info.ekincare.com Open in urlscan Pro
2606:2c40::c73c:67fe Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://linksg.ekincare.com/ls/click?upn=qwq3QBbsGV6o7T3dT-2B6r8DgOIvc7aylwpjoHuc5WlICpkLrOk-2B7bgM5rGfd8IRi6fCG1GjFgO2OFhLl...
Effective URL:
https://info.ekincare.com/the-healthcare-pay-day-sale
Submission: On November 29 via manual (November 29th 2022, 4:29:47 am UTC) from IN — Scanned from DE

Summary HTTP 47 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 16 domains to perform 47 HTTP transactions. The main IP is 2606:2c40::c73c:67fe, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is info.ekincare.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 17th 2022. Valid for: a year.

This is the only time info.ekincare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.120 167.89.115.120	11377 (SENDGRID) (SENDGRID)
1 1	54.145.255.214 54.145.255.214	14618 (AMAZON-AES) (AMAZON-AES)
25	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4	2606:4700::68... 2606:4700::6811:f1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	172.65.208.22 172.65.208.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.236.181 172.65.236.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.192.122 172.65.192.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.202.201 172.65.202.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.219.229 172.65.219.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.238.60 172.65.238.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:cacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.193.34 172.65.193.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	172.65.240.166 172.65.240.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
47	17

1 167.89.115.120 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x120.outbound-mail.sendgrid.net

linksg.ekincare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.145.255.214 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-255-214.compute-1.amazonaws.com

api-01.moengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:2c40::c73c:67fe (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.ekincare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:f1cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.236.181 (United States)

ASN13335 (CLOUDFLARENET, US)

app-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.219.229 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)

api-eu1.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.193.34 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)

track-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	ekincare.com 1 redirects linksg.ekincare.com info.ekincare.com	15 MB
4	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 10448	9 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	132 KB
3	hubspot.com app-eu1.hubspot.com — Cisco Umbrella Rank: 53758 forms-eu1.hubspot.com — Cisco Umbrella Rank: 30670 track-eu1.hubspot.com — Cisco Umbrella Rank: 21034	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	203 B
1	hubapi.com api-eu1.hubapi.com — Cisco Umbrella Rank: 31784	841 B
1	google.de www.google.de — Cisco Umbrella Rank: 3269	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 16	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 64	1 KB
1	hs-analytics.net js-eu1.hs-analytics.net — Cisco Umbrella Rank: 19938	20 KB
1	hsadspixel.net js-eu1.hsadspixel.net — Cisco Umbrella Rank: 32172	3 KB
1	hs-banner.com js-eu1.hs-banner.com — Cisco Umbrella Rank: 19302	16 KB
1	hscollectedforms.net js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 31642	25 KB
1	hs-scripts.com js-eu1.hs-scripts.com — Cisco Umbrella Rank: 18289	871 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	66 KB
1	moengage.com 1 redirects api-01.moengage.com — Cisco Umbrella Rank: 139361	356 B
47	16

	Domain	Requested by
25	info.ekincare.com	info.ekincare.com
4	cdn2.hubspot.net	info.ekincare.com
3	connect.facebook.net	js-eu1.hsadspixel.net connect.facebook.net
2	www.facebook.com
1	track-eu1.hubspot.com
1	forms-eu1.hubspot.com	js-eu1.hscollectedforms.net
1	api-eu1.hubapi.com	js-eu1.hsadspixel.net
1	www.google.de	info.ekincare.com
1	www.google.com	info.ekincare.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	js-eu1.hs-analytics.net	js-eu1.hs-scripts.com
1	js-eu1.hsadspixel.net	js-eu1.hs-scripts.com
1	js-eu1.hs-banner.com	js-eu1.hs-scripts.com
1	js-eu1.hscollectedforms.net	js-eu1.hs-scripts.com
1	app-eu1.hubspot.com	info.ekincare.com
1	js-eu1.hs-scripts.com	info.ekincare.com
1	www.googletagmanager.com	info.ekincare.com
1	api-01.moengage.com	1 redirects
1	linksg.ekincare.com	1 redirects
47	19

This site contains links to these domains. Also see Links.

Domain
rzp.io
app.ekincare.com
form.typeform.com
www.ekincare.com

Subject Issuer	Validity	Valid
info.ekincare.com Cloudflare Inc ECC CA-3	`2022-10-17` - `2023-10-17`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-07` - `2022-12-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://info.ekincare.com/the-healthcare-pay-day-sale
Frame ID: A51250CA72CE51B73914FE5C9EA04218
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Healthcare Pay Day SaleOpen main menuClose main menu

Page URL History Show full URLs

http://linksg.ekincare.com/ls/click?upn=qwq3QBbsGV6o7T3dT-2B6r8DgOIvc7aylwpjoHuc5WlICpkLrOk-2B7bgM5rGfd... HTTP 302
https://api-01.moengage.com/v1/emailclick?em=harish_reddy%40glic.com&user_id=%40%24xy%2A%40%21h%C3%BBVdW... HTTP 302
https://info.ekincare.com/the-healthcare-pay-day-sale Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

