thanks.thenutr.com Open in urlscan Pro
213.188.193.98  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response thanks.thenutr.com/	34 KB 9 KB	526ms 389ms	Document text/html	213.188.193.98 FLY
General Check archive.org Show headers Download Go to Full URL https://thanks.thenutr.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 213.188.193.98 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/07579e37 (2024-06-26) / Resource Hash 21b54ea9671978f6a2700830d70ac0ce2d253c3e5d9256f618220834068202ae Security Headers Name Value Strict-Transport-Security max-age=15552000; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * content-encoding zstd content-type text/html;charset=utf-8 date Mon, 01 Jul 2024 19:54:25 GMT fly-request-id 01J1QXSR79K9WTTQJJZ0BZQHWE-fra k-id 12 k-protect on nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} referrer-policy no-referrer-when-downgrade report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719863665&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=rwPMlcMZAxdZPm5N11PGj%2BBDSp03iYK6c3v68u8lplc%3D"}]} reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1719863665&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=rwPMlcMZAxdZPm5N11PGj%2BBDSp03iYK6c3v68u8lplc%3D server Fly/07579e37 (2024-06-26) strict-transport-security max-age=15552000; via 1.1 vegur, 2 fly.io x-content-type-options nosniff x-fly-region fra x-xss-protection 1; mode=block
GET H2	200	413baa29c3.js Show response kit.fontawesome.com/	12 KB 5 KB	264ms 176ms	Script text/javascript	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/413baa29c3.js Requested by Host: thanks.thenutr.com URL: https://thanks.thenutr.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1bf786365deda7e7b5a13939aa61e939a65288a5b87519ea92d54644a373d039 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Origin https://thanks.thenutr.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:25 GMT content-encoding gzip cf-cache-status MISS server cloudflare vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-max-age 3000 access-control-allow-methods GET, OPTIONS access-control-allow-origin * content-type text/javascript cache-control max-age=60, public, stale-while-revalidate=30 cf-ray 89c8f2a4aa784d37-FRA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id F94u5DsW284VaICmADQB
GET H2	200	css2 fonts.googleapis.com/	13 KB 2 KB	134ms 33ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=DM+Sans&family=Lato&family=Open+Sans:wght@400&family=Open+Sans:wght@700&display=swap Requested by Host: thanks.thenutr.com URL: https://thanks.thenutr.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0c109cda95af800c29c35fca3c696c3952687efec7dadee4aa5dd69e4382b927 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Mon, 01 Jul 2024 19:54:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 01 Jul 2024 19:54:25 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 01 Jul 2024 19:54:25 GMT
GET H2	200	bootstrap.min.css s.kickoffpages.com/css/bootstrap/3.4.1_simple/	56 KB 12 KB	136ms 25ms	Stylesheet text/css	2400:52e0:1e00::1081:1 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://s.kickoffpages.com/css/bootstrap/3.4.1_simple/bootstrap.min.css Requested by Host: thanks.thenutr.com URL: https://thanks.thenutr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 2246212770d7ee65ae37c08cf280be33a1cf5a1fe0409d5aac3ae8a964907ce9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:25 GMT content-encoding br cdn-edgestorageid 1082 x-amz-request-id 5KFGBN6M6WGJQHCS cdn-cachedat 06/17/2024 16:59:52 cdn-pullzone 1301840 x-amz-id-2 Ho8YqAos+1lirRmdIXS1CbHhsMCEOYZfEbzHx+/XWRpTQ1glV6FdkLftKKA1sgnR6+SQ0xHYpqI= last-modified Fri, 03 Apr 2020 10:15:09 GMT server BunnyCDN-DE1-1081 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"e0ff97da4feada5cdc71e2df2060b4c3" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 17f1599e-fcb6-40b0-8af3-17b28d72e984 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=43200 cdn-requestid 50b70e88ef9b449af4160ba3265c5a87 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	kickofflabs.css b.kickoffpages.com/droppable_theme_styles/1.2/	117 KB 19 KB	125ms 25ms	Stylesheet text/css	2400:52e0:1e00::1080:1 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://b.kickoffpages.com/droppable_theme_styles/1.2/kickofflabs.css