buy.duotrim.com Open in urlscan Pro
2606:4700::6810:10c2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.improvingvitality.org/?t=c&ids=MzUxOTU2NTQ3__MzIzMA==__NzgwMzUyOTM=__ODUy__955&url=aHR0cHMlM0ElMkYlMkZ0cnVzdGVkaGVhbHR...
Effective URL:
https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Submission: On March 18 via api (March 18th 2023, 11:37:45 pm UTC) from BE — Scanned from DE

Summary HTTP 121 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 22 domains to perform 121 HTTP transactions. The main IP is 2606:4700::6810:10c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is buy.duotrim.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 19th 2023. Valid for: a year.

This is the only time buy.duotrim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	170.187.185.18 170.187.185.18	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
2	2606:4700:303... 2606:4700:3037::6815:2c57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
42	2606:4700::68... 2606:4700::6810:10c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:440... 2606:4700:4400::6812:27b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:310... 2606:4700:3108::ac42:28ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a04:4e42:600... 2a04:4e42:600::622	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:6c0... 2a02:26f0:6c00:19a::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	95.101.111.61 95.101.111.61	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2606:4700:310... 2606:4700:3108::ac42:2b73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:223... 2600:9000:223e:7a00:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
6	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	44.195.191.171 44.195.191.171	14618 (AMAZON-AES) (AMAZON-AES)
6	2600:9000:223... 2600:9000:223e:c800:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	52.4.213.160 52.4.213.160	() ()
121	27

1 170.187.185.18 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: vsrv379.armadaservers.com

click.improvingvitality.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:2c57 (United States)

ASN13335 (CLOUDFLARENET, US)

trustedhealthnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2606:4700::6810:10c2 (United States)

ASN13335 (CLOUDFLARENET, US)

buy.duotrim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
classic.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:27b5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:28ea (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:19a::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.111.61 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-61.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3108::ac42:2b73 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

display.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:7a00:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.195.191.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-191-171.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223e:c800:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.213.160 (None, )

ASN- ()

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	duotrim.com buy.duotrim.com	3 MB
20	wistia.com fast.wistia.com — Cisco Umbrella Rank: 3852 embed-ssl.wistia.com — Cisco Umbrella Rank: 7326 distillery.wistia.com — Cisco Umbrella Rank: 6044 embed-cloudfront.wistia.com pipedream.wistia.com	5 MB
13	wistia.net fast.wistia.net — Cisco Umbrella Rank: 7490	355 KB
6	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 341	12 KB
5	buygoods.com 1 redirects tracking.buygoods.com — Cisco Umbrella Rank: 230129 display.buygoods.com — Cisco Umbrella Rank: 259744 www.buygoods.com — Cisco Umbrella Rank: 276019 buygoods.com — Cisco Umbrella Rank: 153357	9 KB
5	clickfunnels.com 1 redirects www.clickfunnels.com — Cisco Umbrella Rank: 68991 classic.clickfunnels.com — Cisco Umbrella Rank: 131537 app.clickfunnels.com — Cisco Umbrella Rank: 39543	3 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 722	99 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 768	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	157 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com — Cisco Umbrella Rank: 2388	20 KB
3	gstatic.com fonts.gstatic.com	45 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	239 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 700	18 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	143 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	4 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 820	17 KB
2	trustedhealthnews.com trustedhealthnews.com	2 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 231	397 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 76	346 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 886	6 KB
1	improvingvitality.org click.improvingvitality.org	389 B
0	addevent.com Failed track.addevent.com Failed
121	22

	Domain	Requested by
38	buy.duotrim.com	trustedhealthnews.com buy.duotrim.com static.cloudflareinsights.com
13	fast.wistia.net	buy.duotrim.com fast.wistia.net
10	fast.wistia.com	buy.duotrim.com fast.wistia.com fast.wistia.net
6	embed-cloudfront.wistia.com	fast.wistia.net
6	js-agent.newrelic.com	buy.duotrim.com
4	analytics.tiktok.com	www.googletagmanager.com analytics.tiktok.com
3	ct.pinterest.com	s.pinimg.com buy.duotrim.com
3	app.clickfunnels.com	buy.duotrim.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	fonts.gstatic.com	fonts.googleapis.com
2	distillery.wistia.com	fast.wistia.com fast.wistia.net
2	www.facebook.com	buy.duotrim.com
2	buygoods.com	buy.duotrim.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	buy.duotrim.com www.googletagmanager.com
2	fonts.googleapis.com	buy.duotrim.com
2	use.fontawesome.com	buy.duotrim.com
2	trustedhealthnews.com	trustedhealthnews.com
1	pipedream.wistia.com	fast.wistia.net
1	bam.nr-data.net	js-agent.newrelic.com
1	embed-ssl.wistia.com	buy.duotrim.com
1	www.buygoods.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	display.buygoods.com	buy.duotrim.com
1	tracking.buygoods.com	buy.duotrim.com
1	static.cloudflareinsights.com	buy.duotrim.com
1	classic.clickfunnels.com	buy.duotrim.com
1	www.clickfunnels.com	1 redirects
1	click.improvingvitality.org
0	track.addevent.com Failed	buy.duotrim.com
121	32

This site contains links to these domains. Also see Links.

Domain
www.duotrim.com
buygoods.com

Subject Issuer	Validity	Valid
click.improvingvitality.org R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-29` - `2023-09-29`	a year	crt.sh
buy.duotrim.com Cloudflare Inc ECC CA-3	`2023-01-19` - `2024-01-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-26`	2 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.wistia.com Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Frame ID: 1D1B5B6A69C8F273CA08F631E4D2811A
Requests: 92 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent
Frame ID: 54A33C5BAC509EB5A9105CCA2D9A2A3C
Requests: 3 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent
Frame ID: 5A79EBB2E9968256B388C68C0DE88D59
Requests: 24 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: CFB2DCFD37E1F29235493428AC9F9B02
Requests: 1 HTTP requests in this frame

Frame: https://buygoods.com/affiliates/go/conversion/iframe/bg?a=7931&t=18ecb169115fc33fdfcd4c7574ab6fc5&s=sessid20230318233720154
Frame ID: B2B17C640697541B92DD4FFB3327BD9E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Daily Digestion Hack Dissolves Belly Fat

Page URL History Show full URLs

https://click.improvingvitality.org/?t=c&ids=MzUxOTU2NTQ3__MzIzMA==__NzgwMzUyOTM=__ODUy__955&url=aHR0cHMlM0ElMkY... Page URL
https://trustedhealthnews.com/iwzd Page URL
https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

121
Requests

95 %
HTTPS

74 %
IPv6

22
Domains

32
Subdomains

27
IPs

3
Countries

8938 kB
Transfer

14464 kB
Size

38
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.duotrim.com/
Title: Get the text version here...

Search URL Search Domain Scan URL

URL: https://buygoods.com/secure/checkout.html?sessid2=sessid20230318233720154&aff_id=786&sid=5agixop0317duotrim&account_id=7931&product_codename=duo2&redirect=aHR0cHM6Ly9idXkuZHVvdHJpbS5jb20vc3BlY2lhbC1vZmZlcg==

Search URL Search Domain Scan URL

URL: https://buygoods.com/secure/checkout.html?sessid2=sessid20230318233720154&aff_id=786&sid=5agixop0317duotrim&account_id=7931&product_codename=duo12&redirect=aHR0cHM6Ly9idXkuZHVvdHJpbS5jb20vc3BlY2lhbC1vZmZlcg==

Search URL Search Domain Scan URL

URL: https://buygoods.com/secure/checkout.html?sessid2=sessid20230318233720154&aff_id=786&sid=5agixop0317duotrim&account_id=7931&product_codename=duo6&redirect=aHR0cHM6Ly9idXkuZHVvdHJpbS5jb20vc3BlY2lhbC1vZmZlcg==

Search URL Search Domain Scan URL

URL: https://www.duotrim.com/privacy-policy/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.duotrim.com/terms/
Title: Terms Of Service

Search URL Search Domain Scan URL

URL: https://www.duotrim.com/contact/
Title: Support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.improvingvitality.org/?t=c&ids=MzUxOTU2NTQ3__MzIzMA==__NzgwMzUyOTM=__ODUy__955&url=aHR0cHMlM0ElMkYlMkZ0cnVzdGVkaGVhbHRobmV3cy5jb20lMkZpd3pk Page URL
https://trustedhealthnews.com/iwzd Page URL
https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.clickfunnels.com/images/closemodal.png HTTP 301
https://classic.clickfunnels.com/images/closemodal.png

Request Chain 86

https://www.buygoods.com/images/buygoods_black.png HTTP 301
https://buygoods.com/images/buygoods_black.png

121 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
click.improvingvitality.org/ 82 B
389 B 152ms
89ms Document
text/html 170.187.185.18
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://click.improvingvitality.org/?t=c&ids=MzUxOTU2NTQ3__MzIzMA==__NzgwMzUyOTM=__ODUy__955&url=aHR0cHMlM0ElMkYlMkZ0cnVzdGVkaGVhbHRobmV3cy5jb20lMkZpd3pk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.187.185.18 Frankfurt am Main, Germany, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

vsrv379.armadaservers.com

Software

nginx /

Resource Hash

4793c1e32627f82539286da0adc4bb6b8cf906183b0c65dc75dc343cb388565d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 18 Mar 2023 23:37:40 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 iwzd Show response
trustedhealthnews.com/ 658 B
1 KB 1008ms
937ms Document
text/html 2606:4700:3037::6815:2c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trustedhealthnews.com/iwzd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:2c57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2fcb4e395770da38f41b7cd965495684427b2de5fe554aa37da327c9fb69783

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://click.improvingvitality.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7aa14e0c08a39bb8-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Sat, 18 Mar 2023 23:37:41 GMT
expires: Mon, 07 Jul 1777 07:07:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDNhNRnt7X8bwQt7KhX1RANin9kWp6Ob52O2KfbzpBtsi35NtEZT113wM%2BZqnV%2FHJGbo8b0rgRJb0Lb7wLV3ZwrlpU6gXOVxfVGlWioduOSIwfFoeUgBy644dTY5zKAM2mrzap6a5hphL0gfmepqHAqiRMg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-redirect-powered-by: Pretty Link Executive 3.3.3 http://prettylink.com
x-robots-tag: noindex, nofollow
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 javascript-redirect.js Show response
trustedhealthnews.com/wp-content/plugins/pretty-link/pro/js/ 99 B
463 B 28ms
26ms Script
application/javascript 2606:4700:3037::6815:2c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trustedhealthnews.com/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.3.3

Requested by

Host: trustedhealthnews.com
URL: https://trustedhealthnews.com/iwzd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:2c57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed8fa1ff8b55dd19225f59a5e74520a8b20206c2f6d354e1e6f0e5881d93fe4a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trustedhealthnews.com/iwzd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
age: 466031
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 06 Mar 2023 10:03:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Owxqht0qKMtbr4dqR630A72Ke5Bb%2FmBGujZf0Hv9yQ0tQiRPl1Ld6xUHdMAczK5ZkGi4zuhJJYVhy1JsBQuVr9SHe4MPxkwxttdeuipOuKqIM5nQBX%2F%2BYgpPqAEpKy40wBWPYs80LFE5nuXJ3xqs4IOPI64%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7aa14e11fdcc9bb8-FRA
expires: Wed, 12 Apr 2023 14:10:30 GMT

GET
H2 200 Primary Request watch-now Show response
buy.duotrim.com/ 243 KB
40 KB 325ms
245ms Document
text/html 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Requested by

Host: trustedhealthnews.com
URL: https://trustedhealthnews.com/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.3.3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

4c6452476c07de7dd21d7ae36e5e8e7d29ad645bd40884cd8de865e2be7057f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Referer: https://trustedhealthnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
cf-cache-status: REVALIDATED
cf-ray: 7aa14e12cb8c91fb-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 18 Mar 2023 23:37:41 GMT
last-modified: Mon, 06 Feb 2023 12:00:42 GMT
server: cloudflare
status: 200 OK
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-digest: afbaa9a3916fa224583ad09540ce88ee86836c24
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: a63f607ce56fcd67874dcf1c18836e04
x-runtime: 0.355080