47
Requests

100 %
HTTPS

47 %
IPv6

16
Domains

19
Subdomains

17
IPs

3
Countries

15375 kB
Transfer

21847 kB
Size

9
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://rzp.io/l/gfuxddg
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://rzp.io/l/fNujBIwh7B
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://app.ekincare.com/form?id=efc9p1v
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://rzp.io/l/snN3c7G
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://rzp.io/l/G87QR5W9
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://rzp.io/l/WsiESF9BnC
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://rzp.io/l/xvE2zLKp6
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://rzp.io/l/FaHb13N
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://rzp.io/l/BmOM6P9uf
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://form.typeform.com/to/bTk6cC8t
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://rzp.io/l/WQBiztd
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://rzp.io/l/G5FwNXXM
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://rzp.io/l/rpSV7IIJt
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://rzp.io/l/C1IrE7QXdN
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://rzp.io/l/SGH36a3
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://www.ekincare.com/?hsLang=en
Title: www.ekincare.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://linksg.ekincare.com/ls/click?upn=qwq3QBbsGV6o7T3dT-2B6r8DgOIvc7aylwpjoHuc5WlICpkLrOk-2B7bgM5rGfd8IRi6fCG1GjFgO2OFhLlxwYoj-2BCcrPLXel6QDMpCUfuQc6P5E80QJjAwSRP3hgL049AfYHbiBRIkU6hge7QHbTz4wolGaYW9FFqRTacv6gFDVjFCOSuHrd1L0c1hUFBUVWuEEIttbEhB2br5KOcRS5kPpDfqnnLE9QIB-2BtecLK4VWPzpM36ogbcrfJH0CTpH2FhZdakiLjUz2KEi-2F9LpERQobYo2f3QGA8ng-2B7ll1gyT-2Bhd8mgAleyitHfhsi59zT8pGUjbhOO-2BLUGki6rcZ825KYMzbBrt5SMPE5DwsCBKEIY8U1-2B-2BudaIOfs84I7una-2FPpcrkmb4KCE6xrggILxt5XuNTu6UUD2GDBGqNhY4NToEI1Bcle46Zk4EPw-2FQW0rC8r-2FfeIR5wzx0tg8c0YuBRYmG8PQAo2RueYjeUGhzvxHreM0R2lvjJkUP-2Bt5V7NS-2Fp-2BWvsp8cfiMxbyKuZARLJTsMNvXbPhcfS0VnQIF-2BmAMNYY-2BK0iiQVdBjANYhI-2BVMnkdExBxB7nvNskvrgMEwb-2F0G8elQdXPYK-2Fo7P7Yxx19H6NZNZjJ-2BugFhw7RQVRmmopTOWwF6ytedo4mOiXrdffDwR1lCJ7G6qtlsIF4An2JtS7wveTb3Hdx1QZIXaDQAsT9tQqkaegg2o8nx-2BSFHQNiAh3GskKq18vk6KC8huzzm-2ByQ6F1iHoh1BA8Tf7RiHd6qQh7v3i262m-2Fi4-2Bl-2BuHNEjOoM4ji1QdSWpdhZqJlVKYXDX4YQucMtzr9PhGZhKI9LlDFZDn9flLakH9LI2WPnjRwX-2BNopQTxLW9ondGbY4IS-2BE-2BOC6SnP-2BlvM0-2B2pT1mqfRE2fLBjdvf6NeWyFwrfgHwS6JxZGqp2HCoI2E7SPec9IPQ-2FbNZdCrzpeuaMtBNxUAuwFbOJRx1sOVc5RmDEwqqaDGVdA412E4jEpfPuE9v-2Bx8C-2BeqBl4EH59fK77coicZB8Re2bgQ0OTcrzkm5flxaSLep0ekzvrNIvv2tkncnkDh6u7ENvoUUEq5tA9uX0wwWLMBrRuJ9geXd6dFTD-2FA-3D-3Do3xy_Hd47d-2B6YDtO8b94QqcsSvzXldoID2E7r7j6l2RS9D-2FlcicuOIH6-2Bf0rZfQ8WQGx1GAD8IdyBFMkgMagZqfF37lBswhvtcunyFvsCOOoYPspOfNQNIXNayM9QEk6sQmtkB24ENIoG2yT0C3mA8lPHJupk4as4cJfOCHBHivH7-2FTvsuenrrXEExov5C6-2F7j2JTCq-2BBQKcQ2eAsew2d4fEN7p-2B-2FWnTm3C3lH-2Fpi-2FULzxmuV0ygrOj66CtxVXRVAljLEOtFZLsGyAWzPbmp8aX1-2B-2FPYqq13JCsNGZTFBqi7vIaCzPDMfyBDYdjwGqE3dIbu48smBHPJesQbrkGi8yodz2-2Brl3SZqziCVXZm2FpF8ehld4twOpVi2a1xSW3nWrrBEKCdL5Zxjx1PKhH-2BfxUomRhq4jluqDgurvHgUz569W7BMn04aN64xrPF6M6eqAWITAiqH9HTKX1otEBBTQVvREKv3wR1hx8wqxMpDxgRaE9FzZ1yZBlmukLUu5xUnHQOTk9-2Fvxsja93bRFtZ-2BqEcBX-2BUed7-2FPH7-2FDMDV7kwW0y1E-3D HTTP 302
https://api-01.moengage.com/v1/emailclick?em=harish_reddy%40glic.com&user_id=%40%24xy%2A%40%21h%C3%BBVdW%5Be%C3%99%C2%A6%C2%B4v%18d%C3%86mL%C2%848%C2%8C%00i%C2%BC%C3%87%C3%B3DQ%C3%A3%C3%8B%23%C2%83Y%C3%B6+&d=%40%24xy%2A%40%21h%C2%B4%C2%B4%0A%C3%83%C3%9E%02%22%C2%9C%C3%8F%24%C2%86%C2%A1%12%C3%99%0E%C3%94&cid=%40%24xy%2A%40%21h%C2%87J%C2%87%C2%BC4%199%17%C2%BA%C2%8A%C3%AEvS%C3%B9%C2%A4%C2%B7%C3%B2%1DAU%2B%7C8%044%C2%B5%C3%A5%28%07%2Be%17F%1F%C3%8E%C3%95%1C%C3%80%1C%C3%90j%C3%ABK%158%C2%8EG%C3%AB%C2%AA%14%1F%3D%C3%92%C3%A9%C2%96%00%08FL%0B%1B%12K%C2%A5%08%C2%96%C3%99%C3%8E%C3%98%3B%C3%A1%C2%AA%C3%83%C2%A6F%C3%A5%1C%29%C3%88%0E%10%C2%88%C3%BAb&ut=l&moeclickid=6384fc48e4b269683533c8d3_F_T_EM_AB_0_P_0_TIME_2022-11-29+04%3A15%3A02.947300_L_0ecli11&rlink=https://info.ekincare.com/the-healthcare-pay-day-sale HTTP 302
https://info.ekincare.com/the-healthcare-pay-day-sale Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request the-healthcare-pay-day-sale Show response
info.ekincare.com/
Redirect Chain

http://linksg.ekincare.com/ls/click?upn=qwq3QBbsGV6o7T3dT-2B6r8DgOIvc7aylwpjoHuc5WlICpkLrOk-2B7bgM5rGfd8IRi6fCG1GjFgO2OFhLlxwYoj-2BCcrPLXel6QDMpCUfuQc6P5E80QJjAwSRP3hgL049AfYHbiBRIkU6hge7QHbTz4wolG...
https://api-01.moengage.com/v1/emailclick?em=harish_reddy%40glic.com&user_id=%40%24xy%2A%40%21h%C3%BBVdW%5Be%C3%99%C2%A6%C2%B4v%18d%C3%86mL%C2%848%C2%8C%00i%C2%BC%C3%87%C3%B3DQ%C3%A3%C3%8B%23%C2%83...
https://info.ekincare.com/the-healthcare-pay-day-sale

137 KB
15 KB

721ms
668ms

Document
text/html

2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

76937419b9505a0b28e9988e66f3b80bb8e3be7bb6e1aa2755c8c05c46a34cc1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 77189a85ef129176-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 29 Nov 2022 04:29:40 GMT
edge-cache-tag: CT-57094828013,P-25222230,MENU-49368484288,PGS-ALL,SW-0,GC-45113979874,GC-45161398482,TS-45143949274
etag: W/"9ac2b17c11f9136e8a98f3d6747642ac"
last-modified: Tue, 29 Nov 2022 03:55:15 GMT
link: </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js>; rel=preload; as=script
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: MISS
x-hs-combine-css: Disabled
x-hs-content-id: 57094828013
x-hs-hub-id: 25222230
x-hs-prerendered: Tue, 29 Nov 2022 03:55:15 GMT
x-powered-by: HubSpot

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 10793
content-type: text/html; charset=UTF-8
date: Tue, 29 Nov 2022 04:29:40 GMT
expires: Tue, 29 Nov 2022 04:29:39 GMT
location: https://info.ekincare.com/the-healthcare-pay-day-sale
server: nginx

GET
H2 200 project.js Show response
info.ekincare.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
799 B 46ms
44ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://info.ekincare.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:40 GMT
strict-transport-security: max-age=31536000
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
age: 23640027
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 77189a8a2e319176-FRA
x-amz-cf-id: lW4qF689P3Dc0HMw43ovy8wjZ74uhX_Wh4bq4rNr2huIwgx-yNd3Uw==
expires: Wed, 29 Nov 2023 04:29:40 GMT

GET
H2 200 index.js Show response
info.ekincare.com/hs/hsstatic/HubspotToolsMenu/static-1.138/js/ 10 KB
4 KB 38ms
37ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://info.ekincare.com/hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a50df52651133ee2b309daf0c3b921e9f5109067d5e11f2b8dd055f9ca3e66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:40 GMT
strict-transport-security: max-age=31536000
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: k79.hN9WG526nViFF800Vr3DxQF_q.yo
age: 10674700
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Jul 2022 14:35:54 GMT
server: cloudflare
etag: W/"0d86ec7be24f2dff2308b8edf54c2f32"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 77189a8a2e329176-FRA
x-amz-cf-id: HSb0vWYA6cup18rgH5ST0v0B7uXyg39Zyu6_fhWbspPcWqdgszRmdg==
expires: Wed, 29 Nov 2023 04:29:40 GMT

GET
H2 200 main.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1669652735995/hubspot/session/css/ 16 KB
4 KB 85ms
57ms Stylesheet
text/css 2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1669652735995/hubspot/session/css/main.min.css
Requested by: Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48e96257807abd6337cae06f2c9d920eb5845610fc80b63f578299abbef87193