Requested by Host: thanks.thenutr.com URL: https://thanks.thenutr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash bc799f369250609939ac1897632b926004b29b3b3ce05c121a9b8587aaac574e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:25 GMT content-encoding br x-downloadsize 157971 cdn-edgestorageid 1082 x-bo-processingtime 57 cdn-cachedat 06/16/2024 01:50:20 cdn-pullzone 1287095 x-bo-server ASB-195 last-modified Sun, 16 Jun 2024 01:50:20 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding, Accept-Encoding x-bo-origindownloadtime 118 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 17f1599e-fcb6-40b0-8af3-17b28d72e984 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 x-bo-compressionratio 0% cdn-requestid 53f982a7cc66ae85d02a325e42986d6d cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	nutr_logo_1@2x.png b.kickoffpages.com/assets/206931/c76928d5-2d5b-43f3-83b5-65feda85b718/ug4x9o9d80hwrlaioq73/	9 KB 9 KB	392ms 292ms	Image image/webp	2400:52e0:1e00::1080:1 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://b.kickoffpages.com/assets/206931/c76928d5-2d5b-43f3-83b5-65feda85b718/ug4x9o9d80hwrlaioq73/nutr_logo_1@2x.png Requested by Host: thanks.thenutr.com URL: https://thanks.thenutr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 7bf7d04fc5b2d3e69cae32c51faf169da6e32cdbb8175ce12142963873ccb738 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:25 GMT x-downloadsize 16190 cdn-edgestorageid 1079 x-bo-processingtime 6 cdn-cachedat 07/01/2024 19:54:25 cdn-pullzone 1287095 content-length 8776 x-bo-server ASB-255 last-modified Mon, 01 Jul 2024 19:54:25 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 76 content-type image/webp cdn-cache MISS cdn-uid 17f1599e-fcb6-40b0-8af3-17b28d72e984 cache-control public, max-age=31919000 x-bo-compressionratio 45.79% cdn-requestid a60dad188898dad82e079d0c9240e897 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	7245083.png b.kickoffpages.com/assets/206931/50c88b5e-d099-4459-8fe3-2151d415f110/cfiers2pnydgqcrkk1rn/	11 KB 11 KB	245ms 193ms	Image image/webp	2400:52e0:1e00::1080:1 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://b.kickoffpages.com/assets/206931/50c88b5e-d099-4459-8fe3-2151d415f110/cfiers2pnydgqcrkk1rn/7245083.png Requested by Host: thanks.thenutr.com URL: https://thanks.thenutr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 611733d3d573a3a85652332f92750fe7dcc42a122033b5a1422782e065821bc1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:25 GMT x-downloadsize 20797 cdn-edgestorageid 1079 x-bo-processingtime 1 cdn-cachedat 07/01/2024 19:54:25 cdn-pullzone 1287095 content-length 11030 x-bo-server ASB-258 last-modified Mon, 01 Jul 2024 19:54:25 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 39 content-type image/webp cdn-cache MISS cdn-uid 17f1599e-fcb6-40b0-8af3-17b28d72e984 cache-control public, max-age=31919000 x-bo-compressionratio 46.96% cdn-requestid 176fd73a3d8592033a85f97ab195abb6 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	Another%20$50%20OFF.png b.kickoffpages.com/assets/206931/3e1fa56a-33b3-4192-8f2a-9f92fd8cb61b/uye39qat22doldo2oywy/	9 KB 10 KB	188ms 187ms	Image image/webp	2400:52e0:1e00::1080:1 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://b.kickoffpages.com/assets/206931/3e1fa56a-33b3-4192-8f2a-9f92fd8cb61b/uye39qat22doldo2oywy/Another%20$50%20OFF.png Requested by Host: thanks.thenutr.com URL: https://thanks.thenutr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash d5759934bc15d7f88d69580077a3807f92deb921102d1976befbfb5ff063721c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:25 GMT x-downloadsize 18389 cdn-edgestorageid 1081 x-bo-processingtime 1 cdn-cachedat 07/01/2024 19:54:25 cdn-pullzone 1287095 content-length 9346 x-bo-server ASB-255 last-modified Mon, 01 Jul 2024 19:54:25 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 50 content-type image/webp cdn-cache MISS cdn-uid 17f1599e-fcb6-40b0-8af3-17b28d72e984 cache-control public, max-age=31919000 x-bo-compressionratio 49.18% cdn-requestid 6efb2ccb4bcf7e299b9e8a93980efaf5 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	Screenshot%202024-06-11%20171908.jpg b.kickoffpages.com/assets/206931/88f6b08f-5db4-4f5a-8af9-3943498e625a/qhqi3q44hyhf9uvy7ur9/	39 KB 40 KB	427ms 426ms	