GET
H2 200 lander.css
buy.duotrim.com/assets/ 425 KB
70 KB 59ms
55ms Stylesheet
text/css 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.duotrim.com/assets/lander.css

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 123
last-modified: Thu, 16 Mar 2023 22:49:03 GMT
server: cloudflare
etag: W/"64139cdf-6a514"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7aa14e147cb891fb-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Sat, 18 Mar 2023 23:57:41 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
13 KB 94ms
29ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KPC19QY4EQRR3ZJA
age: 1784744
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: DZrzPe4HQ8kJFNqEOBC9htpm0WJQlY1n+eS/0BGsXOAs08NE646zlmtSapTKvY5HRzt62dmBhyM=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPP3a6zpi29C9ggaaXayhjGd%2BlmTGvDeB9v%2BvxisEJVgwBSQYDhObGjJQlDznBDPTLNWOmtm9f1LdASb3Ns7D7NM2uIdtV2GHa%2Fp3ytcXf4aBgpmoqemM2aME81236XhrF7xBg8eP9zOxIWFe7RoukoK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7aa14e14df0f9073-FRA

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
4 KB 95ms
31ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FTPN7MFPDPTGYVP7
age: 1853053
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 1z3SjVlzwCj4buU+iZX1i9l3bHBEkoJXF3gMzQpNsR3QhqKLbXKjLOq9SVzUn/sZehkE6nLM3r0=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"e140a7d32f343530f016095df3cc2ae4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKJEKf6zNcZrfie78%2BRDqzOQsX2m0gywvYqJvk7S5vF5OjVMLw3Lp9VFoq7bm3V0Kv8RHnw%2BFnlz4GuLRee3ohFs1I%2B9LBkhT1%2BXCLa%2B%2FtkhN2rYZplKYMS7k9U68qmDlevQDKWrqJXtgPQ34OicleMQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7aa14e14df109073-FRA

GET
H2 200 css
fonts.googleapis.com/ 45 KB
3 KB 80ms
29ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04b701caa790262bd1fca759ffac2fcade3ca980cf9d3993dca5f177c1a04a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Mar 2023 23:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 22:45:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Mar 2023 23:37:41 GMT

GET
H2 200 application.js Show response
buy.duotrim.com/assets/userevents/ 5 KB
2 KB 48ms
46ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.duotrim.com/assets/userevents/application.js

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 123
last-modified: Wed, 15 Mar 2023 15:29:15 GMT
server: cloudflare
etag: W/"6411e44b-147c"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7aa14e147cb991fb-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Sat, 18 Mar 2023 23:57:41 GMT

GET
H2 200 Untitled-design-9-.png
buy.duotrim.com/hosted/images/7f/121a8f0f3d433fb71123a17f52952b/ 58 KB
59 KB 103ms
95ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/7f/121a8f0f3d433fb71123a17f52952b/Untitled-design-9-.png
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e745ccf3d5d2b75f1e0001abf6160d742a964045ef60c43786a7d08599669fe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 01 Dec 2022 10:38:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "2184771c717b16ea5861761c18895c17"
cf-polished: origSize=60406
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e152d1691fb-FRA
content-length: 59838

GET
H2

200

closemodal.png
classic.clickfunnels.com/images/
Redirect Chain

https://www.clickfunnels.com/images/closemodal.png
https://classic.clickfunnels.com/images/closemodal.png

672 B
1 KB

133ms
69ms

Image
image/webp

2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://classic.clickfunnels.com/images/closemodal.png

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
age: 168441
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
content-length: 672
last-modified: Wed, 15 Mar 2023 15:29:15 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6411e44b-314"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: true
access-control-max-age: 1728000
accept-ranges: bytes
cf-ray: 7aa14e164d2a9b7d-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Tue, 18 Apr 2023 23:37:42 GMT

Redirect headers

date: Sat, 18 Mar 2023 23:37:42 GMT
server: cloudflare
vary: Accept-Encoding
location: https://classic.clickfunnels.com/images/closemodal.png
cache-control: max-age=3600
cf-ray: 7aa14e159fcb30d6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 19 Mar 2023 00:37:42 GMT

GET
H2 200 clcv96f1fa.jsonp Show response
fast.wistia.com/embed/medias/ 4 KB
2 KB 118ms
58ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/clcv96f1fa.jsonp

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a715c9dfae3847f6e41bd48b8da5bd0747df17bfc0f0f4b2052c7c404043d2df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
age: 83743
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 1627
x-request-id: 0b0ccaea47cd71f1b559c572a58fd444
x-served-by: cache-iad-kcgs7200020-IAD, cache-hhn-etou8220065-HHN
x-runtime: 0.058604
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 111
x-timer: S1679182662.994529,VS0,VE1
etag: W/"a715c9dfae3847f6e41bd48b8da5bd07"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 208, 1

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 631 KB
115 KB 80ms
20ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

18e27aa85bc402887652ca383a1f2fb1087839147b0405f508a36337e29c51f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3346
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117262
x-served-by: cache-iad-kjyo7100082-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Tue, 07 Mar 2023 01:17:34 GMT
server: AmazonS3
x-timer: S1679182662.994518,VS0,VE0
etag: "6c7e4824a5037ec3c3b146e49f12c184"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23, 251

GET
H2 200 swatch
fast.wistia.com/embed/medias/clcv96f1fa/ 4 KB
4 KB 118ms
58ms Image
image/jpeg 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/clcv96f1fa/swatch

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

24ccb1d2d2ac6eccd9cdccfee2776afdff41c29e3f7f794ff9150c39fc978410

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
access-control-request-method: *
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 83743
x-cache: HIT, HIT
content-disposition: inline
content-length: 4030
x-served-by: cache-iad-kcgs7200020-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Fri, 06 Jan 2023 17:51:49 UTC
x-timer: S1679182662.994862,VS0,VE1
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: public, no-cache, max-age=31097080
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 216, 1

GET
H2 200 1-month.png
buy.duotrim.com/hosted/images/e9/84fa81c80647899f04363247e6a2c4/ 82 KB
83 KB 75ms
68ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/e9/84fa81c80647899f04363247e6a2c4/1-month.png
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e95ab636af26df8cd827aee2b29d44846e239d2d8f6958cfcd4410655f25d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 04 Jan 2023 20:04:12 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "92ca419717791178270d2f713f4ba8d0"
cf-polished: origSize=84741
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e152d1b91fb-FRA
content-length: 84446

GET
H2 200 guarantee-blue.png
buy.duotrim.com/hosted/images/bd/f4181b755e4b529caed932363ed4a6/ 27 KB
27 KB 75ms
68ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/bd/f4181b755e4b529caed932363ed4a6/guarantee-blue.png
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bc9d1e13177ff01aa396544ecba5a2d1803ed85aeb2ecf316996c7abcf7ec29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 16 Sep 2022 11:46:27 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "1964a39df0e8eb8eadaf4382f0d29f10"
cf-polished: origSize=27918
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e152d1c91fb-FRA
content-length: 27781

GET
H2 200 Screenshot-2022-09-08-at-20.48.56.png
buy.duotrim.com/hosted/images/f9/5b569806ae48268280bcb0d6aac729/ 178 KB
178 KB 61ms
54ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/f9/5b569806ae48268280bcb0d6aac729/Screenshot-2022-09-08-at-20.48.56.png
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af4a767306e8eb3bbfa60a212ac5e673648d4315bfc9544a71367e62fe49ed93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Sep 2022 19:49:46 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "b8d1c63590dfb61c7f648e1d652c8bbb"
cf-polished: origSize=182151
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e152d1d91fb-FRA
content-length: 181856

GET
H2 200 IMG_5639.jpg
buy.duotrim.com/hosted/images/2e/d4c4ab34f74d1ab7e85c51facc8c48/ 114 KB
114 KB 80ms
74ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/2e/d4c4ab34f74d1ab7e85c51facc8c48/IMG_5639.jpg
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d868b1cb56f7bb69c7f20eb319e45ae7795f5a973211e100d9dcca46270c1e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 09 Oct 2022 17:56:40 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "6f2ec8cd57c88c6e4b645403aa45bbb3"
cf-polished: status=not_needed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e152d1e91fb-FRA
content-length: 116739

GET
H2 200 c6ec740e-f18b-4508-86dd-a829f9e60da8.jpg
buy.duotrim.com/hosted/images/d6/e0105a45334794a04fe7a131383735/ 58 KB
58 KB 80ms
73ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/d6/e0105a45334794a04fe7a131383735/c6ec740e-f18b-4508-86dd-a829f9e60da8.jpg
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef37c39871c964445b3c059a5b775675e1e7c4722446d42ccb7b64cd4d4e43da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 09 Oct 2022 18:00:56 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "b1fbd0fc39b57504fb0bd7092835b8b9"
cf-polished: origSize=59016, status=webp_bigger
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e152d1f91fb-FRA
content-length: 58944

GET
H2 200 DuoTrim-Customer-Review.jpg
buy.duotrim.com/hosted/images/c0/e7211b34fb4f7ea9977b9b978e843e/ 60 KB
61 KB 86ms
80ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/c0/e7211b34fb4f7ea9977b9b978e843e/DuoTrim-Customer-Review.jpg
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 887759fcfe5d50866ffb6ac76868744f58a10ea17da39b818536f3e711e2d6bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 01 Dec 2022 10:39:16 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "e4eafcff8ca23835c898585421ea7692"
cf-polished: degrade=85, origSize=67910, status=webp_bigger
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e152d2091fb-FRA
content-length: 61915

GET
H2 200 IMG_5641.jpg
buy.duotrim.com/hosted/images/ef/faa42649c14092bdb962b5003b503b/ 129 KB
129 KB 80ms
73ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/ef/faa42649c14092bdb962b5003b503b/IMG_5641.jpg
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7edd2ece4e20b2bda3b1b2e554788ae0fbf42aeba8e8753a9fe143572aad40b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 09 Oct 2022 17:56:42 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "c7497b4b89e6f6c71092bafb76981f93"
cf-polished: origSize=131868, status=webp_bigger
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e152d2191fb-FRA
content-length: 131840

GET
H2 200 margo-s.jpg
buy.duotrim.com/hosted/images/c4/f6092da31645d8b7ed200145339b94/ 72 KB
73 KB 80ms
74ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/c4/f6092da31645d8b7ed200145339b94/margo-s.jpg
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3371ed6129218f4a1fdb1b875e5bcb529084750d56d88567d3eafa3a0c85e950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 17 Oct 2022 15:08:08 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "5be471beb33273cd2bbe39577b8bbea8"
cf-polished: status=not_needed
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e152d2291fb-FRA
content-length: 74235

GET
H2 200 NW1.jpg
buy.duotrim.com/hosted/images/2e/1dcf617c1d429cbc3b8e0256e0e7b9/ 71 KB
71 KB 103ms
97ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/2e/1dcf617c1d429cbc3b8e0256e0e7b9/NW1.jpg
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1671a39154255d5bce5ab9395d99224f9bb4300e9d44ea9364d4d594d0f6cd91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 17 Oct 2022 15:14:40 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "9a85eef7c47a9a16014bfa6316cf33d4"
cf-polished: status=not_needed
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d2e91fb-FRA
content-length: 72360

GET
H2 200 NW.jpg
buy.duotrim.com/hosted/images/78/e2857d157c4435a4a5bed3c82538b3/ 80 KB
80 KB 103ms
98ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/78/e2857d157c4435a4a5bed3c82538b3/NW.jpg
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9818bb8c2fdb71f1ab9318ab72befa827e18f1ceabe700a34ee2c63daf032d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 17 Oct 2022 15:10:00 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "91211a42022fa2d5ac95e33f31c28ae5"
cf-polished: origSize=81542
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d3091fb-FRA
content-length: 81502