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 42819
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Mon, 28 Nov 2022 16:25:38 GMT
server: cloudflare
etag: W/"6d4bc52d462932903e37dabcdfb33b48"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669652737048
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pCiDZ4pbFmcmTnv9hEwyRXWTRA6K9z%2Fm6%2FvsVFz%2FSVsupJPP4VKXfd5Y27kyejxWOfyoG8G48AWGe%2FRpeUBJRlxIMyF1w00OFXC35N7LSyhUqj%2BZxQboj86%2BfVtT0NR%2BFERCIwtkpFwi1oWvUY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 77189a8a4a989265-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_-25202732329_Menu.min.css
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-25202732329/1669652728464/ 4 KB
2 KB 77ms
50ms Stylesheet
text/css 2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-25202732329/1669652728464/module_-25202732329_Menu.min.css
Requested by: Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4d47de9a5721cf96ec3d04544d26a843f4740f688387e2ed5467aed7fb1ea14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 42606
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Mon, 28 Nov 2022 16:25:29 GMT
server: cloudflare
etag: W/"047f382d735397d21c6a7cd83cd4fc63"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669652728464
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pV%2FU4hOR2r2UX6cQ%2FXhRyDUaqERGX8V96wXXjjF%2Br0PSRYDUT3jG3yE%2FGizbtUlUWL%2F9OZXcesnroz2RqP%2B6%2FP53Ahx1sPXCeoZoXE5W9YLChWA%2Fhe75A1liZ9%2FEGy88q5BDPCoekbdP%2FnArim0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 77189a8a5a9a9265-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
66 KB 46ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10876213590

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77275d69b9cd43a364097cd28e75bcc611fbdb1f289831ff359c14e20d22c318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67094
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Nov 2022 04:29:40 GMT

GET
H3 200 logo.png
info.ekincare.com/hs-fs/hubfs/ 6 KB
7 KB 152ms
150ms Image
image/png 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.ekincare.com/hs-fs/hubfs/logo.png?width=1080&name=logo.png
Requested by: Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 157564d02447db7b7cd58fc1367e79245d1eae693b2f63f558ef08cb84034774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-51947116758,P-25222230,FLS-ALL
x-amz-request-id: GD34STJJ5MSZSBJ5
x-amz-server-side-encryption: AES256
edge-cache-tag: F-51947116758,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: "005797ba831d972721a2f492a9cbb79a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1660726402962
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: ZxjCKkJjmqn3SLAscjyP3qEW.ZClAMpM
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-51947116758,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5899
x-amz-id-2: H1tkkkdPj6evaUyEPkI/lbJl7h/bWt29BHbP8GjjcGgJbG7KZcqHsgIgPVr0LY8+XZVvGlNHdSg=
last-modified: Wed, 17 Aug 2022 08:53:23 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 77189a8ab890bbbc-FRA
x-amz-cf-id: Jf3DoFDpAZciTd5wxNGq9gJBU5mQdGB6f3MsueX5P9IgYYc9pbjfFw==

GET
H3 200 01.svg
info.ekincare.com/hubfs/ 4 MB
2 MB 161ms
160ms Image
image/svg+xml 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.ekincare.com/hubfs/01.svg

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

660993384ad361177e523dfbaceac1162e84c28eeda604330d37d9108a3940fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-57104633807,P-25222230,FLS-ALL
x-amz-request-id: Q5GSNEYZ900VGYCP
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57104633807,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: W/"4c66274baa02fcbe8319e281f47e6526"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669627269063
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: dV7eEvWHYj309Qp55xlutkxVLdO4bOQJ
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57104633807,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 1jPcnZu87JmRZZaalmhsflvKu4y7ykWxXrS6+ZHysazSQf9+nAhytXrIGdxTfEXmKioN3noa5fY=
last-modified: Mon, 28 Nov 2022 09:21:10 GMT
server: cloudflare
cf-ray: 77189a8ab892bbbc-FRA
x-amz-cf-id: L7JMPqC-WrtuOh6rTnkPDvb_iBQhnlS_dy1lgEoRC8YGq7kl41DcAQ==

GET
H2 200 main.min.js Show response
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1669652714408/hubspot/session/js/ 1 KB
923 B 59ms
59ms Script
application/javascript 2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1669652714408/hubspot/session/js/main.min.js
Requested by: Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bf35e4bc40ef014056ff7654320abb37f6bbdce0acce201e1d569d9f1d404a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 42818
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Mon, 28 Nov 2022 16:25:15 GMT
server: cloudflare
etag: W/"44b06d5fe34215fa80eddea17576c7d2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669652714714
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nC9KM5SWdtMNCPGVu84eI6YloMt%2FUYmcQAoOk03psrKiKSSWx8fTlUWmanTwAmf0ca2%2FF3u4yQY%2Fv%2F5tkZ7Kf6bcSilu%2FMl5MqhNTn5p4%2BOlXedINysXeBv8jhhwNUlSdlvBOL8OsxT3f3hIWtM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 77189a8aaaf79265-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_-25202732329_Menu.min.js Show response
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-25202732329/1669652727434/ 8 KB
2 KB 57ms
57ms Script
text/plain 2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-25202732329/1669652727434/module_-25202732329_Menu.min.js
Requested by: Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 892ba16712f404c60c6b4c446715a47495b7cdd0f81098f44ddba1ff2b825e2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 42606
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Mon, 28 Nov 2022 16:25:28 GMT
server: cloudflare
etag: W/"ff082da4d989c3887da8b7c9e2f97e85"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669652727434
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WMSJkip%2Bt0pcMpY4HhugoL28duwCePBPJcDMHYYsdhJONGE6YD%2BPIEdZwxxPJyQMDTcv0LqVfFZbdGvEHw0a4pAIvAWhfNg3Zxj8EqqmwosG2zzdNAUf8L2tYl2FqJOran3D%2FJSFyLeCDCWEnU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 77189a8abb0a9265-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 25222230.js Show response
js-eu1.hs-scripts.com/ 2 KB
871 B 71ms
19ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-scripts.com/25222230.js
Requested by: Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5f1b2fc9d1caa2d71285c99a617dd56a514b1fea96bbccc839fa4d019e1c521

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:40 GMT
content-encoding: br
cf-cache-status: HIT
x-hubspot-correlation-id: 7fb6cd9a-956a-468d-bdca-9c053417e04c
age: 4
cf-polished: origSize=2018
cf-bgj: minify
last-modified: Tue, 29 Nov 2022 04:29:36 GMT
server: cloudflare
x-trace: 2B23AA3877BB1C460E59EF4657F3A0DA2D170A7D55000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://info.ekincare.com
cache-control: public, max-age=30
access-control-allow-credentials: true
cf-ray: 77189a8b0e0d90ba-FRA

GET
H3 200 1801%20%284%29.svg
info.ekincare.com/hubfs/ 1 MB
852 KB 152ms
151ms Image
image/svg+xml 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.ekincare.com/hubfs/1801%20%284%29.svg

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0f3ab3a244facfe842d2a3f741b5258af90efbe034d20262611da6604240776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-57128634823,P-25222230,FLS-ALL
x-amz-request-id: C32XT071XT3WAEXH
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57128634823,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: W/"132eb95c10e939bb4065688b51ec0633"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669654499852
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: bh9KdoFmH88XdEMz4EF61FAkRDU3AdqT
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57128634823,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: HhZ2Fv76M0Sk2X1isQE3WHwrxjjN9Egv0+YZLeFp+J59LfJ4sfIL/YqTrfCstmEfEuyl3LjJbCk=
last-modified: Mon, 28 Nov 2022 16:55:00 GMT
server: cloudflare
cf-ray: 77189a8ab89ebbbc-FRA
x-amz-cf-id: ETeDwIDMy0dRzY6ECNdaUIW0_-dTNcG2kEKTgBIjij4nnrvXlLiOzg==

GET
H3 200 regular.woff2
info.ekincare.com/_hcms/googlefonts/Nunito_Sans/ 44 KB
45 KB 255ms
254ms Font
font/woff2 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://info.ekincare.com/_hcms/googlefonts/Nunito_Sans/regular.woff2