Image image/webp	2400:52e0:1e00::1080:1 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://b.kickoffpages.com/assets/206931/88f6b08f-5db4-4f5a-8af9-3943498e625a/qhqi3q44hyhf9uvy7ur9/Screenshot%202024-06-11%20171908.jpg Requested by Host: thanks.thenutr.com URL: https://thanks.thenutr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash fa129be9abaffe9ebeed339e5c874ae0ef0eca0fd01620ba0ea2ddec0e2a5c44 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:25 GMT x-downloadsize 72415 cdn-edgestorageid 1080 x-bo-processingtime 4 cdn-cachedat 07/01/2024 19:54:25 cdn-pullzone 1287095 content-length 40242 x-bo-server ASB-204 last-modified Mon, 01 Jul 2024 19:54:25 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 109 content-type image/webp cdn-cache MISS cdn-uid 17f1599e-fcb6-40b0-8af3-17b28d72e984 cache-control public, max-age=31919000 x-bo-compressionratio 44.43% cdn-requestid 950804f7ca765340dc3095e9f2c0c050 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	Screenshot%202024-06-11%20171517.jpg b.kickoffpages.com/assets/206931/4c4c3bce-917e-4b71-81ab-08e4ccfb9128/c4ggymyl0pr7aw28o425/	15 KB 16 KB	405ms 404ms	Image image/webp	2400:52e0:1e00::1080:1 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://b.kickoffpages.com/assets/206931/4c4c3bce-917e-4b71-81ab-08e4ccfb9128/c4ggymyl0pr7aw28o425/Screenshot%202024-06-11%20171517.jpg Requested by Host: thanks.thenutr.com URL: https://thanks.thenutr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 8e7e669af4185770387bd4487711f5b7dd047b2ebb8414a08738445382ce7773 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:25 GMT x-downloadsize 36084 cdn-edgestorageid 1081 x-bo-processingtime 3 cdn-cachedat 07/01/2024 19:54:25 cdn-pullzone 1287095 content-length 15850 x-bo-server ASB-198 last-modified Mon, 01 Jul 2024 19:54:25 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 77 content-type image/webp cdn-cache MISS cdn-uid 17f1599e-fcb6-40b0-8af3-17b28d72e984 cache-control public, max-age=31919000 x-bo-compressionratio 56.07% cdn-requestid 59ac27bbcf9d8c8aa548e10c161cf739 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	VARIETY%20(4).jpg b.kickoffpages.com/assets/206931/98210368-a443-4584-8375-45b4820b7981/aqwl6v56xksp0p8b8yeb/	55 KB 56 KB	430ms 429ms	Image image/webp	2400:52e0:1e00::1080:1 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://b.kickoffpages.com/assets/206931/98210368-a443-4584-8375-45b4820b7981/aqwl6v56xksp0p8b8yeb/VARIETY%20(4).jpg Requested by Host: thanks.thenutr.com URL: https://thanks.thenutr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 52ea612338c5cc263c2bfb4b1aa9cc8698167f8c2ce58af8ee6cc55a48a71791 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:25 GMT x-downloadsize 107527 cdn-edgestorageid 1079 x-bo-processingtime 25 cdn-cachedat 07/01/2024 19:54:25 cdn-pullzone 1287095 content-length 56620 x-bo-server ASB-254 last-modified Mon, 01 Jul 2024 19:54:25 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 116 content-type image/webp cdn-cache MISS cdn-uid 17f1599e-fcb6-40b0-8af3-17b28d72e984 cache-control public, max-age=31919000 x-bo-compressionratio 47.34% cdn-requestid 8e022f99d410d46e5d4481baabb4b097 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	kol.js Show response b.kickoffpages.com/2.2.0/	315 KB 87 KB	32ms 31ms	Script text/javascript	2400:52e0:1e00::1080:1 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://b.kickoffpages.com/2.2.0/kol.js Requested by Host: thanks.thenutr.com URL: https://thanks.thenutr.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 8a026f6b0cc5456db1827e37db3f42abd44390b1040e5bb79de729a1322c4598 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:25 GMT content-encoding br x-downloadsize 324044 cdn-edgestorageid 1080 x-bo-processingtime 133 cdn-cachedat 05/24/2024 19:28:50 cdn-pullzone 1287095 x-bo-server ASB-195 last-modified Fri, 24 May 2024 19:28:50 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding, Accept-Encoding x-bo-origindownloadtime 36 content-type text/javascript cdn-cache HIT cdn-uid 17f1599e-fcb6-40b0-8af3-17b28d72e984 cache-control public, max-age=31919000 x-bo-compressionratio 0% cdn-requestid 7fe3622d91f8fc73346205b7a7419baa cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	pro.min.css Show response ka-p.fontawesome.com/releases/v6.5.2/css/	672 KB 118 KB	182ms 163ms	Fetch text/css	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=413baa29c3 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/413baa29c3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:25 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 02 Apr 2024 15:26:26 GMT server cloudflare etag "660c23a2-1d791" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 89c8f2a5ec894d37-FRA content-length 120721
