d1yei2z3i6k35z.cloudfront.net
d3fit27i5nzkqh.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
prouseum-cheads.xyz
q.stripe.com
script.hotjar.com
settings.luckyorange.net
static.hotjar.com
vars.hotjar.com
104.26.11.16
143.204.215.95
151.101.128.176
18.192.108.151
2600:9000:2057:7c00:19:7d10:bd80:93a1
2600:9000:214f:9a00:f:a462:c1c0:93a1
2600:9000:223c:4e00:1c:d937:ae40:93a1
2600:9000:225e:2800:a:315a:e1c0:93a1
2a00:1450:4001:82b::2003
2a00:1450:400e:811::200a
2a04:4e42:200::282
52.222.232.209
54.149.23.244
54.186.23.98
65.9.66.34
99.86.4.101
1b10c0b60259087236d00f25d245553612e63f7a2d79c86002555d4a03432b4a
35080c8a6eecef00cbcf691cdd8ab7597f6a9172a0969d97f3eb352aaaa25818
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
3d9ac51ac30607cdcd6d181d0d86153e3ba8255aad4af11e7fc1ea6cc2863977
3f41e23af62583b87ddb28a7fddfd8acc1f460ae1408af3d5c7c6656f29079b0
43e5dce7640e369a21ba0d22eea1692573cec81a8cc91ad26b3816b1da34b087
4ca35ab6756046c8b94ea3bde35009f35f981bbcb8fa3e8937c6dd956a36b3e1
55b2f452fadf86f3fbd10be4e3aac8ae1612b99fca5b9a6240aa1ea17b207894
5903ac62a504525a0c57b90ed548c2415f542e242d4c64edd369db6cf82aab6f
5c1a97171b0ac89a0ba20428ba069f1db2fcdb96280b99f991fcffe743eca72e
62175ccb4d3b1b42014b3bbf9c08650f8666d84ab95c633006e526f9f45fb966
68e2da5adbbe983e450b8dacb25187b3197c6b567e35fdbf820385a9b10b4449
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9cad0b24fdf1d74647552bf6891aafa59c9ca3d882c5133c57f99ba58ade4e3e
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
a5a150d3a5be9e7491f53a85110e80ef3dd13aaa778a3e685102c81f0c4539bf
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6b05a57a273722bc258153f3dd490d9a962eedb9fbd8d6a4b3e41b698e228f5
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
dabde9da9853fc3a65dc2c9a88c9d472b4557a9a7be22e2b11c356109b922743
e35f5142ecd3cc00c62b05e701baccc8d5a4af2097a6e725a8146411450d0a51
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9d1790ebc8f5af536ca189d3a8a766fd79bac8505fcb953c5d47a180958ac3f