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ddbbb9e766d3b92a6a914112e48ddced3d0272317680b8b79b0c00da6950dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
Origin: https://info.ekincare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

expires: Tue, 13 Dec 2022 04:29:41 GMT
date: Tue, 29 Nov 2022 04:29:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 d0b8b50936db949f99b5544ecb5eda1c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: Yau14SIA3iTNQzEk2WyLTRwOd2_Kx6FW
x-amz-cf-pop: MUC50-C1
x-amz-request-id: 5BZ5Q6VJ1F4SNEAV
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45132
x-amz-id-2: kHhiJJGt3gnmlptTv/5OpWgvAk2Q5iMGVL6512RaH7beGTTbQsZjs0q7MIXCEZ5jDvYiREf9aMo=
last-modified: Fri, 26 Aug 2022 20:13:43 GMT
server: cloudflare
etag: "484b6d4ec2d20c4f21f945b17b9d7094"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 77189a8ab8a1bbbc-FRA
x-amz-cf-id: GGzkG_XJDN4aA_lvh9s244H6LKUHt_IHNaogVa3St5RZB47TIx_oXg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5

GET
H3 200 800.woff2
info.ekincare.com/_hcms/googlefonts/Nunito_Sans/ 45 KB
45 KB 256ms
255ms Font
font/woff2 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://info.ekincare.com/_hcms/googlefonts/Nunito_Sans/800.woff2

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbbfaf906c244721d1726cb2c8e99656d7e04896929a5fe5ea6a24b9c185a8b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
Origin: https://info.ekincare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

expires: Tue, 13 Dec 2022 04:29:41 GMT
date: Tue, 29 Nov 2022 04:29:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 b90884acab23625db851d03bcf681a26.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: srfgVYIMbKGDEv1iNX3ojbGJDAN8.e2A
x-amz-cf-pop: MUC50-C1
x-amz-request-id: 2X397CS4H51T2M8F
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45732
x-amz-id-2: okqOL6B0EeRah97RgR14bLKV1uCZBGjEAzedYHKLV0fEgV9e/dBXFMrovd6iudi9H0HrE2zdbKE=
last-modified: Fri, 26 Aug 2022 20:13:49 GMT
server: cloudflare
etag: "987f4558b0d7a5722c8bb2dd330b4a92"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 77189a8ab8a3bbbc-FRA
x-amz-cf-id: ecsIMOnKKXaYZt55WZSeR6kWPspdj93Hjd-hymacU7lzP7AwfQOaMg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5

GET
H3 200 300.woff2
info.ekincare.com/_hcms/googlefonts/Nunito_Sans/ 44 KB
45 KB 258ms
256ms Font
font/woff2 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://info.ekincare.com/_hcms/googlefonts/Nunito_Sans/300.woff2

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f25ee03ebc697d05ae957c5a4615ef6e60d945893508009a40008a97f9faf8f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
Origin: https://info.ekincare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

expires: Tue, 13 Dec 2022 04:29:41 GMT
date: Tue, 29 Nov 2022 04:29:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 5b3be43b5ff3292b36e9c737ff94254a.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: KeBxaDjEKAPhZFkXUuA9LqeB3SFVbWM7
x-amz-cf-pop: MUC50-C1
x-amz-request-id: PDG7FVBFX8TFFVZR
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44940
x-amz-id-2: 5FWEvHZXGT4QrPeaaf3weZ9MDQXkyBjh8OTtzX2uFPjAzGiFxMSJJtzZEVAmJIEokV4UfAkNMT0=
last-modified: Fri, 26 Aug 2022 20:13:41 GMT
server: cloudflare
etag: "291d0820843fd8a7afd6a0479a2903c6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 77189a8ab8a4bbbc-FRA
x-amz-cf-id: _cDITmYt4Aa2Wm5wyAB0HAj1YxYCS3bBcv6KV--tafI7VGkpkMwuAQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5

GET
H3 200 10.svg
info.ekincare.com/hubfs/ 3 MB
2 MB 261ms
260ms Image
image/svg+xml 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.ekincare.com/hubfs/10.svg

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c6304bc797031e32ab6d8846435ebf72f9bd771a90afab201b352bc49b21f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-57111446990,P-25222230,FLS-ALL
x-amz-request-id: C32SVGV4B0WZ8TR2
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57111446990,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: W/"6b5a7f72d05089bcd1b068f83ad2d9aa"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669634625647
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: WWz.1ULskvq3xXVt4EPVuJPyLZe6GwAW
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57111446990,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: gsO/5Gisu2snQ2m750GtSaduW9CNKenvlVdW2Y2LjcUx7SgXGjZ9Me8oDWi8CfGS8zV2BoQn0JE=
last-modified: Mon, 28 Nov 2022 11:23:46 GMT
server: cloudflare
cf-ray: 77189a8b1940bbbc-FRA
x-amz-cf-id: dH9Q-tcajyRXNwjNMlIq7bl-9ufVo-GkC1OT9mdaVo_ZmLjZGqaOag==

GET
H3 200 11.svg
info.ekincare.com/hubfs/ 3 MB
2 MB 205ms
201ms Image
image/svg+xml 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.ekincare.com/hubfs/11.svg

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7730a317f9c8922cca7e18d0fa6b976e7add83cc75d8e283aae34ddd339bbd26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-57111416046,P-25222230,FLS-ALL
x-amz-request-id: C32ZNBWMTJB2Z20D
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57111416046,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: W/"5b8f6f275bad4dc03bc35a3a463264e8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669634625740
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: 1AhOL4tQ4B56ivzjqcxaqxWswXdp0Dxo
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57111416046,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /Osmc66s0Rg303ThpRQWvgvm/OvYj1z2dOxaWrtTcoLt/PnuI45xrZ1awzOXNYgagCCfQCsX7I8=
last-modified: Mon, 28 Nov 2022 11:23:46 GMT
server: cloudflare
cf-ray: 77189a8b1955bbbc-FRA
x-amz-cf-id: 8bw46NR3mE9WSY5-cDt6qi4HYHx60rOz2TpHpI7DCCuk-WKTrN5hYg==

GET
H3 200 12.svg
info.ekincare.com/hubfs/ 1 MB
959 KB 203ms
200ms Image
image/svg+xml 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.ekincare.com/hubfs/12.svg

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

867c94a3147c1dac5ef29355122f88a1b2fb626324f7ec66954ad5ffa8c95e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-57111446979,P-25222230,FLS-ALL
x-amz-request-id: JET7GX3TXEJS9V1T
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57111446979,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: W/"916b2978402d8606559d66e0cf092255"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669634623374
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: Tsiu.VcRMOaFhiJeGpaXYiyEaw8ICs2k
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57111446979,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 8Hp//kBJhmrrcmg1+beZbN35xSurSBXQ89sjN0nob0/9xI3vXBvpfBFvimYA46qhSHIeZIlVLIg=
last-modified: Mon, 28 Nov 2022 11:23:44 GMT
server: cloudflare
cf-ray: 77189a8b1956bbbc-FRA
x-amz-cf-id: HUWNRsyAx7UdmzwD_J88yw3QdyB0sOheRZ56Y9sn3c-s6GI3gDfX3A==

GET
H3 200 For%20Payday%20Sale%20-%20ON.png
info.ekincare.com/hs-fs/hubfs/ 22 KB
23 KB 240ms
236ms Image
image/png 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.ekincare.com/hs-fs/hubfs/For%20Payday%20Sale%20-%20ON.png?width=280&height=180&name=For%20Payday%20Sale%20-%20ON.png
Requested by: Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1806efe0cb955108fbf25dff89faecffda2bd966a99a47148e0ea0c42d5f62b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-57111997402,P-25222230,FLS-ALL
x-amz-request-id: RKQQW996GFR6PMGG
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57111997402,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: "1b0c83de8bdffd1d9b9fd5673363ce02"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669635418690
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: PyTjyT3eIjMJw3yOueOsn5azPXlUXe0l
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57111997402,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22588
x-amz-id-2: El1xd6X4cfZOFEJYfV8oxQV01IdbDIBI50zRqxd4MHNJTwja8zo4BXwEuQh0rSqw/3yH8kz2JtQ=
last-modified: Mon, 28 Nov 2022 11:36:59 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 77189a8b1958bbbc-FRA
x-amz-cf-id: ez1TyLAK1EtwbSmUsa2mB5WYscz3Bq5ERciXvo3c5IjbHVnsCJFVYw==