GET H2	200	pro-v4-shims.min.css Show response ka-p.fontawesome.com/releases/v6.5.2/css/	27 KB 4 KB	178ms 161ms	Fetch text/css	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-shims.min.css?token=413baa29c3 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/413baa29c3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:25 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 02 Apr 2024 15:26:24 GMT server cloudflare etag "660c23a0-10e7" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 89c8f2a5ec964d37-FRA content-length 4327
GET H2	200	pro-v5-font-face.min.css Show response ka-p.fontawesome.com/releases/v6.5.2/css/	50 KB 7 KB	454ms 437ms	Fetch text/css	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v5-font-face.min.css?token=413baa29c3 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/413baa29c3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:25 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 02 Apr 2024 15:26:24 GMT server cloudflare etag "660c23a0-1c3b" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 89c8f2a5ec944d37-FRA content-length 7227
GET H2	200	pro-v4-font-face.min.css Show response ka-p.fontawesome.com/releases/v6.5.2/css/	7 KB 2 KB	477ms 460ms	Fetch text/css	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-font-face.min.css?token=413baa29c3 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/413baa29c3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:26 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 02 Apr 2024 15:26:24 GMT server cloudflare etag "660c23a0-6ca" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 89c8f2a5ec914d37-FRA content-length 1738
GET H2	200	kit-upload.css Show response kit.fontawesome.com/413baa29c3/111044323/	0 130 B	154ms 154ms	Fetch text/css	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/413baa29c3/111044323/kit-upload.css Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/413baa29c3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:25 GMT cf-cache-status MISS server cloudflare etag 54af53b207eef226d6511e0a88e3038e access-control-max-age 3000 access-control-allow-methods GET, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31556926, public, must-revalidate vary origin, accept-encoding, access-control-request-headers, access-control-request-method accept-ranges bytes cf-ray 89c8f2a5cc5a4d37-FRA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token content-length 0 x-request-id F94u5EQGPUXzSBGnqQ7h
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	164ms 65ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=DM+Sans&family=Lato&family=Open+Sans:wght@400&family=Open+Sans:wght@700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://thanks.thenutr.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 14:56:46 GMT x-content-type-options nosniff age 536259 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23580 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 25 Jun 2025 14:56:46 GMT
GET H2	200	rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW32.woff2 fonts.gstatic.com/s/dmsans/v15/	14 KB 14 KB	136ms 38ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/dmsans/v15/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW32.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=DM+Sans&family=Lato&family=Open+Sans:wght@400&family=Open+Sans:wght@700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a71e519e44faaa2a518544f31c899590cd80076d09814d015b69e64dd9202128 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://thanks.thenutr.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 14:50:04 GMT x-content-type-options nosniff age 536661 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14116 x-xss-protection 0 last-modified Thu, 21 Mar 2024 23:59:13 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 25 Jun 2025 14:50:04 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 47 KB	137ms 39ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=DM+Sans&family=Lato&family=Open+Sans:wght@400&family=Open+Sans:wght@700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://thanks.thenutr.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 27 Jun 2024 22:09:26 GMT x-content-type-options nosniff age 337499 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 27 Jun 2025 22:09:26 GMT