GET
H2 200 IMG_5642.jpg
buy.duotrim.com/hosted/images/0a/9a65611f054c1e9930b879fd9ea242/ 109 KB
109 KB 99ms
94ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/0a/9a65611f054c1e9930b879fd9ea242/IMG_5642.jpg
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fd0239db0f11f756644db003a00e88d6f811faf2488bc2e5bfe9cdead40abc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 09 Oct 2022 17:56:42 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "6b458e0eb1defdde89fed377b788b0e0"
cf-polished: origSize=111642, status=webp_bigger
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d3191fb-FRA
content-length: 111493

GET
H2 200 57cf5f20-7f26-49d0-af19-6b0a1f139ece.jpg
buy.duotrim.com/hosted/images/ff/891da2df1f436290ba731df594af1f/ 111 KB
111 KB 91ms
86ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/ff/891da2df1f436290ba731df594af1f/57cf5f20-7f26-49d0-af19-6b0a1f139ece.jpg
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a725855360bd20a9853ff9d4b8169a3f624cdf7fb8f8a7363f9710645620cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 09 Oct 2022 17:59:28 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "d4e060a6ad8b24ff04a8eb3b49d0e435"
cf-polished: origSize=113956, status=webp_bigger
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d3291fb-FRA
content-length: 113805

GET
H2 200 IMG_5640.jpg
buy.duotrim.com/hosted/images/31/2944fba1a745ff8c9cab6c95fbbd09/ 87 KB
87 KB 100ms
95ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/31/2944fba1a745ff8c9cab6c95fbbd09/IMG_5640.jpg
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f80f400049a3aeec9aed7dfacde33d3f587cc1090f16f41bd3b11bb4045e3dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 09 Oct 2022 17:56:42 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "a4585bcf57666c8269d45bc6e2eb9c89"
cf-polished: status=not_needed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d3491fb-FRA
content-length: 89244

GET
H2 200 5eccd4c2-ebdf-4025-83ca-0302e13f1337.jpg
buy.duotrim.com/hosted/images/54/8814b1a92940d1a89d89709218304f/ 79 KB
79 KB 85ms
80ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/54/8814b1a92940d1a89d89709218304f/5eccd4c2-ebdf-4025-83ca-0302e13f1337.jpg
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f19512e413c3f6efb0160b04acfab22e1c9c79adbdde7569dec5388e32a0ad4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 09 Oct 2022 18:00:06 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "7b61a876cef7443318a7c2febb9894f4"
cf-polished: origSize=80834, status=webp_bigger
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d3591fb-FRA
content-length: 80677

GET
H2 200 facebook_group_mockup.jpg
buy.duotrim.com/hosted/images/2f/e862fb2bf4412e9306f08c6b7468e0/ 131 KB
131 KB 102ms
97ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/2f/e862fb2bf4412e9306f08c6b7468e0/facebook_group_mockup.jpg
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 542479b6ea9078e53066c275ed53e0b235eff72b7ef1c0a753856eceb8d67245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 05 Oct 2022 19:51:47 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "ec7781937b320f4dad627de6210a3c3c"
cf-polished: origSize=136194
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d3691fb-FRA
content-length: 134290

GET
H2 200 10n1.png
buy.duotrim.com/hosted/images/24/6d41ca4ce04edba854232979133d64/ 100 KB
100 KB 90ms
86ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/24/6d41ca4ce04edba854232979133d64/10n1.png
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16787884cb848fe85c16a265ed896003d6ff6d2c74816b080c39b9d20d608f9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 05 Oct 2022 19:52:49 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "92e9f071132cf2f010ab6d337bf42f39"
cf-polished: origSize=102048
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d3791fb-FRA
content-length: 102027

GET
H2 200 3S_Max_System.jpg
buy.duotrim.com/hosted/images/1f/038165cd034151810c7c18fbba54ef/ 22 KB
23 KB 85ms
80ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/1f/038165cd034151810c7c18fbba54ef/3S_Max_System.jpg
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3d182e6c7ded5d8563b8417d098ed9887023b5f749eaa024423a08208a931a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 01 Dec 2022 10:39:31 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "d580ba00549406c188f39b0b0fffd49e"
cf-polished: degrade=85, origSize=31108
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d3891fb-FRA
content-length: 22864

GET
H2 200 Gut_Health_Masterclass.jpg
buy.duotrim.com/hosted/images/2d/af4c39d8f74053b2aef5d3e6a2a479/ 81 KB
81 KB 99ms
94ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/2d/af4c39d8f74053b2aef5d3e6a2a479/Gut_Health_Masterclass.jpg
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 268fe57f431548e003d56adef5fc0a28487468433b0beae2685c1d3f527f3659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 05 Oct 2022 19:53:48 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "c519b56f696f289f1e8bdaca5a49462f"
cf-polished: degrade=85, origSize=86049
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d3991fb-FRA
content-length: 82678

GET
H2 200 harvard.png
buy.duotrim.com/hosted/images/fb/13b7946c244289af337239e98e7679/ 8 KB
8 KB 101ms
97ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/fb/13b7946c244289af337239e98e7679/harvard.png
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a8e68c678bf5ebdc3df763929d0723794a37ff9e974687717df354a1dee63ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 15 Sep 2022 15:22:09 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "e0862d6d684317a54d2ccf63b6a09f08"
cf-polished: origSize=8137
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d3a91fb-FRA
content-length: 8034

GET
H2 200 Screenshot-2022-09-15-at-16.25.28.png
buy.duotrim.com/hosted/images/59/39aefe5ade41a2aa7e814b25acd6d9/ 10 KB
10 KB 106ms
101ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/59/39aefe5ade41a2aa7e814b25acd6d9/Screenshot-2022-09-15-at-16.25.28.png
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43bea2654f9ac2e8fea982a78158a44d68003b46f07d47820d8bd6c381fd060b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 15 Sep 2022 15:25:43 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "33be3809cad8b1a7201a0b85faed2d59"
cf-polished: origSize=11230
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d3b91fb-FRA
content-length: 10462

GET
H2 200 duke.png
buy.duotrim.com/hosted/images/d2/2d3bb2df4241338c0448e5285d2a48/ 5 KB
6 KB 102ms
98ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/d2/2d3bb2df4241338c0448e5285d2a48/duke.png
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a962ad876ad1796e2c28fdace6a228cdafa8dae89ac2a78765986cd4c9f6f10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 15 Sep 2022 15:23:36 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "63de74e343033102115788e1c322fe44"
cf-polished: origSize=5743
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d3c91fb-FRA
content-length: 5622

GET
H2 200 Screenshot-2022-09-15-at-16.24.09.png
buy.duotrim.com/hosted/images/78/4e5d88cb4d4bfea3e646903dba2727/ 11 KB
12 KB 99ms
95ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/78/4e5d88cb4d4bfea3e646903dba2727/Screenshot-2022-09-15-at-16.24.09.png
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5c234486362bc34b345b88c49f6dcda866875aa98925da0f75645f8f35b042

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 15 Sep 2022 15:24:23 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "043f26d8e7f78328d2a3e46703b5487d"
cf-polished: origSize=12119
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d3d91fb-FRA
content-length: 11774

GET
H2 200 ref-logo.png
buy.duotrim.com/hosted/images/06/d799e3af0648599ee9fae74428fa2e/ 8 KB
8 KB 129ms
125ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/06/d799e3af0648599ee9fae74428fa2e/ref-logo.png
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db508103ea4ce863baa64add9efa68915e570a1637f2ed0633d8b3936e22e764

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 06 Jan 2023 11:56:18 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "4349b1520b2ad22d8442aefc64e4f3a5"
cf-polished: origSize=8370
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d3e91fb-FRA
content-length: 7799

GET
H2 200 css
fonts.googleapis.com/ 6 KB
872 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fjalla+One%7CSource+Sans+Pro%7CFjalla+One%7Csans-serif%7CFjalla+One%7Csans-serif%7CUbuntu%7CSource+Sans+Pro%7Csans-serif%7CSource+Sans+Pro%7Csans-serif%7CSource+Sans+Pro%7CUbuntu%7Csans-serif%7CSource+Sans+Pro%7Csans-serif%7CUbuntu%7Csans-serif%7CSource+Sans+Pro%7Csans-serif%7CUbuntu%7CSource+Sans+Pro%7Csans-serif%7CUbuntu%7CSource+Sans+Pro%7Csans-serif%7CUbuntu%7CSource+Sans+Pro%7Csans-serif%7CUbuntu%7CSource+Sans+Pro%7Csans-serif%7CUbuntu%7Csans-serif%7CSource+Sans+Pro%7Csans-serif%7CSource+Sans+Pro%7CUbuntu%7CSource+Sans+Pro%7CUbuntu%7Csans-serif%7CSource+Sans+Pro%7Csans-serif%7CSource+Sans+Pro%7Csans-serif%7CUbuntu%7CSource+Sans+Pro%7Csans-serif%7CSource+Sans+Pro%7Csans-serif%7CSource+Sans+Pro%7CRoboto%7Csans-serif%7C%7C

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bccaf4aab2d725717166d3a75922bc5625da88720dbb18fba1006c51856574b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Mar 2023 23:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 23:37:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Mar 2023 23:37:41 GMT

GET
H2 200 lander.js Show response
buy.duotrim.com/assets/ 2 MB
662 KB 51ms
50ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.duotrim.com/assets/lander.js

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a5a698ff3c64f3816318327c9d9229af2110a7e97042cb084d4628a269622d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:41 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 72
last-modified: Wed, 15 Mar 2023 15:30:16 GMT
server: cloudflare
etag: W/"6411e488-2381fa"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7aa14e151d0d91fb-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Sat, 18 Mar 2023 23:57:41 GMT

GET
H2 200 pushcrew.js Show response
buy.duotrim.com/assets/ 637 B
765 B 89ms
86ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.duotrim.com/assets/pushcrew.js

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 164
last-modified: Wed, 15 Mar 2023 15:29:15 GMT
server: cloudflare
etag: W/"6411e44b-27d"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7aa14e154d4091fb-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Sat, 18 Mar 2023 23:57:41 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 107ms
60ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://buy.duotrim.com/
Origin: https://buy.duotrim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7aa14e156b0e365b-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
63 KB 90ms
35ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MB6F7Q8

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af820bf974060bbe1e95a510f719ca1cc390279d0e7c67bfaffd79057b52849f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63832
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Mar 2023 23:37:42 GMT

GET
H2 200 / Show response
tracking.buygoods.com/track/ 7 KB
2 KB 428ms
349ms Script
application/javascript 2606:4700:3108::ac42:28ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.buygoods.com/track/?a=7931&firstcookie=0&tracking_redirect=&referrer=https%3A%2F%2Ftrustedhealthnews.com%2F&sessid2=&product=duo2,duo6,duo12&vid1=&vid2=&vid3=&caller_url=https%3A%2F%2Fbuy.duotrim.com%2Fwatch-now%3Faff_id%3D786%26subid%3D5agixop0317duotrim
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a14a98ee57f3a573a40c8589a9253c1bdf5364eeb96945bb5d2aa21cfc72e8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
cf-ray: 7aa14e159bc2695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, Jan 12 1999 01:01:01 GMT

GET
H2 200 e4d1r1k20b
fast.wistia.net/embed/iframe/ Frame 54A3 8 KB
0 178ms
122ms Document
text/html 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://buy.duotrim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 83742
cache-control: public, no-cache
content-encoding: br
content-length: 2709
content-type: text/html; charset=utf-8
date: Sat, 18 Mar 2023 23:37:42 GMT
etag: W/"d9a33c7782bcf33c0834f972bc100662"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=0
timing-allow-origin: *
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-browser-version: 111
x-cache: HIT, MISS
x-cache-hits: 248, 0
x-content-type-options: nosniff
x-download-options: noopen
x-ecma-v: modern
x-permitted-cross-domain-policies: none
x-request-id: dd250b3bb57fab527abf20d298488a0d
x-runtime: 0.071818
x-served-by: cache-iad-kiad7000152-IAD, cache-hhn-etou8220065-HHN
x-timer: S1679182662.995657,VS0,VE98