GET
H3 200 For%20Payday%20Sale%20-%20MB%20Whey.png
info.ekincare.com/hs-fs/hubfs/ 25 KB
26 KB 240ms
237ms Image
image/png 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.ekincare.com/hs-fs/hubfs/For%20Payday%20Sale%20-%20MB%20Whey.png?width=280&height=180&name=For%20Payday%20Sale%20-%20MB%20Whey.png
Requested by: Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0f507500923a0acba8f556a4b56832a782f6f78a28fa0c439be724a8b76ca44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-57111997420,P-25222230,FLS-ALL
x-amz-request-id: DD34VWZA165THKHQ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57111997420,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: "10cbad20c651a0a70b49d3f860d65fdc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669635437444
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: _zxJVxz8NRSdjYBqEX_qn1aO8tE2BBPF
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57111997420,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25879
x-amz-id-2: yNlnocylumgSuv8u9jJTkOmxaAg9nIgc3A4/efWkqg7xFamW3lJ73WM1DzbIZzNv4/9x5SSVYlg=
last-modified: Mon, 28 Nov 2022 11:37:18 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 77189a8b1959bbbc-FRA
x-amz-cf-id: G7Q0ocMvHZ3Dt4hQ77NqI8aJeYW1ZWFRYRe_axqnzB3BQ92okDpNvA==

GET
H3 200 For%20Payday%20Sale%20-%20Weight%20machine.png
info.ekincare.com/hs-fs/hubfs/ 17 KB
18 KB 241ms
238ms Image
image/png 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.ekincare.com/hs-fs/hubfs/For%20Payday%20Sale%20-%20Weight%20machine.png?width=280&height=180&name=For%20Payday%20Sale%20-%20Weight%20machine.png
Requested by: Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cf4e2a0a3eb864e7b1dd298b80d3a6fb20db63ba055002f06cd231ba2141eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-57112104900,P-25222230,FLS-ALL
x-amz-request-id: DD3E9WD14YG6KMR8
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57112104900,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: "5eae17ff8dbb4208b870d44f3a11e6a7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669635536993
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: 1l2ywoqmQTkxJ3vNxv_boTK8wMmonYPM
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57112104900,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17789
x-amz-id-2: lC5aOdnqM7lmYbgoqIPNMXy+e75S/80i/q3XUmppPPWs3m1TVzumYrRqajOdyTSZMyZZio2CxKc=
last-modified: Mon, 28 Nov 2022 11:38:58 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 77189a8b195bbbbc-FRA
x-amz-cf-id: V1wf5h90Yt3Ga2IFqHuJ1SG9VNU5yWlKFmsuMZgGVIhQABBIsXjRzg==

GET
H3 200 For%20Payday%20Sale%20-%20Fat%20analyser-1.png
info.ekincare.com/hs-fs/hubfs/ 23 KB
24 KB 241ms
238ms Image
image/png 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.ekincare.com/hs-fs/hubfs/For%20Payday%20Sale%20-%20Fat%20analyser-1.png?width=280&height=180&name=For%20Payday%20Sale%20-%20Fat%20analyser-1.png
Requested by: Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdca5eadd4bbf10e354e5a56ce7bdbbd0b1087d2e359841b35af9c7ed3b89bd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-57112105170,P-25222230,FLS-ALL
x-amz-request-id: H8N3HZWZWM923D0C
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57112105170,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: "e18cb63e66236c8f2fef42a2cf7d4d7c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669635626928
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: 33aTmIg10BzEiqqev32KbJOHVYRCI43g
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57112105170,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23821
x-amz-id-2: bR9LyLsXflHsdnKgC6ycTJh4b/wzfxFIQx2ZwqVQ/VzYJqV+9h0jql+Lwg+lnEQaRYYK7Ax9VBg=
last-modified: Mon, 28 Nov 2022 11:40:27 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 77189a8b195dbbbc-FRA
x-amz-cf-id: Zwvel4JcnokMP4RecNqd4GBLRG-COhc2u664GrHhTR9omZFVTn98OQ==

GET
H3 200 For%20Payday%20Sale%20-%20BP%20monitor.png
info.ekincare.com/hs-fs/hubfs/ 30 KB
31 KB 338ms
336ms Image
image/png 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.ekincare.com/hs-fs/hubfs/For%20Payday%20Sale%20-%20BP%20monitor.png?width=280&height=180&name=For%20Payday%20Sale%20-%20BP%20monitor.png
Requested by: Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0f61df126a36b336d302efbb6948b52d9a4121e21d9b2e0e653b89a43e54d4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-57111998144,P-25222230,FLS-ALL
x-amz-request-id: H8N16SPKCCN4K2YZ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57111998144,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: "1f41272913c0aa3ccf5275fb3ba61ead"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669635647527
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: gdAk2xFhFNKxQtRNZ90D6GoX.b82PW9K
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57111998144,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30399
x-amz-id-2: yuW0L3s2RCa7RdfaxMBBqaL5VdO1XKmLS0m5jH/AaHK1QR9r4pe5HuOJj4kBg3QyGTwF3tdy3Z0=
last-modified: Mon, 28 Nov 2022 11:40:48 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 77189a8b195fbbbc-FRA
x-amz-cf-id: JdSLVu-gFcw4SrP9-Yjigc5hLyJ07RomSCWtfuZ8-KMxLdEIqb0ZuA==

GET
H3 200 For%20Payday%20Sale%20-%20Body%20fat%20analyser.png
info.ekincare.com/hs-fs/hubfs/ 21 KB
22 KB 242ms
240ms Image
image/png 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.ekincare.com/hs-fs/hubfs/For%20Payday%20Sale%20-%20Body%20fat%20analyser.png?width=280&height=180&name=For%20Payday%20Sale%20-%20Body%20fat%20analyser.png
Requested by: Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fba673b6ed0620e0594c42c553a2e17d60c00dfdd0ca8ed4ba0d2a692a29c98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-57112629723,P-25222230,FLS-ALL
x-amz-request-id: DD3DFJNCSSKT2PXE
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57112629723,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: "42055d3f32d1a1e967f7334e1fca28b1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669635831763
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: OK_.3iIpUGxzCgTVIENyYqx0ex6PzwXl
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57112629723,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21852
x-amz-id-2: s/CFjTITvT6DnSULTtu1R0g1MbByogvIxK87Bgr6/A/sK2URYDukioVypTS52CXxiVXleaMt0rE=
last-modified: Mon, 28 Nov 2022 11:43:52 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 77189a8b1960bbbc-FRA
x-amz-cf-id: 43qk6TIduksPp8h7c2Dgk_oVkPeW5K-D3mB388bgM3JsDK16P_r83w==

GET
H3 200 7.svg
info.ekincare.com/hubfs/ 2 MB
1 MB 243ms
241ms Image
image/svg+xml 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.ekincare.com/hubfs/7.svg

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a14a86a3ba924dd22afbd5d5dd91606d253a6968287d4032ef7486dce901798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-57111446981,P-25222230,FLS-ALL
x-amz-request-id: Q5GZMHQCCBDMKVQ5
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57111446981,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: W/"5c761338726eb33498bb645838e61666"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669634624001
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: d28Wxvg83p2E6LWhh_VRCVmd_X5hhL1Q
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57111446981,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: FFLxxjTbG6BBP4Xts6Hh8h5UWN3BadvdX/AjOR5oWw40QzL7uFwQ4XXb09KmbBGrYZDQtGE0I4k=
last-modified: Mon, 28 Nov 2022 11:23:45 GMT
server: cloudflare
cf-ray: 77189a8b1961bbbc-FRA
x-amz-cf-id: 51yBN35w2W0thDlbV1Nx0LB-nQtVXMaJPcRJzmZo-ljDh4XZsqbhYA==