GET H2	200	/ Show response options.kickoffpages.com/181798/	19 KB 8 KB	394ms 393ms	Fetch application/json	2a09:8280:1:d278:5448:dc98:c3db:7cb7 FLY
General Check archive.org Show headers Download Go to Full URL https://options.kickoffpages.com/181798/ Requested by Host: b.kickoffpages.com URL: https://b.kickoffpages.com/2.2.0/kol.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1:d278:5448:dc98:c3db:7cb7 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/07579e37 (2024-06-26) / Resource Hash 0e6d976df25d66ef19e410a898879aaa1a7e21fdd9e099d3d013dac85e338d1a Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 content-type application/json accept application/json Referer https://thanks.thenutr.com/ sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:26 GMT content-encoding zstd x-content-type-options nosniff nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} server Fly/07579e37 (2024-06-26) via 1.1 vegur, 2 fly.io fly-request-id 01J1QXSSM1YN7V59ZYBVDF0G3M-ams x-fly-region ams report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719863666&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=vTL2A7iLZXemZxP1OMRcY6mxALm5%2F0SojrTIUBEVQOs%3D"}]} content-type application/json access-control-allow-origin * reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1719863666&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=vTL2A7iLZXemZxP1OMRcY6mxALm5%2F0SojrTIUBEVQOs%3D
OPTIONS H2	200	/ options.kickoffpages.com/181798/	0 0	589ms 403ms	Preflight text/html	2a09:8280:1:d278:5448:dc98:c3db:7cb7 FLY
General Check archive.org Show headers Download Go to Full URL https://options.kickoffpages.com/181798/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1:d278:5448:dc98:c3db:7cb7 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/07579e37 (2024-06-26) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://thanks.thenutr.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers Authorization, Content-Type, Accept access-control-allow-origin * allow GET, OPTIONS content-length 0 content-type text/html;charset=utf-8 date Mon, 01 Jul 2024 19:54:26 GMT fly-request-id 01J1QXSS7DSNG37JT0BKRCZE2G-ams k-id 12 k-protect on nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} referrer-policy no-referrer-when-downgrade report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719863666&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=vTL2A7iLZXemZxP1OMRcY6mxALm5%2F0SojrTIUBEVQOs%3D"}]} reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1719863666&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=vTL2A7iLZXemZxP1OMRcY6mxALm5%2F0SojrTIUBEVQOs%3D server Fly/07579e37 (2024-06-26) strict-transport-security max-age=15552000; via 1.1 vegur, 2 fly.io x-content-type-options nosniff x-fly-region ams x-xss-protection 1; mode=block
GET H2	200	public_sites_favicon.ico s.kickoffpages.com/images/icons/	1 KB 905 B	26ms 20ms	Other image/x-icon	2400:52e0:1e00::1081:1 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://s.kickoffpages.com/images/icons/public_sites_favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 001ed984e2f52496f37f44fb2aff18ed83443ff0df63b92fad0e12d1742e828a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:26 GMT content-encoding br cdn-edgestorageid 1081 x-amz-request-id K05FQXG96D4EM9BB cdn-cachedat 03/08/2024 07:40:53 cdn-pullzone 1301840 x-amz-id-2 GYsh0EUv2iSF2qO2MajxDWlDe4LZkIBc4x/2YF8tr9/mP+WxyZOmkKlDHbKsU3um1ZNe8H53j3o= last-modified Thu, 22 Jul 2021 20:37:29 GMT server BunnyCDN-DE1-1081 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"ef7ccdad4aea3090a10b783f0dd2544c" vary Accept-Encoding content-type image/x-icon cdn-cache HIT cdn-uid 17f1599e-fcb6-40b0-8af3-17b28d72e984 cache-control public, max-age=2592000 cdn-requestid 2ec523c778e36e65d0daa7923282e529 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H/1.1	200 OK	