GET
H2 200 Researchers-discover-gut-bacteria-linked-to-lower-cholesterol.jpg
buy.duotrim.com/hosted/images/d8/bed52f1b814259a4361333096eee47/ 232 KB
232 KB 85ms
85ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/d8/bed52f1b814259a4361333096eee47/Researchers-discover-gut-bacteria-linked-to-lower-cholesterol.jpg
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4ae58826d26b97bee634e4400db5c58427946467c13cf59b37e7f6c336343b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Sep 2022 19:06:58 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "a0d9de1e2df6e8c2daf6840cd08d62a2"
cf-polished: origSize=260477
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e154d4191fb-FRA
content-length: 237558

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 72ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.duotrim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 21:07:17 GMT
x-content-type-options: nosniff
age: 95425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Mar 2024 21:07:17 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 77ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.duotrim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 00:28:56 GMT
x-content-type-options: nosniff
age: 256126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 00:28:56 GMT

GET
H2 200 Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v13/ 16 KB
16 KB 90ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/fjallaone/v13/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjalla+One%7CSource+Sans+Pro%7CFjalla+One%7Csans-serif%7CFjalla+One%7Csans-serif%7CUbuntu%7CSource+Sans+Pro%7Csans-serif%7CSource+Sans+Pro%7Csans-serif%7CSource+Sans+Pro%7CUbuntu%7Csans-serif%7CSource+Sans+Pro%7Csans-serif%7CUbuntu%7Csans-serif%7CSource+Sans+Pro%7Csans-serif%7CUbuntu%7CSource+Sans+Pro%7Csans-serif%7CUbuntu%7CSource+Sans+Pro%7Csans-serif%7CUbuntu%7CSource+Sans+Pro%7Csans-serif%7CUbuntu%7CSource+Sans+Pro%7Csans-serif%7CUbuntu%7Csans-serif%7CSource+Sans+Pro%7Csans-serif%7CSource+Sans+Pro%7CUbuntu%7CSource+Sans+Pro%7CUbuntu%7Csans-serif%7CSource+Sans+Pro%7Csans-serif%7CSource+Sans+Pro%7Csans-serif%7CUbuntu%7CSource+Sans+Pro%7Csans-serif%7CSource+Sans+Pro%7Csans-serif%7CSource+Sans+Pro%7CRoboto%7Csans-serif%7C%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.duotrim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 18:29:52 GMT
x-content-type-options: nosniff
age: 364070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16588
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:38:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Mar 2024 18:29:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB6F7Q8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 23:19:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1089
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 19 Mar 2023 01:19:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 81ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB6F7Q8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Mar 2023 23:37:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: GNzNslt1NnavEcqSwib21fq5/DZL3T4iBho6G7gHJ0Kg+c8SG9b+D0EquwwwA4fc5Fs0GM+/5gsb3FeCvjA/0Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
751 B 232ms
48ms Script
application/javascript 2a02:26f0:6c00:19a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB6F7Q8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19a::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8fd0e79fe04e510f99d7693dd7ee10ddd58a662c42732a03626f6c1447b09154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "6e628a3f3eb4614d91617bfc9d4267a9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 484

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 216ms
163ms Script
application/javascript 95.101.111.61
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=CDKH7KRC77U6CO7MJ37G
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB6F7Q8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.61 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-61.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 55cbc381872f6a47295e5a0a51cca29f918ec6082c2274d5ee116bdf6a84e82d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-akamai-request-id: 312bff03.4596873e
date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a92-123-70-61.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-parent-response-time: 138,92.123.70.61
server-timing: cdn-cache; desc=MISS, edge; dur=110, origin; dur=28, inner; dur=12
content-length: 1531
pragma: no-cache
server: nginx
x-tt-logid: 202303182337424B57463DBCCE9C92C9C2
x-cache-remote: TCP_MISS from a23-48-249-176.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 29,23.48.249.176
x-tt-trace-host: 013f96a7cbacba88eb4bed08b16304b9f8758ecd0d30be8f3fea1a06113a1dea1e413499cc6bdb38328c508c2471ef5424dd60837e80f2967181e416c63471459ecde8c2985c08b131b312dced7475429e8af6061b2a4372dbfc37a5c7d444fc86cd07c50c3c10195ea902ab5297610b96
expires: Sat, 18 Mar 2023 23:37:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
80 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WLQYWWLCQF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB6F7Q8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb6b9412cba1fdf39531f4ad653f0f1056bac0b620d2485b68294f97ae1e7584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81689
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 Mar 2023 23:37:42 GMT

GET
H2 200 insideIframe.js
fast.wistia.net/assets/external/ Frame 54A3 45 KB
0 21ms
21ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/insideIframe.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3465
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 11912
x-served-by: cache-iad-kjyo7100042-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Tue, 07 Mar 2023 01:17:35 GMT
server: AmazonS3
x-timer: S1679182662.266826,VS0,VE0
etag: "ef907b8cbecb9c54482e2f4a771acd2b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 32, 31

GET E-v1.js
fast.wistia.net/assets/external/ Frame 54A3 0
0

GET
H2 200 vendor.js Show response
buy.duotrim.com/ 18 KB
6 KB 167ms
166ms Script
application/javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.duotrim.com/vendor.js

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: REVALIDATED
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
x-request-id: 266e21f5fcdecb46285bc7d3a9fe5ca7
x-runtime: 0.017655
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
server: cloudflare
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7aa14e17cee191fb-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: ALLOWALL
x-rack-cache: fresh

GET /
track.addevent.com/atc/ 0
0

GET
H2 200 iframeApi.js Show response
fast.wistia.com/assets/external/ 74 KB
19 KB 22ms
21ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/iframeApi.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3ea95286176dcb68c3b0f65f971fcba8699956c8dfcb4c7f79c60b80d6a7fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3494
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18860
x-served-by: cache-iad-kiad7000064-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Tue, 07 Mar 2023 01:17:35 GMT
server: AmazonS3
x-timer: S1679182662.369828,VS0,VE0
etag: "00da5859f7fb9437443d247eb1f33f03"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14, 9

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
755 B 259ms
197ms XHR
text/html 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=a0ZQQjNyemRyMDRuYUZKRi9oVW9lUT09LS1jbnl0TzVvYjU2bVFPRFVBVWxNYTl3PT0%3D--03877eec0f05f0548ee650449582f7055a0e20f9&page_id=QmFhSUkyd1pMNG9PdE96TXdsSWc2Zz09LS1yc016Y0IrU0xQQ2pLU2ZKMHQxbVB3PT0%3D--8e3abd7c98b4016281381e14e02d277acad83624&funnel_step_id=dE9DdHNSeHZUeEpkK2hwaEZIbXVKQT09LS1Gbzlpd0xYY0pBdEhmOElPbkpveFBnPT0%3D--9ebc218cc222995d5ad59c659a421f65515283ad&user_id=UG1jbUJxZGhpNWxRVXM3K1BDWk1aUT09LS00WW4rbDFDcHFhWFVYaFNsM2d4eFNBPT0%3D--f471f2111e3bee2c877df800c028df245dcfa0ab&account_id=K2hIVDdjWVJocWlRYmRjK3VTTmtlQT09LS1seG1kaWlDQm0vNDdjYXRJVTFXODh3PT0%3D--ba099fbc5c4916d215cabedef64567262154c3f6&page_code=NTc5ODE2OTg%3D&mode_id=1&time_zone=London&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=99b51e8f-6101-4cff-a383-38005060a17e&url=https%3A%2F%2Fbuy.duotrim.com%2Fwatch-now%3Faff_id%3D786%26subid%3D5agixop0317duotrim

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
strict-transport-security: max-age=0
access-control-request-method: *
cf-cache-status: BYPASS
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
x-request-id: 3ca8720f6c5dc6267b04ed675d93c22a
pragma: no-cache
x-runtime: 0.039669
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7aa14e184f10bb86-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: ALLOWALL
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
306 B 465ms
404ms XHR
text/html 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=a0ZQQjNyemRyMDRuYUZKRi9oVW9lUT09LS1jbnl0TzVvYjU2bVFPRFVBVWxNYTl3PT0%3D--03877eec0f05f0548ee650449582f7055a0e20f9&page_id=QmFhSUkyd1pMNG9PdE96TXdsSWc2Zz09LS1yc016Y0IrU0xQQ2pLU2ZKMHQxbVB3PT0%3D--8e3abd7c98b4016281381e14e02d277acad83624&funnel_step_id=dE9DdHNSeHZUeEpkK2hwaEZIbXVKQT09LS1Gbzlpd0xYY0pBdEhmOElPbkpveFBnPT0%3D--9ebc218cc222995d5ad59c659a421f65515283ad&user_id=UG1jbUJxZGhpNWxRVXM3K1BDWk1aUT09LS00WW4rbDFDcHFhWFVYaFNsM2d4eFNBPT0%3D--f471f2111e3bee2c877df800c028df245dcfa0ab&account_id=K2hIVDdjWVJocWlRYmRjK3VTTmtlQT09LS1seG1kaWlDQm0vNDdjYXRJVTFXODh3PT0%3D--ba099fbc5c4916d215cabedef64567262154c3f6&page_code=NTc5ODE2OTg%3D&mode_id=1&time_zone=London&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=d7d53f45-a47c-44b7-804a-a04f22c123df&url=https%3A%2F%2Fbuy.duotrim.com%2Fwatch-now%3Faff_id%3D786%26subid%3D5agixop0317duotrim

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
strict-transport-security: max-age=0
access-control-request-method: *
cf-cache-status: BYPASS
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
x-request-id: 37ef87dc78aa4760224c8680e38835f2
pragma: no-cache
x-runtime: 0.064876
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7aa14e184f12bb86-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: ALLOWALL
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
306 B 283ms
223ms XHR
text/html 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=a0ZQQjNyemRyMDRuYUZKRi9oVW9lUT09LS1jbnl0TzVvYjU2bVFPRFVBVWxNYTl3PT0%3D--03877eec0f05f0548ee650449582f7055a0e20f9&page_id=QmFhSUkyd1pMNG9PdE96TXdsSWc2Zz09LS1yc016Y0IrU0xQQ2pLU2ZKMHQxbVB3PT0%3D--8e3abd7c98b4016281381e14e02d277acad83624&funnel_step_id=dE9DdHNSeHZUeEpkK2hwaEZIbXVKQT09LS1Gbzlpd0xYY0pBdEhmOElPbkpveFBnPT0%3D--9ebc218cc222995d5ad59c659a421f65515283ad&user_id=UG1jbUJxZGhpNWxRVXM3K1BDWk1aUT09LS00WW4rbDFDcHFhWFVYaFNsM2d4eFNBPT0%3D--f471f2111e3bee2c877df800c028df245dcfa0ab&account_id=K2hIVDdjWVJocWlRYmRjK3VTTmtlQT09LS1seG1kaWlDQm0vNDdjYXRJVTFXODh3PT0%3D--ba099fbc5c4916d215cabedef64567262154c3f6&page_code=NTc5ODE2OTg%3D&mode_id=1&time_zone=London&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=ad772c98-a192-4b0f-bfac-93c6aab63e71&url=https%3A%2F%2Fbuy.duotrim.com%2Fwatch-now%3Faff_id%3D786%26subid%3D5agixop0317duotrim

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
strict-transport-security: max-age=0
access-control-request-method: *
cf-cache-status: BYPASS
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
x-request-id: 24ff808091be6ae286ca98e25a7ec623
pragma: no-cache
x-runtime: 0.043893
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 7aa14e184f13bb86-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options: ALLOWALL
x-rack-cache: miss

GET
H2 200 e4d1r1k20b Show response
fast.wistia.net/embed/iframe/ Frame 5A79 8 KB
3 KB 24ms
22ms Document
text/html 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/assets/lander.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d9a33c7782bcf33c0834f972bc1006623be9e4fe049dd1d53b9a2be11b838c2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://buy.duotrim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 83742
cache-control: public, no-cache
content-encoding: br
content-length: 2709
content-type: text/html; charset=utf-8
date: Sat, 18 Mar 2023 23:37:42 GMT
etag: W/"d9a33c7782bcf33c0834f972bc100662"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=0
timing-allow-origin: *
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-browser-version: 111
x-cache: HIT, HIT
x-cache-hits: 248, 1
x-content-type-options: nosniff
x-download-options: noopen
x-ecma-v: modern
x-permitted-cross-domain-policies: none
x-request-id: dd250b3bb57fab527abf20d298488a0d
x-runtime: 0.071818
x-served-by: cache-iad-kiad7000152-IAD, cache-hhn-etou8220065-HHN
x-timer: S1679182662.429424,VS0,VE0