GET
H3 200 17.svg
info.ekincare.com/hubfs/ 2 MB
2 MB 312ms
310ms Image
image/svg+xml 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.ekincare.com/hubfs/17.svg

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff986a60a80e77f867bfec41de3532a371f71391b87c7dacfbb26b7e4527c530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-57111446986,P-25222230,FLS-ALL
x-amz-request-id: Q5GXEP5F3KMERRSY
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57111446986,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: W/"82f8d13b16faf91ec1ef752b792304c5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669634624647
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: EElcb_vmQHv1kDKZl5DHBZiWIoS1v_lG
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57111446986,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: qZix7I3JUz636KgoqNi3v64qeEfT0gdKzVoNiDlKa4ln12DjK0qmiJXqhgANNXhLPK6GASv+g8E=
last-modified: Mon, 28 Nov 2022 11:23:45 GMT
server: cloudflare
cf-ray: 77189a8b1962bbbc-FRA
x-amz-cf-id: XCdhzrHljTwcHPaiVP_5qgd8pbmDyYxuhgVrOhhpIDebeQriTD3cZQ==

GET
H3 200 13.svg
info.ekincare.com/hubfs/ 2 MB
1 MB 370ms
367ms Image
image/svg+xml 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.ekincare.com/hubfs/13.svg

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2776d23c472ba841e571de68f984da94528a31547b0196d6459046c7c475843

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-57111446983,P-25222230,FLS-ALL
x-amz-request-id: Q5GYMVB5XHXND41Q
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57111446983,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: W/"09d0930b4b46879ef48e0ce2e5d15592"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669634624096
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: n2ZrGIOK3bpH8a.x8gOg4o07imWhYGiV
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57111446983,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: IDOr+JAZ3MGlfnGB/emS45ECBJ36O0OmUscahf6jrOmShV2C+C6kh7/OnoCVBVF45jtNWyRe0Zo=
last-modified: Mon, 28 Nov 2022 11:23:45 GMT
server: cloudflare
cf-ray: 77189a8b1964bbbc-FRA
x-amz-cf-id: A1LBjscLOrH84OIBTMjT9Qjcrn1nR3mua109L1DiDT5vU5N-bz2aKA==

GET
H3 200 For%20Payday%20Sale%20-%20couple%20package.png
info.ekincare.com/hs-fs/hubfs/ 98 KB
99 KB 403ms
401ms Image
image/png 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.ekincare.com/hs-fs/hubfs/For%20Payday%20Sale%20-%20couple%20package.png?width=280&height=180&name=For%20Payday%20Sale%20-%20couple%20package.png
Requested by: Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c182d9f68f7cdce3db54e60433e2bca9e01f2d8a21ecf087a489365c2fff02c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-57128636901,P-25222230,FLS-ALL
x-amz-request-id: RWAS1HVYPCJWTQBY
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57128636901,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: "72864977fa7e64d21dc78a5973614332"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669655547597
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: YiDMP3WzGBfptkugaP9tthrQ8nujPXie
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57128636901,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100294
x-amz-id-2: A9sHQwi+Uxa90zHXIls8qTvBgWDtWpNlk+dPQWDi9x103k5j1mJHpWl+bmwljisE2AafeSc6rvI=
last-modified: Mon, 28 Nov 2022 17:12:28 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 77189a8b1965bbbc-FRA
x-amz-cf-id: GlRURFjY3UN3W0OtXXxnFjQPvGRb56mUhim7OmDtbPCF2QlHV_mjmg==

GET
H3 200 16.svg
info.ekincare.com/hubfs/ 2 MB
2 MB 406ms
404ms Image
image/svg+xml 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.ekincare.com/hubfs/16.svg

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f35179c911d2736c5798fd33a63e0d8b8e7a5584a3fe4446bacfc59b09e1347f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-57111416045,P-25222230,FLS-ALL
x-amz-request-id: W8RFQNRPBFAD7VDV
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57111416045,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: W/"2c42525fd1b7f32d72f69a0110577d29"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669634624384
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: 4aqta9p.dEOgEyWuD7Mt_211MsSsxlue
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57111416045,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Oi/H3RlokqdmdwdBWWSRcZ0I9nTFqqsdRE7nvvGpRcyAbAsc0UwVZJRbHNV14THvRWc33Mvo59A=
last-modified: Mon, 28 Nov 2022 11:23:45 GMT
server: cloudflare
cf-ray: 77189a8b1966bbbc-FRA
x-amz-cf-id: wlIU5LPOwuaZHzIoB6B2etPdeJKH9EhGsMb8zQWJ7G6KiDp4oogOAg==

GET
H3 200 For%20Payday%20Sale%20-%20Vaccination.png
info.ekincare.com/hs-fs/hubfs/ 58 KB
59 KB 465ms
463ms Image
image/png 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.ekincare.com/hs-fs/hubfs/For%20Payday%20Sale%20-%20Vaccination.png?width=280&height=180&name=For%20Payday%20Sale%20-%20Vaccination.png
Requested by: Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7952a09c69ca5f94bef6a6d93b9db266f34e766025d85fdca7baf5ba100cc1fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-57113209298,P-25222230,FLS-ALL
x-amz-request-id: DD3696Z79W5ZQHB6
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57113209298,P-25222230,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReads 5
etag: "deeae015213e594c4bc421439ce60b91"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669636930983
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReads 5
date: Tue, 29 Nov 2022 04:29:41 GMT
via: 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: r6qMUyvI2OLCs9Zvm1KCavsA7_bq9kMP
x-amz-cf-pop: FRA53-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-57113209298,P-25222230,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59192
x-amz-id-2: /APfLDY2m+u/3NTlS7ENUI4P13akuGI88c12i4dAuFAmNRcSGNDRHLMEu3f8UmULgMt0MvTqZ3E=
last-modified: Mon, 28 Nov 2022 12:02:12 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 77189a8b1967bbbc-FRA
x-amz-cf-id: oITsSUH3bnMJsfpmlFZ_HgPx5fP-biUDSumSIeAL44pe86DV7Mc9Uw==

GET
H2 204 has-permission Show response
app-eu1.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
749 B 186ms
140ms Script
text/plain 172.65.236.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-eu1.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=25222230&callback=jsonpHandler

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
server: cloudflare
x-hubspot-correlation-id: 128da525-c7f9-46eb-97c1-53aec0c0b5a2
x-trace: 2B4D488677A7751F6F45A446B383B0C4F4F6205C7A000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 77189a8b7e169279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=77189a8b7e169279&resource=unknown"

GET
H2 200 collectedforms.js Show response
js-eu1.hscollectedforms.net/ 68 KB
25 KB 85ms
32ms Script
application/javascript 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25222230.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5ccb8244c804a0019759f1c5ba015f9ccfc2e8cf7781c6a2b2126f120bfc96a

Request headers

Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
Origin: https://info.ekincare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:41 GMT
x-amz-version-id: _5EZs_H26Fc6JgVRh7ahoi0orqifRkcW
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.311/bundles/project.js&cfRay=77189a8b7d19925c-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Wed, 16 Nov 2022 03:41:33 UTC
server: cloudflare
etag: W/"59a69a76233d8365d7266548d5703c09"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 77189a8b7d19925c-FRA
x-amz-cf-id: A0KywAcAJ1WF4F02IuTmgGfDuaWs0zG67jo0Gh-hQmXcc7C905dCyA==
x-hs-target-asset: collected-forms-embed-js/static-1.311/bundles/project.js