4aaa2b3e-f41a-4645-a4f2-1d86bb3eb809 api.kickofflabs.com/stats/b/	35 B 772 B	431ms 128ms	Image image/gif	52.204.242.176 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://api.kickofflabs.com/stats/b/4aaa2b3e-f41a-4645-a4f2-1d86bb3eb809?rid=8167e076-8771-4c21-89bd-34783d59bcdc&uid=94acac10-f68e-487a-be81-fe71a285a546&sid=71dba412-a865-48b2-97f9-04690190c85a&kid=false&url=https%3A%2F%2Fthanks.thenutr.com%2F&lid=181798&language=de-DE&%5Bcustom%5Dtheme=newsetter_rewards_status&%5Bcustom%5DpageType=single_page&source=koljs.387079&if=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.204.242.176 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-204-242-176.compute-1.amazonaws.com Software Cowboy / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 01 Jul 2024 19:54:26 GMT Via 1.1 vegur X-Content-Type-Options nosniff Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Mon, 29 May 2023 02:19:55 GMT Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719863667&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=XL9hBMFchtq5hQlVExS0TkKpiJTD02e0y0JUfCfOTao%3D"}]} Content-Type image/gif Connection keep-alive Content-Length 35 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1719863667&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=XL9hBMFchtq5hQlVExS0TkKpiJTD02e0y0JUfCfOTao%3D
GET H/1.1	200 OK	94acac10-f68e-487a-be81-fe71a285a546 Show response leads.kickofflabs.com/anon/181798/	470 B 2 KB	150ms 150ms	Fetch application/json	54.161.241.46 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://leads.kickofflabs.com/anon/181798/94acac10-f68e-487a-be81-fe71a285a546?in=true Requested by Host: b.kickoffpages.com URL: https://b.kickoffpages.com/2.2.0/kol.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.161.241.46 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-161-241-46.compute-1.amazonaws.com Software Cowboy / Resource Hash d9dbd76762c2f9e076209f714e3d971cdb1b8a47a6469fa2f4af5f9a4c7bd99f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 content-type application/json accept application/json Referer https://thanks.thenutr.com/ sec-ch-ua-platform "Win32" Response headers Date Mon, 01 Jul 2024 19:54:26 GMT Content-Encoding gzip X-Content-Type-Options nosniff Strict-Transport-Security max-age=63072000; includeSubDomains Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} X-Permitted-Cross-Domain-Policies none Via 1.1 vegur Connection keep-alive Content-Length 268 X-Xss-Protection 0 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1719863667&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=YN9mJWEs3Q3XTfFD2uL7dWKiVQ86iubBdlnf6noUj%2FE%3D X-Request-Id 2d441640-fdb1-400e-b868-ca4de9dfa9a7 Pragma no-cache X-Runtime 0.010333 Referrer-Policy strict-origin Server Cowboy Etag W/"276629d8d4fa47cfa496b671cfe87d86" X-Download-Options noopen X-Frame-Options SAMEORIGIN Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719863667&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=YN9mJWEs3Q3XTfFD2uL7dWKiVQ86iubBdlnf6noUj%2FE%3D"}]} Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, POST, OPTIONS Cache-Control no-store Access-Control-Max-Age 1728000 Vary Accept-Encoding Expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H/1.1	200 OK	94acac10-f68e-487a-be81-fe71a285a546 leads.kickofflabs.com/anon/181798/	0 0	473ms 138ms	Preflight text/plain	54.161.241.46 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://leads.kickofflabs.com/anon/181798/94acac10-f68e-487a-be81-fe71a285a546?in=true Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.161.241.46 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-161-241-46.compute-1.amazonaws.com Software Cowboy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://thanks.thenutr.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Headers X-Requested-With, X-Prototype-Version, Content-Type Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Max-Age 1728000 Cache-Control no-store Connection keep-alive Content-Encoding gzip Content-Length 20 Content-Type text/plain; charset=utf-8 Date Mon, 01 Jul 2024 19:54:26 GMT Etag W/"4042e09fa6a85958b7d51075456b8bfd" Expires Fri, 01 Jan 1990 00:00:00 GMT Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Pragma no-cache Referrer-Policy strict-origin Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1719863667&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=YN9mJWEs3Q3XTfFD2uL7dWKiVQ86iubBdlnf6noUj%2FE%3D"}]} Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1719863667&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=YN9mJWEs3Q3XTfFD2uL7dWKiVQ86iubBdlnf6noUj%2FE%3D Server Cowboy Strict-Transport-Security max-age=63072000; includeSubDomains Vary Accept-Encoding Via 1.1 vegur X-Content-Type-Options nosniff X-Download-Options noopen X-Frame-Options SAMEORIGIN X-Permitted-Cross-Domain-Policies none X-Request-Id e6aacf87-2064-46f7-9c65-9878373cf0a1 X-Runtime 0.004226 X-Xss-Protection 0