GET
H2 200 disclaimer Show response
display.buygoods.com/v1/ 1 KB
2 KB 239ms
161ms Script
text/plain 2606:4700:3108::ac42:2b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=7931&background=transparent&_=1679182662422

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/assets/lander.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

95d00f72c1db39e0cf57117406525ede2502865d3e7b72efc80412c53dff30e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
cf-ray: 7aa14e18afc8926b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 6-month.png
buy.duotrim.com/hosted/images/28/7cada463ba4a13927f3fd4fa87d69c/ 107 KB
108 KB 55ms
49ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/28/7cada463ba4a13927f3fd4fa87d69c/6-month.png
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 264346c1dabc6164fe5532bd6452282e0d4a26869c730e2820e41abf8ce5bc36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 04 Jan 2023 20:11:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "ebec65ab34420adce11a2f86216211f9"
cf-polished: origSize=110146
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e185f3c91fb-FRA
content-length: 109851

GET
H2 200 3-month-dt.png
buy.duotrim.com/hosted/images/3a/f234f74fd841caa3adcb36e2e73179/ 108 KB
108 KB 85ms
80ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/3a/f234f74fd841caa3adcb36e2e73179/3-month-dt.png
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65f66f1391ceb42ec3b5b5f4404840eb2f061e2a9c9d6e8ae5ae5ae9e5487ef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 04 Jan 2023 20:13:19 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "5daadf13b8d71f3a65e3088d55b7fa90"
cf-polished: origSize=110657
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e185f3d91fb-FRA
content-length: 110363

GET
H2 200 image-18-.png
buy.duotrim.com/hosted/images/ed/9de3b7f594454b88a3e5e00e155aed/ 40 KB
40 KB 57ms
52ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/ed/9de3b7f594454b88a3e5e00e155aed/image-18-.png
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9af21d270ad7f1c8277f0797876dccd67617dbe832218b3e22103dcd0f18c6ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 06 Jan 2023 16:06:22 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "779548aaff8d0801bc18b7d64880374a"
cf-polished: origSize=41159
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e185f3e91fb-FRA
content-length: 41138

GET
H2 200 image-19-.png
buy.duotrim.com/hosted/images/36/5f9e31d53d4d6a98572a523f51ce42/ 41 KB
41 KB 74ms
70ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/36/5f9e31d53d4d6a98572a523f51ce42/image-19-.png
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec3be3f5056ff6016b8f96a94ffdcc39be8976825714a1028be41f977c133dbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 06 Jan 2023 16:06:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "67016e8ce957c6c596720f5dd091e8e8"
cf-polished: origSize=41594
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e185f3f91fb-FRA
content-length: 41573

GET
H2 200 image-20-.png
buy.duotrim.com/hosted/images/b7/b25fef381c4806a539a8ffe7c8f6e1/ 32 KB
32 KB 57ms
54ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.duotrim.com/hosted/images/b7/b25fef381c4806a539a8ffe7c8f6e1/image-20-.png
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b7e7e3b78bc5291bbc428ffa823079bea3ee452f9a73d5e55d9811b5dabbb43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 06 Jan 2023 16:06:01 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "c963aa6521f85af0b61f7b07ceb16a6e"
cf-polished: origSize=32762
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7aa14e185f4191fb-FRA
content-length: 32741

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 124 KB
31 KB 21ms
21ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a03fa747a48bb6f9ea053f115e19cd3b4bffad6840c18ac70e4e11080f81ebd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3380
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 31294
x-served-by: cache-iad-kjyo7100137-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Tue, 07 Mar 2023 01:17:35 GMT
server: AmazonS3
x-timer: S1679182662.469031,VS0,VE0
etag: "575f1891ded5baad9ff5a8dbec0ace72"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 30, 92

GET
H2 200 insideIframe.js Show response
fast.wistia.net/assets/external/ Frame 5A79 45 KB
12 KB 22ms
21ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/insideIframe.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

89f0532a4b12bb276fa3a0a19be00484e3c357f1b39bf36d823ee32966506414

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3466
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 11912
x-served-by: cache-iad-kjyo7100042-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Tue, 07 Mar 2023 01:17:35 GMT
server: AmazonS3
x-timer: S1679182662.480877,VS0,VE0
etag: "ef907b8cbecb9c54482e2f4a771acd2b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 32, 32

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ Frame 5A79 631 KB
115 KB 22ms
22ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

18e27aa85bc402887652ca383a1f2fb1087839147b0405f508a36337e29c51f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3345
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117262
x-served-by: cache-iad-kjyo7100096-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Tue, 07 Mar 2023 01:17:34 GMT
server: AmazonS3
x-timer: S1679182662.480917,VS0,VE0
etag: "6c7e4824a5037ec3c3b146e49f12c184"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 48, 49

GET
H2 200 videoThumbnail.js Show response
fast.wistia.com/assets/external/ 71 KB
20 KB 21ms
21ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/videoThumbnail.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

74b777a8e3235c212581e8444cea6279d7da298bdb10c6c4c0db74de106ba889

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3374
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 19992
x-served-by: cache-iad-kcgs7200033-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Tue, 07 Mar 2023 01:17:35 GMT
server: AmazonS3
x-timer: S1679182662.499704,VS0,VE0
etag: "e48a37fd98c32cd6643018321ff1a865"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20, 10

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 29ms
28ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1152450819&t=pageview&_s=1&dl=https%3A%2F%2Fbuy.duotrim.com%2Fwatch-now%3Faff_id%3D786%26subid%3D5agixop0317duotrim&dr=https%3A%2F%2Ftrustedhealthnews.com%2F&ul=en-us&de=UTF-8&dt=Daily%20Digestion%20Hack%20Dissolves%20Belly%20Fat&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=749672518&gjid=1015861673&cid=38325771.1679182662&tid=UA-120637619-12&_gid=1193883905.1679182662&_r=1&_slc=1&gtm=45He33f0n81MB6F7Q8&z=1000679639

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://buy.duotrim.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:37:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buy.duotrim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 thumbnailTextOverlay-v2.js Show response
fast.wistia.com/assets/external/ 84 KB
26 KB 22ms
22ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7b5cdcf3dd912c83db92ae4e1cae8e936bd6f4970c480c73427da31638b81868

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2262
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 26684
x-served-by: cache-iad-kiad7000145-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Tue, 07 Mar 2023 01:17:35 GMT
server: AmazonS3
x-timer: S1679182663.519851,VS0,VE1
etag: "7428164de064d56e2093ef770e7ff3b2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23, 1

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.99

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Mar 2023 23:37:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: kIEiDhGpWN2vYnPdQ7uJ5nukZ80VYGH1Np0sUanl3eMt8Owo60EQ4OsQb6QXaQBGZM7Uss8HC63itV6ZobJ25g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 765214441277919 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 187ms
187ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/765214441277919?v=2.9.99&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3778a24484e611e1187550450aa32d73bf0c727733168d938fd9507cca8fcb0b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Mar 2023 23:37:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: UJYgkn5m2q0/KyEyrUm4wXtljivlijJwSaTU6VbIrDuzSfjo0ASAwgNfpR/jK2V5guwZ5FjySGSG1ssGxe5XEg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 88ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WLQYWWLCQF&gtm=45je33f0&_p=1152450819&cid=38325771.1679182662&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679182662&sct=1&seg=0&dl=https%3A%2F%2Fbuy.duotrim.com%2Fwatch-now%3Faff_id%3D786%26subid%3D5agixop0317duotrim&dr=https%3A%2F%2Ftrustedhealthnews.com%2F&dt=Daily%20Digestion%20Hack%20Dissolves%20Belly%20Fat&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WLQYWWLCQF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:37:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buy.duotrim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTE3ZGZjMmFkMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 238 KB
65 KB 28ms
27ms Script
application/javascript 95.101.111.61
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=CDKH7KRC77U6CO7MJ37G
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.61 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-61.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a6563f1b77608e27cb823aeea1c95a4db298557918d9ed6e8e9db5160d8aabdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-akamai-request-id: 45968816
date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230221145355EE3B53D6D17626A90437
vary: Accept-Encoding
x-cache: TCP_HIT from a92-123-70-61.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01f173ca3c2a5ff057b5fe219795acedbeecb56f2285ee60b72469e86232154db7d2f54b91d22b357c29e860b5d35855128028a8eda102ee8919fc71a99d61e5357fd13cc7b7ac3821ea9934e2cd96822ae63c04ad3cb29753f3013bb5499bff0a
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 66046

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 91ms
29ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-120637619-12&cid=38325771.1679182662&jid=749672518&gjid=1015861673&_gid=1193883905.1679182662&_u=YEBAAEAAAAAAACAAI~&z=756736122

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buy.duotrim.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 18 Mar 2023 23:37:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buy.duotrim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.8b1025ba.js Show response
s.pinimg.com/ct/lib/ 56 KB
17 KB 50ms
50ms Script
application/javascript 2a02:26f0:6c00:19a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.8b1025ba.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19a::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5c1b133e4da2d3c32efabe11e0aea725cf19372d47fa794ff41df965bf5ebe59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "cdc9076a068e07f5162c7bc891af6405"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 17364

GET
H2 200 wistia-mux.js Show response
fast.wistia.net/assets/external/ Frame 5A79 124 KB
31 KB 21ms
21ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a03fa747a48bb6f9ea053f115e19cd3b4bffad6840c18ac70e4e11080f81ebd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3420
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 31294
x-served-by: cache-iad-kiad7000123-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Tue, 07 Mar 2023 01:17:35 GMT
server: AmazonS3
x-timer: S1679182663.685603,VS0,VE0
etag: "575f1891ded5baad9ff5a8dbec0ace72"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 43, 32

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
757 B 121ms
51ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612955115615&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1679182662681&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.8b1025ba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pin-unauth: dWlkPVkySmpOelE0WkdFdE56ZzNZeTAwTURKakxXSTBPV0V0TlRVMFlXSXlOMkl6TURkaw
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Sat, 18 Mar 2023 23:37:42 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://buy.duotrim.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
x-pinterest-rid: 7351721713088496
content-length: 375
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_cab4d.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 25ms
25ms Script
application/javascript 95.101.111.61
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.61 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-61.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-akamai-request-id: 459688ac
date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230221145333782DB30DDE1B8E03D9B7
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a92-123-70-61.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0196ba30866e246b6c1d84731a7f32cf1bf0260ca2be54cd3407d7ebfabd8edc47f2c5dca85f88521ae928a8d528ddc765017ef25fd5cfeede7bbd5524b0db5500719230378e51eb81ec109ca4de994b869a718ac5a37df414c1ba71d6bbd34e17
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30896

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
693 B 143ms
143ms Ping
text/plain 95.101.111.61
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.61 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-61.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buy.duotrim.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d93818d5.459688ed
date: Sat, 18 Mar 2023 23:37:42 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a92-123-70-61.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-parent-response-time: 109,92.123.70.61
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=23, inner; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023031823374285BC2E603330FD92A082
x-cache-remote: TCP_MISS from a23-220-104-202.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.220.104.202
x-tt-trace-host: 013f96a7cbacba88eb4bed08b16304b9f8758ecd0d30be8f3fea1a06113a1dea1e1a56a3ab8d2ba4d4ae904975fa441c2769d7a4f8ec8ed8e3e1f644d06bd2f84e9e4ca392d4939b235621c2ae7da7ccd95f3e4599a10c5cf4987336acec0c3a9174cbff1479f76d39f2d8db30603523c8
expires: Sat, 18 Mar 2023 23:37:42 GMT