GET
H2 200 25222230.js Show response
js-eu1.hs-banner.com/ 60 KB
16 KB 65ms
19ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/25222230.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25222230.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab89435e52d1e1a893d6997070ce137e8b11a6f29944c74421f82dd5b75f0c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:41 GMT
x-amz-version-id: W7yRvv9KLRQWt9KJF5PGrBQs6JWhrlcp
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: H7MYCTEHD32V7NFQ
age: 149
x-amz-server-side-encryption: AES256
x-amz-id-2: N8E4E5pdXCLuexV3jyUK9YJwB9Uw1MUasXfrI/O4HfrZRlIt0ORzxjgSU1QZBsZpofAQtJo3+n0=
last-modified: Tue, 25 Oct 2022 21:01:18 GMT
server: cloudflare
etag: W/"4ed8c84e3f5794b581cf89efde05c053"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.ekincare.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 77189a8b7fa89b70-FRA
expires: Tue, 29 Nov 2022 04:32:12 GMT

GET
H2 200 fb.js Show response
js-eu1.hsadspixel.net/ 6 KB
3 KB 64ms
19ms Script
application/javascript 172.65.219.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hsadspixel.net/fb.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25222230.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f97a1f00cd5aaa7a0e2ae8a3a47031764054e46fa624f71043b618b4c2398b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:41 GMT
x-amz-version-id: aoUPWE.Bu9NRjxDy7F1Soox3yNWe2Us6
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 455
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.302/bundles/pixels-release.js&cfRay=77188f71c9119290-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 03:38:56 UTC
server: cloudflare
etag: W/"c32a10854f4ff995fc7198ba0324bcc6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 77189a8b7a32bb38-FRA
x-amz-cf-id: U48dlBLfrpj7q7_B6jXGqgrrSX_-weTsDHl4JulBkCdBVEOozeWkdw==
x-hs-target-asset: adsscriptloaderstatic/static-1.302/bundles/pixels-release.js

GET
H2 200 25222230.js Show response
js-eu1.hs-analytics.net/analytics/1669695900000/ 64 KB
20 KB 66ms
20ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1669695900000/25222230.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25222230.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3701a849dfa58bc4c389268d2a5acb47ea50a50fbc7b5d0070c5bf3e17ff42f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:41 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 2BT05H3VE3MTXAVS
age: 178
x-amz-server-side-encryption: AES256
x-amz-id-2: 6xCymI1x08htxtpz8F8X/oUnNZUUJYh/Q1QNimFBegYIS1NGmSeXyGg6pw9TSL2LWbDeK+b9KWs=
last-modified: Mon, 28 Nov 2022 21:13:03 GMT
server: cloudflare
etag: W/"2618eb83c83839fef8aebd747dc12d8d"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 77189a8b7a23bb7d-FRA
expires: Tue, 29 Nov 2022 04:31:43 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10876213590/ 2 KB
1 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10876213590/?random=1669696180996&cv=11&fst=1669696180996&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Finfo.ekincare.com%2Fthe-healthcare-pay-day-sale&tiba=The%20Healthcare%20Pay%20Day%20Sale&auid=1257769915.1669696181&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10876213590

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7504b52ad0b08449e25077544e29de95afabaeda904fe657fe25d0a2cf1c22cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 04:29:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10876213590/ 42 B
548 B 42ms
18ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10876213590/?random=1669696180996&cv=11&fst=1669694400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Finfo.ekincare.com%2Fthe-healthcare-pay-day-sale&tiba=The%20Healthcare%20Pay%20Day%20Sale&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=510803106&rmt_tld=0&ipr=y

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 04:29:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10876213590/ 42 B
548 B 42ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10876213590/?random=1669696180996&cv=11&fst=1669694400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Finfo.ekincare.com%2Fthe-healthcare-pay-day-sale&tiba=The%20Healthcare%20Pay%20Day%20Sale&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=510803106&rmt_tld=1&ipr=y

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 04:29:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixel/ 74 B
841 B 70ms
44ms XHR
application/json 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=25222230

Requested by

Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c3e83d5c3fab72f1bcf28d3c1ae5c7b160c6ef28ec316a8da2a3dd3558554cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 446cc5a7-a485-4fa7-94ca-bcbc8a7ec5a8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B628539EFC1A7C15062FC98BF2A6EFA8867E2A596000000000000000000
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://info.ekincare.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2B2ZHyVRYR34ik78oH1WaSNuKW1hakmuEZ2SwoZUWcr9%2F8IWXVaKXoPOuk6NphdJrf0iWSlR%2BmrjELdaGGKfs9wZY4aTmXR5FNbXXFPi9wcZdKae34aBl0f7UhzeDeq26D%2Ba8wjEO03aGS6Fqg5Neg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 77189a8bcff6918e-FRA
access-control-allow-headers: *

GET
H2 200 json Show response
forms-eu1.hubspot.com/collected-forms/v1/config/ 116 B
1018 B 85ms
27ms XHR
application/json 172.65.193.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hubspot.com/collected-forms/v1/config/json?portalId=25222230&utk=

Requested by

Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.193.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5b2c34a0b1990260253574c773fff58368ce67ff8b584de90baeadd898fe51f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a19ac363-d457-41cf-b04e-da55700e001c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://info.ekincare.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIK3nOjyDsRE727g599JIxnI%2BfWndvL5NlDcxNco9Nq%2FrGKeB225MeJTK96YQqLdHPZwvtiRItWoExzoGx1VaHBTFSOvafSq35SYdSCQOR2hjZjQgJ873xF6VadCJhMv%2B5uQWWpbgw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 77189a8c4d819ba0-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 44ms
15ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 29 Nov 2022 04:29:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: KCofOyFAqp7zadGqBbdBgiTfYMx9C/EEIG9wZmDq6wDXg3wiUGuHOLWyrVEdBy8YeuBCPn4orRobYMuqgWcdHQ==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
724 B 114ms
61ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1478983231&v=1.1&a=25222230&pi=57094828013&ct=landing-page&ccu=https%3A%2F%2Finfo.ekincare.com%2Fthe-healthcare-pay-day-sale&cpi=57094828013&lpi=57094828013&lvi=57094828013&lvc=en&pu=https%3A%2F%2Finfo.ekincare.com%2Fthe-healthcare-pay-day-sale&t=The+Healthcare+Pay+Day+Sale&cts=1669696182063&vi=4dd5336b6e2dd291e0d36b90b86408ee&nc=true&u=25538274.4dd5336b6e2dd291e0d36b90b86408ee.1669696182060.1669696182060.1669696182060.1&b=25538274.1.1669696182060&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 04:29:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5a4f8537-47fd-4805-a08a-d3b356e29f44
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
last-modified: Tue, 29 Nov 2022 04:29:42 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHRQhx706IN3CUBuEQdVaWtB3NwzzjfheIWZ3Nia4qKJB7ZYJU%2BduynyFdcMg4YXwv7wR0nd2%2BOpXqui%2FxS71hA5JYqXdapJxhWik8pnqoLhYFFvz2KuvhX8qqO88dLg%2BYc6CyByow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 77189a9248fe8ff8-FRA
x-robots-tag: none

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 30ms
14ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 29 Nov 2022 04:29:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: wUVZ0ybUvq8nkp8eux83bQvMRIhBqeyW0ewZoFetJafF9hLyhNmBWfIuU94+ELLUTMzhEODBhkNR1KaDffaNQw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 492685512393812 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 68ms
53ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/492685512393812?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35d54dd6a6b17ddd64ee7d47853a042d775dac61be501996ab46a9804925ea22

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 29 Nov 2022 04:29:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: cimSn/CQKllnETkELFjas4LsSHhK8Fz978lL1k20o4K2P6nLAMt85adFXih7SZzxU36HRfEhqbUyRpJlqFTCnQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=492685512393812&ev=PageView&dl=https%3A%2F%2Finfo.ekincare.com%2Fthe-healthcare-pay-day-sale&rl=&if=false&ts=1669696182227&sw=1600&sh=1200&ud[external_id]=4dd5336b6e2dd291e0d36b90b86408ee&v=2.9.89&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1669696182225.812049353&it=1669696182129&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 29 Nov 2022 04:29:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 17ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=492685512393812&ev=Microdata&dl=https%3A%2F%2Finfo.ekincare.com%2Fthe-healthcare-pay-day-sale&rl=&if=false&ts=1669696182729&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Healthcare%20Pay%20Day%20Sale%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22%22%2C%22og%3Atitle%22%3A%22The%20Healthcare%20Pay%20Day%20Sale%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Finfo.ekincare.com%2Fthe-healthcare-pay-day-sale%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=4dd5336b6e2dd291e0d36b90b86408ee&v=2.9.89&r=stable&a=tmhubspot&ec=1&o=30&fbp=fb.1.1669696182225.812049353&it=1669696182129&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 29 Nov 2022 04:29:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 200 perf Show response
info.ekincare.com/_hcms/ 2 B
308 B 156ms
155ms XHR
text/plain 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://info.ekincare.com/_hcms/perf