GET H2	200	filestack.min.js Show response static.filestackapi.com/filestack-js/3.x.x/	416 KB 98 KB	155ms 34ms	Script application/javascript	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.filestackapi.com/filestack-js/3.x.x/filestack.min.js Requested by Host: b.kickoffpages.com URL: https://b.kickoffpages.com/2.2.0/kol.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 72c59a38c1b0ab6a2159d5112175995b10e7eb17aaf97b73f7ef74ccc9c52c7c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://thanks.thenutr.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 19:54:27 GMT content-encoding gzip via 1.1 varnish x-amz-request-id 4J70A7E3EP55SRZ3 age 50952 x-amz-server-side-encryption AES256 x-cache HIT content-length 99780 x-amz-id-2 hkKe4lTbU5hOBrtyA24Rjz7TMoNsd9eoxekjRNf3XmPTqwT1cJv/cKGdBYPqet+5mdpa7SLWIDE= x-served-by cache-fra-etou8220157-FRA last-modified Mon, 17 Jun 2024 18:36:04 GMT x-timer S1719863668.576411,VS0,VE0 etag "179cd52c517c66dc356d59dda747558d" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes x-cache-hits 144

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| FontAwesomeKitConfig boolean| kol_skip_font_awesome object| KOLSettings object| kol_oauth_options object| kolOptions function| setKolInputValue function| runKolInstantSignup function| KOL object| _kol boolean| _kolDebuggingEnabled object| __kol_analytics object| filestackInternals object| __SENTRY__ object| filestack

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			thanks.thenutr.com/	1970-01-21 07:20:23	Name: kola.181798 Value: 94acac10-f68e-487a-be81-fe71a285a546
			thanks.thenutr.com/	1969-12-31 23:59:59	Name: kola.181798.session Value: 71dba412-a865-48b2-97f9-04690190c85a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.kickofflabs.com
b.kickoffpages.com
fonts.googleapis.com
fonts.gstatic.com
ka-p.fontawesome.com
kit.fontawesome.com
leads.kickofflabs.com
options.kickoffpages.com
s.kickoffpages.com
static.filestackapi.com
thanks.thenutr.com
151.101.2.133
213.188.193.98
2400:52e0:1e00::1080:1
2400:52e0:1e00::1081:1
2606:4700:4400::6812:2844
2a00:1450:4001:80e::2003
2a00:1450:4001:81c::200a
2a09:8280:1:d278:5448:dc98:c3db:7cb7
52.204.242.176
54.161.241.46
001ed984e2f52496f37f44fb2aff18ed83443ff0df63b92fad0e12d1742e828a
01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b
0c109cda95af800c29c35fca3c696c3952687efec7dadee4aa5dd69e4382b927
0e6d976df25d66ef19e410a898879aaa1a7e21fdd9e099d3d013dac85e338d1a
1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71
1bf786365deda7e7b5a13939aa61e939a65288a5b87519ea92d54644a373d039
1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593
21b54ea9671978f6a2700830d70ac0ce2d253c3e5d9256f618220834068202ae
2246212770d7ee65ae37c08cf280be33a1cf5a1fe0409d5aac3ae8a964907ce9
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13
52ea612338c5cc263c2bfb4b1aa9cc8698167f8c2ce58af8ee6cc55a48a71791
611733d3d573a3a85652332f92750fe7dcc42a122033b5a1422782e065821bc1
72c59a38c1b0ab6a2159d5112175995b10e7eb17aaf97b73f7ef74ccc9c52c7c
7bf7d04fc5b2d3e69cae32c51faf169da6e32cdbb8175ce12142963873ccb738
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a026f6b0cc5456db1827e37db3f42abd44390b1040e5bb79de729a1322c4598
8e7e669af4185770387bd4487711f5b7dd047b2ebb8414a08738445382ce7773
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a71e519e44faaa2a518544f31c899590cd80076d09814d015b69e64dd9202128
bc799f369250609939ac1897632b926004b29b3b3ce05c121a9b8587aaac574e
d5759934bc15d7f88d69580077a3807f92deb921102d1976befbfb5ff063721c
d9dbd76762c2f9e076209f714e3d971cdb1b8a47a6469fa2f4af5f9a4c7bd99f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa129be9abaffe9ebeed339e5c874ae0ef0eca0fd01620ba0ea2ddec0e2a5c44