GET
H2 200 thumbnailTextOverlay-v2.js Show response
fast.wistia.net/assets/external/ Frame 5A79 84 KB
26 KB 22ms
22ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/thumbnailTextOverlay-v2.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7b5cdcf3dd912c83db92ae4e1cae8e936bd6f4970c480c73427da31638b81868

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1016
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 26684
x-served-by: cache-iad-kjyo7100107-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Tue, 07 Mar 2023 01:17:35 GMT
server: AmazonS3
x-timer: S1679182663.766377,VS0,VE1
etag: "7428164de064d56e2093ef770e7ff3b2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 1

GET
H2 200 videoThumbnail.js Show response
fast.wistia.net/assets/external/ Frame 5A79 71 KB
20 KB 21ms
21ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/videoThumbnail.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

74b777a8e3235c212581e8444cea6279d7da298bdb10c6c4c0db74de106ba889

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3579
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 19992
x-served-by: cache-iad-kjyo7100020-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Tue, 07 Mar 2023 01:17:35 GMT
server: AmazonS3
x-timer: S1679182663.766347,VS0,VE0
etag: "e48a37fd98c32cd6643018321ff1a865"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16, 4

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
93 B 50ms
50ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2612955115615&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fbuy.duotrim.com%2Fwatch-now%3Faff_id%3D786%26subid%3D5agixop0317duotrim%22%2C%22ref%22%3A%22https%3A%2F%2Ftrustedhealthnews.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%228b1025ba%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1679182662758
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:37:42 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1532596434134050
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

buygoods_black.png
buygoods.com/images/
Redirect Chain

https://www.buygoods.com/images/buygoods_black.png
https://buygoods.com/images/buygoods_black.png

4 KB
5 KB

65ms
49ms

Image
image/webp

2606:4700:3108::ac42:2b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buygoods.com/images/buygoods_black.png

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Server

2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 69429
cf-polished: origFmt=png, origSize=9596
content-disposition: inline; filename="buygoods_black.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4492
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Sep 2017 06:30:00 GMT
server: cloudflare
etag: "59b77ee8-257c"
vary: Accept
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7aa14e1b19b0926b-FRA
expires: Tue, 15 Mar 2033 23:37:42 GMT

Redirect headers

date: Sat, 18 Mar 2023 23:37:42 GMT
cf-cache-status: HIT
server: cloudflare
age: 5469
vary: Accept-Encoding
location: https://buygoods.com/images/buygoods_black.png
cache-control: public, max-age=14400
cf-ray: 7aa14e1a9968926b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Sun, 19 Mar 2023 03:37:42 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 70ms
24ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=765214441277919&ev=PageView&dl=https%3A%2F%2Fbuy.duotrim.com%2Fwatch-now%3Faff_id%3D786%26subid%3D5agixop0317duotrim&rl=https%3A%2F%2Ftrustedhealthnews.com%2F&if=false&ts=1679182662812&sw=1600&sh=1200&v=2.9.99&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1679182662812.1880145398&it=1679182662519&coo=false&tm=1&rqm=GET

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Mar 2023 23:37:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.net/assets/external/ Frame 5A79 59 KB
16 KB 21ms
21ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e77731f1be6a90ae60740fc18a27ce00b1b594bc41fea90f1268706259b835d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3345
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 16065
x-served-by: cache-iad-kjyo7100037-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Tue, 07 Mar 2023 01:17:35 GMT
server: AmazonS3
x-timer: S1679182663.842020,VS0,VE0
etag: "dc4eef7d832a84c150611f768716c548"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 24, 32

GET
H2 200 1585c57ba4ea365abbb092cbfe42dd32.png
embed-ssl.wistia.com/deliveries/ Frame 5A79 63 KB
63 KB 126ms
29ms Image
image/png 2600:9000:223e:7a00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/1585c57ba4ea365abbb092cbfe42dd32.png?image_crop_resized=1280x720
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7a00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7775e58d125213ae4f84ae78037b866c49eca0681ee33d3942f2ea9d5e5ee0ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
access-control-request-method: *
via: 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P4
age: 7671
edge-cache-tag: 1585c57ba4ea365abbb092cbfe42dd32
x-cache: Hit from cloudfront
content-disposition: inline
surrogate-key: 1585c57ba4ea365abbb092cbfe42dd32 thumbnail-delivery
last-modified: Fri, 06 Jan 2023 16:41:25 UTC
etag: RBnmNuBHo9iKvCV8jXrHRAPp0fQ=
vary: Origin
content-type: image/png
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: lBYjI-zyya2j01lOXG-fwe7zskKGQUNEBbot3S9hW3d0ypt1A8Um1g==

GET
H2 200 hls_video.js Show response
fast.wistia.net/assets/external/engines/ Frame 5A79 484 KB
112 KB 21ms
21ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

da8a33557a88dd159852e176ef18ec7d718c6765ecbd8cfdb407238de2d844b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3401
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 114479
x-served-by: cache-iad-kjyo7100177-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Tue, 07 Mar 2023 01:17:35 GMT
server: AmazonS3
x-timer: S1679182663.883672,VS0,VE0
etag: "30d39cb7ee01e9d8c43d49131fd35df9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16, 22

GET
H2 200 e4d1r1k20b.m3u8 Show response
fast.wistia.com/embed/medias/ Frame 5A79 758 B
1 KB 156ms
116ms XHR
application/x-mpegurl 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e4d1r1k20b.m3u8

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

88aab890491ba6e62c694f1b4a18167732b7d61083017e89ef10c870b6a629ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:43 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
age: 0
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 758
x-request-id: 8f79aa76ed2978700411836140876a78
x-served-by: cache-iad-kcgs7200074-IAD, cache-hhn-etou8220028-HHN
x-runtime: 0.028876
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 111
x-timer: S1679182663.012419,VS0,VE97
etag: W/"88aab890491ba6e62c694f1b4a181677"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12, 1

GET
H2 200 blank.gif
fast.wistia.net/assets/images/ Frame 5A79 1 KB
1 KB 21ms
21ms Image
image/gif 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/assets/images/blank.gif

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-cache-hits: 13, 924
date: Sat, 18 Mar 2023 23:37:42 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 98480
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kjyo7100120-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Fri, 17 Mar 2023 20:14:13 GMT
x-timer: S1679182663.973932,VS0,VE0
etag: "6414ca15-4be"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 59 KB
16 KB 21ms
21ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e77731f1be6a90ae60740fc18a27ce00b1b594bc41fea90f1268706259b835d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3441
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 16065
x-served-by: cache-iad-kiad7000045-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Tue, 07 Mar 2023 01:17:35 GMT
server: AmazonS3
x-timer: S1679182663.977799,VS0,VE0
etag: "dc4eef7d832a84c150611f768716c548"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18, 85

GET
H2 200 async-api.737e0ca6-1227.min.js Show response
js-agent.newrelic.com/ 2 KB
2 KB 77ms
21ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/async-api.737e0ca6-1227.min.js
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a731c3e7e5a97ed0db1a5539f732ce8d7aa8dd4498712783ce7bf971c0343862

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: .VExrz.uwnbfzMN2qSXv.A5mU3ucPuDN
content-encoding: gzip
via: 1.1 varnish
date: Sat, 18 Mar 2023 23:37:43 GMT
x-amz-request-id: 132YNPDMNN26NMJ3
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1123
x-amz-id-2: BxYtw8lyORXyOD4+LZ2bqXWRDWOw5orbwAvOl6CD+1Y+zLuFrqqO4BdMJlmjHIEBLhqljuQLIz0=
x-served-by: cache-hhn-etou8220023-HHN
last-modified: Thu, 09 Mar 2023 16:57:12 GMT
server: AmazonS3
x-timer: S1679182663.036441,VS0,VE0
etag: "d12e5c859f6125ad9fcfab27abe9d60a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 236

GET
H2 200 lazy-loader.540ab0d1-1227.min.js Show response
js-agent.newrelic.com/ 928 B
618 B 78ms
22ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/lazy-loader.540ab0d1-1227.min.js
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51df0d8aebbf2a09eec21bb89998d92349b04f4f91db6044169a6f8d214bf22d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: i5brlKSFH8dErjq3e9pOJ9e9W7YKVyAf
content-encoding: gzip
via: 1.1 varnish
date: Sat, 18 Mar 2023 23:37:43 GMT
x-amz-request-id: 132WWRWCN68V31M9
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 415
x-amz-id-2: g/wX7i4pH1k9rEnqKJeB0gCFfrlz2+oOyEY2DLqtcfv3sEthnpS6LXnh+ALk7HRqLKCnnFi0m6A=
x-served-by: cache-hhn-etou8220023-HHN
last-modified: Thu, 09 Mar 2023 16:57:12 GMT
server: AmazonS3
x-timer: S1679182663.036554,VS0,VE0
etag: "a041a84a662929211a210e7b10cc82d0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 245

GET
H2 200 background.png Show response
buy.duotrim.com/images/ 118 B
301 B 164ms
164ms XHR
text/javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.duotrim.com/images/background.png?_unique=0.389031605607965&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//buy.duotrim.com/watch-now%3Faff_id%3D786%26subid%3D5agixop0317duotrim&_referrer=ttps%3A//trustedhealthnews.com/&_title=Daily%20Digestion%20Hack%20Dissolves%20Belly%20Fat&_key=pyv1ol02&_page_key=2fhuulf6049zkp60&_fid=12743727&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim&_referrer=https://trustedhealthnews.com/

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/vendor.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

ca1b64970e36407703f7bd9a05adeaa28bbdb0173d9bdf596db299cbf8bceca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:43 GMT
strict-transport-security: max-age=0
access-control-request-method: *
cf-cache-status: DYNAMIC
content-encoding: br
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
x-request-id: d38c5c2d030cc7eb6f786a967d1a645e
x-runtime: 0.014658
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
x-frame-options: ALLOWALL
cf-ray: 7aa14e1ba99291fb-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
vary: Accept-Encoding
x-rack-cache: miss

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame CFB2 565 B
426 B 48ms
48ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.8b1025ba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://buy.duotrim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sat, 18 Mar 2023 23:37:43 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 6951952826288088

GET
H2 200 bg Show response
buygoods.com/affiliates/go/conversion/iframe/ Frame B2B1 0
198 B 649ms
649ms Document
text/html 2606:4700:3108::ac42:2b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buygoods.com/affiliates/go/conversion/iframe/bg?a=7931&t=18ecb169115fc33fdfcd4c7574ab6fc5&s=sessid20230318233720154

Requested by

Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://buy.duotrim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7aa14e1c6a68926b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 18 Mar 2023 23:37:43 GMT
server: cloudflare
strict-transport-security: max-age=31536000;
vary: Accept-Encoding

POST
H2 204 rum Show response
buy.duotrim.com/cdn-cgi/ 0
109 B 44ms
44ms XHR
text/plain 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.duotrim.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json

Response headers

date: Sat, 18 Mar 2023 23:37:43 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://buy.duotrim.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7aa14e1c6a0d91fb-FRA

POST
H2 204 x Show response
distillery.wistia.com/ 0
96 B 408ms
116ms XHR
text/plain 44.195.191.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.191.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-191-171.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buy.duotrim.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 18 Mar 2023 23:37:43 GMT
cache-control: max-age=0, private, must-revalidate