Requested by

Host: info.ekincare.com
URL: https://info.ekincare.com/the-healthcare-pay-day-sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.ekincare.com/the-healthcare-pay-day-sale
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 29 Nov 2022 04:29:45 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 3f6c27a3-7e37-43a9-8617-290b00d85e39
x-trace: 2B0583AEF90E55E147B30C91D9293307CF940AFDDF000000000000000000
vary: origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-credentials: false
x-hs-https-only: worker
cf-ray: 77189aa4aa88bbbc-FRA
x-robots-tag: none
content-length: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.info.ekincare.com/	1970-01-20 07:48:17	Name: __cf_bm Value: 7yqQfLlrLdBQw_Q.tYEKUiy6E6iqgPFe_ghVd12GLL4-1669696180-0-AXPgtI3VayfUG/i6TUD7fk7NmQim006WcPM2BaRYITuI400ppmw9Y6c9rUWgY+vmII9r27+7pJHitdtj/ty5xwM=
.ekincare.com/	1970-01-20 09:57:52	Name: _gcl_au Value: 1.1.1257769915.1669696181
.doubleclick.net/	1970-01-20 07:48:17	Name: test_cookie Value: CheckForPermission
.hubspot.com/	1970-01-20 07:48:17	Name: __cf_bm Value: Uxi3N6yfNVZhakZOXujHtElH8i0UJNDjXu.D2XDgILs-1669696181-0-ARVqI8IdKuFycGlJ+Q27ZMI6AfA1yg3d+bdusO/dKP+Nh0C/Hg6oeDOHGwkfO3lAGQA9AREO+xZhWDsU/sOco14=
.ekincare.com/	1970-01-20 12:07:28	Name: __hstc Value: 25538274.4dd5336b6e2dd291e0d36b90b86408ee.1669696182060.1669696182060.1669696182060.1
.ekincare.com/	1970-01-20 12:07:28	Name: hubspotutk Value: 4dd5336b6e2dd291e0d36b90b86408ee
.ekincare.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.ekincare.com/	1970-01-20 07:48:17	Name: __hssc Value: 25538274.1.1669696182060
.ekincare.com/	1970-01-20 09:57:52	Name: _fbp Value: fb.1.1669696182225.812049353

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-01.moengage.com
api-eu1.hubapi.com
app-eu1.hubspot.com
cdn2.hubspot.net
connect.facebook.net
forms-eu1.hubspot.com
googleads.g.doubleclick.net
info.ekincare.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hsadspixel.net
js-eu1.hscollectedforms.net
linksg.ekincare.com
track-eu1.hubspot.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
167.89.115.120
172.65.192.122
172.65.193.34
172.65.202.201
172.65.208.22
172.65.219.229
172.65.236.181
172.65.238.60
172.65.240.166
2606:2c40::c73c:67fe
2606:4700::6811:cacc
2606:4700::6811:f1cc
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
54.145.255.214
0a14a86a3ba924dd22afbd5d5dd91606d253a6968287d4032ef7486dce901798
0c3e83d5c3fab72f1bcf28d3c1ae5c7b160c6ef28ec316a8da2a3dd3558554cc
157564d02447db7b7cd58fc1367e79245d1eae693b2f63f558ef08cb84034774
1bf35e4bc40ef014056ff7654320abb37f6bbdce0acce201e1d569d9f1d404a5
2c182d9f68f7cdce3db54e60433e2bca9e01f2d8a21ecf087a489365c2fff02c
35d54dd6a6b17ddd64ee7d47853a042d775dac61be501996ab46a9804925ea22
45f97a1f00cd5aaa7a0e2ae8a3a47031764054e46fa624f71043b618b4c2398b
48e96257807abd6337cae06f2c9d920eb5845610fc80b63f578299abbef87193
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ddbbb9e766d3b92a6a914112e48ddced3d0272317680b8b79b0c00da6950dab
61c6304bc797031e32ab6d8846435ebf72f9bd771a90afab201b352bc49b21f5
660993384ad361177e523dfbaceac1162e84c28eeda604330d37d9108a3940fa
7504b52ad0b08449e25077544e29de95afabaeda904fe657fe25d0a2cf1c22cd
76937419b9505a0b28e9988e66f3b80bb8e3be7bb6e1aa2755c8c05c46a34cc1
77275d69b9cd43a364097cd28e75bcc611fbdb1f289831ff359c14e20d22c318
7730a317f9c8922cca7e18d0fa6b976e7add83cc75d8e283aae34ddd339bbd26
7952a09c69ca5f94bef6a6d93b9db266f34e766025d85fdca7baf5ba100cc1fa
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
867c94a3147c1dac5ef29355122f88a1b2fb626324f7ec66954ad5ffa8c95e8f
892ba16712f404c60c6b4c446715a47495b7cdd0f81098f44ddba1ff2b825e2f
8cf4e2a0a3eb864e7b1dd298b80d3a6fb20db63ba055002f06cd231ba2141eba
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8fba673b6ed0620e0594c42c553a2e17d60c00dfdd0ca8ed4ba0d2a692a29c98
9a50df52651133ee2b309daf0c3b921e9f5109067d5e11f2b8dd055f9ca3e66f
a0f3ab3a244facfe842d2a3f741b5258af90efbe034d20262611da6604240776
a3701a849dfa58bc4c389268d2a5acb47ea50a50fbc7b5d0070c5bf3e17ff42f
a5f1b2fc9d1caa2d71285c99a617dd56a514b1fea96bbccc839fa4d019e1c521
ab89435e52d1e1a893d6997070ce137e8b11a6f29944c74421f82dd5b75f0c2a
b0f507500923a0acba8f556a4b56832a782f6f78a28fa0c439be724a8b76ca44
b5ccb8244c804a0019759f1c5ba015f9ccfc2e8cf7781c6a2b2126f120bfc96a
c2776d23c472ba841e571de68f984da94528a31547b0196d6459046c7c475843
c5b2c34a0b1990260253574c773fff58368ce67ff8b584de90baeadd898fe51f
cbbfaf906c244721d1726cb2c8e99656d7e04896929a5fe5ea6a24b9c185a8b1
cdca5eadd4bbf10e354e5a56ce7bdbbd0b1087d2e359841b35af9c7ed3b89bd6
d0f61df126a36b336d302efbb6948b52d9a4121e21d9b2e0e653b89a43e54d4a
d1806efe0cb955108fbf25dff89faecffda2bd966a99a47148e0ea0c42d5f62b
d4d47de9a5721cf96ec3d04544d26a843f4740f688387e2ed5467aed7fb1ea14
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25ee03ebc697d05ae957c5a4615ef6e60d945893508009a40008a97f9faf8f5
f35179c911d2736c5798fd33a63e0d8b8e7a5584a3fe4446bacfc59b09e1347f
ff986a60a80e77f867bfec41de3532a371f71391b87c7dacfbb26b7e4527c530

info.ekincare.com Open in urlscan Pro 2606:2c40::c73c:67fe Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

47 %IPv6

16 Domains

19 Subdomains

17 IPs

3 Countries

15375 kBTransfer

21847 kBSize

9 Cookies

16 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

info.ekincare.com Open in urlscan Pro
2606:2c40::c73c:67fe Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

47 %
IPv6

16
Domains

19
Subdomains

17
IPs

3
Countries

15375 kB
Transfer

21847 kB
Size

9
Cookies

47 HTTP transactions
0 data transactions