GET
H2 200 9fdb75299a3ef11656c653db0ea9126540e161c2.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ Frame 5A79 100 KB
101 KB 113ms
29ms XHR
application/vnd.apple.mpegurl 2600:9000:223e:c800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/9fdb75299a3ef11656c653db0ea9126540e161c2.m3u8
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:c800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 49a57bce0a419f8cca8ed23195d79f10715811c3f7523153454a0e0fe2466900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:43 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P4
age: 7215
edge-cache-tag: 9fdb75299a3ef11656c653db0ea9126540e161c2-hls-segment 86608ea34ec793d94d1f0a9e898149c4d9c86f22
x-cache: Hit from cloudfront
content-length: 102678
surrogate-key: 9fdb75299a3ef11656c653db0ea9126540e161c2-hls-segment 86608ea34ec793d94d1f0a9e898149c4d9c86f22
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: rio-4EH_o2bC826T-imuZPZBg1tnC5ARdgpD0q1TDRQqdrxmp5xl5Q==
expires: Sun, 17 Mar 2024 21:37:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 22ms
21ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=765214441277919&ev=Microdata&dl=https%3A%2F%2Fbuy.duotrim.com%2Fwatch-now%3Faff_id%3D786%26subid%3D5agixop0317duotrim&rl=https%3A%2F%2Ftrustedhealthnews.com%2F&if=false&ts=1679182663323&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Daily%20Digestion%20Hack%20Dissolves%20Belly%20Fat%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Atitle%22%3A%22Daily%20Digestion%20Hack%20Dissolves%20Belly%20Fat%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fbuy.duotrim.com%2Fwatch-now%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%2F%22%2C%22%40id%22%3A%22https%3A%2F%2Ffast.wistia.net%2Fembed%2Fiframe%2Fclcv96f1fa%22%2C%22%40type%22%3A%22VideoObject%22%2C%22duration%22%3A%22PT56M55S%22%2C%22name%22%3A%22DuoTrim_Lead_3v2_mobile%22%2C%22thumbnailUrl%22%3A%22https%3A%2F%2Fembed-ssl.wistia.com%2Fdeliveries%2F32cb160af85d9b55daf2e6f66ad2c9b5.jpg%3Fimage_crop_resized%3D640x1136%22%2C%22embedUrl%22%3A%22https%3A%2F%2Ffast.wistia.net%2Fembed%2Fiframe%2Fclcv96f1fa%3Fwseektoaction%3Dtrue%22%2C%22uploadDate%22%3A%222023-01-06%22%2C%22description%22%3A%22a%20Duotrim%20video%22%2C%22contentUrl%22%3A%22https%3A%2F%2Fembed-ssl.wistia.com%2Fdeliveries%2Fc49e2ea6c409d5855b5ba0f3a5a461f96063a07c.m3u8%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SeekToAction%22%2C%22target%22%3A%22https%3A%2F%2Fbuy.duotrim.com%2Fwatch-now%3Faff_id%3D786%26subid%3D5agixop0317duotrim%26wtime%3D%7Bseek_to_second_number%7D%22%2C%22startOffset-input%22%3A%22required%20name%3Dseek_to_second_number%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.99&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1679182662812.1880145398&it=1679182662519&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Mar 2023 23:37:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 178.52056f28-1227.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 22ms
21ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/178.52056f28-1227.min.js
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96884203ea0efacd55e8a8a17d91081a6b74c1bae49f8cfb241a84386478f990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: tfnJWGkgjVdXF5EV55Q2uJIk1QgPYrSL
content-encoding: gzip
via: 1.1 varnish
date: Sat, 18 Mar 2023 23:37:43 GMT
x-amz-request-id: CA0KXNDMWWAF2J4V
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3764
x-amz-id-2: Z4gYfPo/vjEEKqN1xtLfcHImpZoosZm6hHWm+9FpVpuhXvS5F+HygIz4mNiqtBOzVOCJ2ip9E9s=
x-served-by: cache-hhn-etou8220023-HHN
last-modified: Thu, 09 Mar 2023 16:57:12 GMT
server: AmazonS3
x-timer: S1679182663.337150,VS0,VE0
etag: "b21a67c8e50dcceef0405ebb063eca96"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 100

GET
H2 200 page_view_event-aggregate.2ae3c96c-1227.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 23ms
22ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_event-aggregate.2ae3c96c-1227.min.js
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20809e367d9088cdf13745d0cf95e750bdce002aa479bdd3fd1b90e455bf44db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: FeegzFVNqKt6H_XSfsFwZcx1Np._S4kr
content-encoding: gzip
via: 1.1 varnish
date: Sat, 18 Mar 2023 23:37:43 GMT
x-amz-request-id: CA0GT0SB49HYYXMC
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1713
x-amz-id-2: oBqmjSO8G9LTKb989FIL7ffqafcRTqpvq3TC3ikt/pzFErtx15sKGTtHnCh1MrHYVxLsQgRdx2w=
x-served-by: cache-hhn-etou8220023-HHN
last-modified: Thu, 09 Mar 2023 16:57:12 GMT
server: AmazonS3
x-timer: S1679182663.337325,VS0,VE0
etag: "f768d3f0fb8ea163c644cfa4a536676d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 99

GET
H2 200 page_view_timing-aggregate.a7d9d7be-1227.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 22ms
21ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_timing-aggregate.a7d9d7be-1227.min.js
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e81c0026102621c4adc2770334c4a933286676ece8f0e5e9ac91e0c54a16945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: sqO0QzvZ3V3OZNlIV1_qDeOPuvdGFJah
content-encoding: gzip
via: 1.1 varnish
date: Sat, 18 Mar 2023 23:37:43 GMT
x-amz-request-id: CA0W6RA3JK668BGC
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2224
x-amz-id-2: tVSSiT35ocqb93sCNArc5p+Kf/jbuwgZuVpNKn5Mlrx8XBTq+9wBdLK8t/4o+my/mep8Gw6gl2k=
x-served-by: cache-hhn-etou8220023-HHN
last-modified: Thu, 09 Mar 2023 16:57:12 GMT
server: AmazonS3
x-timer: S1679182663.337421,VS0,VE0
etag: "eb3b7aaf78edc0a629532c28a1c06b8a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 99

GET
H2 200 metrics-aggregate.28086cfb-1227.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 23ms
22ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/metrics-aggregate.28086cfb-1227.min.js
Requested by: Host: buy.duotrim.com
URL: https://buy.duotrim.com/watch-now?aff_id=786&subid=5agixop0317duotrim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f4f3336e0e35f086435f2037ee0a52abf3ced5e386c74a5ccc2f18edd1c3207

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 3OFnwVDELpuG2CawrTfxxEzGbg_GjKb5
content-encoding: gzip
via: 1.1 varnish
date: Sat, 18 Mar 2023 23:37:43 GMT
x-amz-request-id: CA0M3FD291R67ZX0
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1752
x-amz-id-2: dzMvu/2/fIhBfRq6SrRXz8BRjMXa4+Ljj/vVnDBo/l+Ziyjr/6UwkLl7vQxZxqakWPSsjpVok44=
x-served-by: cache-hhn-etou8220023-HHN
last-modified: Thu, 09 Mar 2023 16:57:12 GMT
server: AmazonS3
x-timer: S1679182663.337625,VS0,VE0
etag: "fd7ae418fde6eab067f9005c5dccc62b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4405

GET
H/1.1 200
OK NRJS-fc902efb332119fff33 Show response
bam.nr-data.net/1/ 49 B
397 B 242ms
176ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1227.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=1876&ck=0&s=69e84f15b031d06f&ref=https://buy.duotrim.com/watch-now&ap=360&be=375&fe=1118&dc=517&perf=%7B%22timing%22:%7B%22of%22:1679182661477,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:30,%22c%22:30,%22s%22:52,%22ce%22:81,%22rq%22:81,%22rp%22:326,%22rpe%22:347,%22dl%22:335,%22di%22:890,%22ds%22:891,%22de%22:967,%22dc%22:1491,%22l%22:1492,%22le%22:1600%7D,%22navigation%22:%7B%7D%7D&fp=481&fcp=481&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.737e0ca6-1227.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.duotrim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:43 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-hhn-etou8220071-HHN

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/9fdb75299a3ef11656c653db0ea9126540e161c2.m3u8/ Frame 5A79 1 MB
1 MB 23ms
23ms XHR
video/mp2t 2600:9000:223e:c800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/9fdb75299a3ef11656c653db0ea9126540e161c2.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:c800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: edc47d606c6e57574c937d3797b968580b150eaa875c60fb56c2fb31dd881f7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 14:28:21 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P4
age: 205762
edge-cache-tag: 9fdb75299a3ef11656c653db0ea9126540e161c2-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 108
content-length: 1194552
surrogate-key: 9fdb75299a3ef11656c653db0ea9126540e161c2-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Ohb2_sQxOcQsuVMv1gU8jKf4zeDbmcxNUmp0XBwAMO973U0Gmumoow==
expires: Fri, 15 Mar 2024 14:28:21 GMT

GET
BLOB 200
OK 8a2881ca-84f5-4060-98e5-8b67c3b0a084
https://fast.wistia.net/ Frame 5A79 89 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fast.wistia.net/8a2881ca-84f5-4060-98e5-8b67c3b0a084
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d5d1ed19c5edb1e57229499d407de174ba80ee3dac4a8b163961e83524b51a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 91220
Content-Type: text/javascript

GET
H2 200 seg-2-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/9fdb75299a3ef11656c653db0ea9126540e161c2.m3u8/ Frame 5A79 1 MB
1 MB 23ms
23ms XHR
video/mp2t 2600:9000:223e:c800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/9fdb75299a3ef11656c653db0ea9126540e161c2.m3u8/seg-2-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:c800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e099fcc2ec768e3565f08bbdb2453d3241b95421ad0b013d499fa98cd5fda723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:45:02 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P4
age: 297426
edge-cache-tag: 9fdb75299a3ef11656c653db0ea9126540e161c2-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
x-cache: Hit from cloudfront
content-length: 1215608
surrogate-key: 9fdb75299a3ef11656c653db0ea9126540e161c2-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: iw8CHuRdc2mvZB7kgBUXU_b8peZMs7dQbu0Aq46WgHFVyjmo9I7A7A==
expires: Thu, 14 Mar 2024 13:00:37 GMT

GET
H2 200 interFontFace.js Show response
fast.wistia.net/assets/external/ Frame 5A79 44 KB
18 KB 21ms
21ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/interFontFace.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6a69f8a9080d319ded2c30a6e0caa45ddb77dd91080f9e8fa97f49d156833bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:43 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3435
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18150
x-served-by: cache-iad-kiad7000168-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Tue, 07 Mar 2023 01:17:35 GMT
server: AmazonS3
x-timer: S1679182664.559750,VS0,VE0
etag: "53c97190603845aa22fe260f7ec735c4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 34, 18

GET
H2 200 blank.gif
fast.wistia.net/assets/images/ Frame 5A79 1 KB
1 KB 21ms
21ms Image
image/gif 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/assets/images/blank.gif

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/e4d1r1k20b?autoplay=0&wmode=transparent
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-cache-hits: 13, 925
date: Sat, 18 Mar 2023 23:37:43 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 98481
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kjyo7100120-IAD, cache-hhn-etou8220065-HHN
x-browser-version: 111
last-modified: Fri, 17 Mar 2023 20:14:13 GMT
x-timer: S1679182664.579562,VS0,VE0
etag: "6414ca15-4be"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e4d1r1k20b.m3u8 Show response
fast.wistia.com/embed/medias/ Frame 5A79 758 B
836 B 20ms
19ms XHR
application/x-mpegurl 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e4d1r1k20b.m3u8

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

88aab890491ba6e62c694f1b4a18167732b7d61083017e89ef10c870b6a629ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:43 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
age: 0
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 758
x-request-id: 8f79aa76ed2978700411836140876a78
x-served-by: cache-iad-kcgs7200074-IAD, cache-hhn-etou8220028-HHN
x-runtime: 0.028876
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 111
x-timer: S1679182664.582369,VS0,VE0
etag: W/"88aab890491ba6e62c694f1b4a181677"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12, 2

GET
H2 200 9fdb75299a3ef11656c653db0ea9126540e161c2.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ Frame 5A79 100 KB
101 KB 23ms
23ms XHR
application/vnd.apple.mpegurl 2600:9000:223e:c800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/9fdb75299a3ef11656c653db0ea9126540e161c2.m3u8
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:c800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 49a57bce0a419f8cca8ed23195d79f10715811c3f7523153454a0e0fe2466900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:37:43 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P4
age: 7215
edge-cache-tag: 9fdb75299a3ef11656c653db0ea9126540e161c2-hls-segment 86608ea34ec793d94d1f0a9e898149c4d9c86f22
x-cache: Hit from cloudfront
content-length: 102678
surrogate-key: 9fdb75299a3ef11656c653db0ea9126540e161c2-hls-segment 86608ea34ec793d94d1f0a9e898149c4d9c86f22
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: i3Uup9nhQXAb5sKW_TKC9yp7sRO_VAnJUoUls0wDsQapB8GHOFnyyQ==
expires: Sun, 17 Mar 2024 21:37:28 GMT

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/9fdb75299a3ef11656c653db0ea9126540e161c2.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:c800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: edc47d606c6e57574c937d3797b968580b150eaa875c60fb56c2fb31dd881f7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 14:28:21 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P4
age: 205762
edge-cache-tag: 9fdb75299a3ef11656c653db0ea9126540e161c2-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 108
content-length: 1194552
surrogate-key: 9fdb75299a3ef11656c653db0ea9126540e161c2-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 1-H7YSgSKkcsOxvGdNnlVjUc_Z8eYXupjgitrdqFgwTWoTOVnBtQZw==
expires: Fri, 15 Mar 2024 14:28:21 GMT

GET
H2 200 seg-3-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/9fdb75299a3ef11656c653db0ea9126540e161c2.m3u8/ Frame 5A79 979 KB
980 KB 61ms
61ms XHR
video/mp2t 2600:9000:223e:c800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/9fdb75299a3ef11656c653db0ea9126540e161c2.m3u8/seg-3-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:c800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bc3811b5c5344ec687d2e1c537809a875ddb4b9144c1180d398761e45ee868ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 20:33:27 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P4
age: 356656
edge-cache-tag: 9fdb75299a3ef11656c653db0ea9126540e161c2-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
x-cache: Hit from cloudfront
content-length: 1002040
surrogate-key: 9fdb75299a3ef11656c653db0ea9126540e161c2-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: WpvMkpip2nAHhyWJ6owuPdB1y82US4Ux4eeMOr4k3vplfoy7mFvsdQ==
expires: Wed, 13 Mar 2024 20:33:27 GMT

GET
BLOB 200
OK ba57fca0-6c52-4ddc-8e76-c753188f4953
https://fast.wistia.net/ Frame 5A79 89 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fast.wistia.net/ba57fca0-6c52-4ddc-8e76-c753188f4953
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d5d1ed19c5edb1e57229499d407de174ba80ee3dac4a8b163961e83524b51a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 91220
Content-Type: text/javascript

POST
H2 204 x Show response
distillery.wistia.com/ Frame 5A79 0
95 B 117ms
117ms XHR
text/plain 44.195.191.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.191.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-191-171.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 18 Mar 2023 23:37:43 GMT
cache-control: max-age=0, private, must-revalidate

POST
H2 200 mput Show response
pipedream.wistia.com/ Frame 5A79 2 B
136 B 418ms
114ms XHR
text/plain 52.4.213.160

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.213.160 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sat, 18 Mar 2023 23:37:44 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Domain: track.addevent.com
URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=49753fc1-7efb-45f2-39e0-7a63b15bc700&url=https%3A%2F%2Fbuy.duotrim.com%2Fwatch-now%3Faff_id%3D786%26subid%3D5agixop0317duotrim&cache=1679182662352

Verdicts & Comments Add Verdict or Comment

341 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
trustedhealthnews.com/	1970-01-20 11:09:34	Name: prli_click_15 Value: iwzd
trustedhealthnews.com/	1970-01-20 19:11:58	Name: prli_visitor Value: 64164b4560f43
.buy.duotrim.com/	1970-01-20 10:26:24	Name: __cf_bm Value: 5RkBtcfoZxhbxn4H94Zs6yXxwg7OWhxXnTigQHZmobA-1679182661-0-Aa32gYFSfupyYyFA8qm5NSTNpKR8BllscDyyOnjAS+U4MHSLugI59Z61PVmRWUu11PPk/DdwZLYETAN0nXoJwc41dLJGtw6lrdEeri/0RLwb
.www.clickfunnels.com/	1970-01-20 10:26:24	Name: __cf_bm Value: 4KUDG3bn77RUY9bPNDaRD_x5UY6Zum8OOD8AJtFAvac-1679182662-0-ARSHzH6ahYDw7lh56e6XuCJ1V8PW2JlJbGRMwdXpwWD/PAVtns3xD/NLjCQj/XVtEBnnp2RSvozXYRghof19uOU=
.clickfunnels.com/	1970-01-20 10:26:24	Name: __cf_bm Value: PXvy9ULfyZkrAh48Fp7nwsd7ddqMwhLQDay5fTl7IAI-1679182662-0-AQh5k1j+71/fHlu2IbifiqFUD9iWJacegBrIYVb3k9QMaEuNx6W6A4Ml2DS32HEeS9uOcCDWt/yn6ebp344+n4WcqQH60ZH+QgJ9ZIGxR2y9
buy.duotrim.com/	1970-01-20 19:11:58	Name: addevent_track_cookie Value: 49753fc1-7efb-45f2-39e0-7a63b15bc700
buy.duotrim.com/	1970-01-20 19:11:58	Name: cf:aff_sub2 Value:
buy.duotrim.com/	1970-01-20 19:11:58	Name: cf:aff_sub3 Value:
buy.duotrim.com/	1970-01-20 19:11:58	Name: cf:aff_sub Value:
buy.duotrim.com/	1970-01-20 19:11:58	Name: cf:affiliate_id Value:
buy.duotrim.com/	1970-01-20 19:11:58	Name: cf:cf_affiliate_id Value:
buy.duotrim.com/	1970-01-20 19:11:58	Name: cf:content Value:
buy.duotrim.com/	1970-01-20 19:11:58	Name: cf:medium Value:
buy.duotrim.com/	1970-01-20 19:11:58	Name: cf:name Value:
buy.duotrim.com/	1970-01-20 19:11:58	Name: cf:source Value:
buy.duotrim.com/	1970-01-20 19:11:58	Name: cf:term Value:
buy.duotrim.com/	1970-01-20 19:11:58	Name: cf:NTc5ODE2OTg Value: :visited=true
buy.duotrim.com/	1970-01-20 19:11:58	Name: cf:visitor_id Value: 56adbc98-8c5d-42a6-8b59-f0acaa89eeea
buy.duotrim.com/	1970-01-20 19:11:58	Name: aff_id Value: 786
buy.duotrim.com/	1970-01-20 19:11:58	Name: subid Value: 5agixop0317duotrim
.tiktok.com/	1970-01-20 19:47:58	Name: _ttp Value: 2NCz4jiBJiaB3sTy5fchRCw2PaK
.duotrim.com/	1970-01-20 10:27:49	Name: _gid Value: GA1.2.1193883905.1679182662
.duotrim.com/	1970-01-20 10:26:22	Name: _gat_UA-120637619-12 Value: 1
.duotrim.com/	1970-01-20 12:35:58	Name: sessid2 Value: sessid20230318233720154
.duotrim.com/	1970-01-20 12:35:58	Name: spi_funnel_codename Value:
.duotrim.com/	1970-01-20 12:35:58	Name: aff_id Value: 786
.duotrim.com/	1970-01-20 12:35:58	Name: sid Value: 5agixop0317duotrim
.duotrim.com/	1970-01-20 12:35:58	Name: campaign_id Value:
.duotrim.com/	1970-01-20 12:35:58	Name: referrer Value: 2001:1b60:2:240:3247::8:trustedhealthnews.com:buy.duotrim.com%2Fwatch-now
.duotrim.com/	1970-01-20 20:02:22	Name: _ga_WLQYWWLCQF Value: GS1.1.1679182662.1.0.1679182662.0.0.0
.duotrim.com/	1970-01-20 20:02:22	Name: _ga Value: GA1.1.38325771.1679182662
.duotrim.com/	1970-01-20 19:47:58	Name: _tt_enable_cookie Value: 1
.duotrim.com/	1970-01-20 19:47:58	Name: _ttp Value: qYYoCxFYl8aFllL1XCjxSo2bST5
.buy.duotrim.com/	1970-01-20 19:11:58	Name: _pin_unauth Value: dWlkPVkySmpOelE0WkdFdE56ZzNZeTAwTURKakxXSTBPV0V0TlRVMFlXSXlOMkl6TURkaw
.duotrim.com/	1970-01-20 12:35:58	Name: _fbp Value: fb.1.1679182662812.1880145398
buy.duotrim.com/	1969-12-31 23:59:59	Name: is_eu Value: true
buy.duotrim.com/	1970-01-20 19:11:58	Name: 2fhuulf6049zkp60 Value: true
buy.duotrim.com/	1970-01-20 19:11:58	Name: 12743727_viewed_1 Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=49753fc1-7efb-45f2-39e0-7a63b15bc700&url=https%3A%2F%2Fbuy.duotrim.com%2Fwatch-now%3Faff_id%3D786%26subid%3D5agixop0317duotrim&cache=1679182662352 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://fast.wistia.com/assets/external/iframeApi.js Message: Allow attribute will take precedence over 'allowfullscreen'.
worker	info	URL: blob:https://fast.wistia.net/8a2881ca-84f5-4060-98e5-8b67c3b0a084 Message: [log] > Debug logs enabled for "main"
worker	info	URL: blob:https://fast.wistia.net/ba57fca0-6c52-4ddc-8e76-c753188f4953 Message: [log] > Debug logs enabled for "main"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
app.clickfunnels.com
bam.nr-data.net
buy.duotrim.com
buygoods.com
classic.clickfunnels.com
click.improvingvitality.org
connect.facebook.net
ct.pinterest.com
display.buygoods.com
distillery.wistia.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
fast.wistia.com
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
pipedream.wistia.com
region1.google-analytics.com
s.pinimg.com
static.cloudflareinsights.com
stats.g.doubleclick.net
track.addevent.com
tracking.buygoods.com
trustedhealthnews.com
use.fontawesome.com
www.buygoods.com
www.clickfunnels.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
fast.wistia.net
track.addevent.com
151.101.128.84
151.101.2.137
162.247.243.29
170.187.185.18
2001:4860:4802:34::36
2600:9000:223e:7a00:1e:c86:4140:93a1
2600:9000:223e:c800:1e:c86:4140:93a1
2606:4700:3037::6815:2c57
2606:4700:3108::ac42:28ea
2606:4700:3108::ac42:2b73
2606:4700:4400::6812:27b5
2606:4700::6810:10c2
2606:4700::6810:3865
2606:4700:e2::ac40:840f
2a00:1450:4001:803::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::200e
2a00:1450:400c:c00::9b
2a02:26f0:6c00:19a::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::622
2a04:4e42::622
44.195.191.171
52.4.213.160
95.101.111.61
04b701caa790262bd1fca759ffac2fcade3ca980cf9d3993dca5f177c1a04a2a
0a14a98ee57f3a573a40c8589a9253c1bdf5364eeb96945bb5d2aa21cfc72e8e
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
0a8e68c678bf5ebdc3df763929d0723794a37ff9e974687717df354a1dee63ed
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1671a39154255d5bce5ab9395d99224f9bb4300e9d44ea9364d4d594d0f6cd91
16787884cb848fe85c16a265ed896003d6ff6d2c74816b080c39b9d20d608f9f
18e27aa85bc402887652ca383a1f2fb1087839147b0405f508a36337e29c51f6
20809e367d9088cdf13745d0cf95e750bdce002aa479bdd3fd1b90e455bf44db
24ccb1d2d2ac6eccd9cdccfee2776afdff41c29e3f7f794ff9150c39fc978410
264346c1dabc6164fe5532bd6452282e0d4a26869c730e2820e41abf8ce5bc36
268fe57f431548e003d56adef5fc0a28487468433b0beae2685c1d3f527f3659
33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159
3371ed6129218f4a1fdb1b875e5bcb529084750d56d88567d3eafa3a0c85e950
3778a24484e611e1187550450aa32d73bf0c727733168d938fd9507cca8fcb0b
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
43bea2654f9ac2e8fea982a78158a44d68003b46f07d47820d8bd6c381fd060b
4793c1e32627f82539286da0adc4bb6b8cf906183b0c65dc75dc343cb388565d
49a57bce0a419f8cca8ed23195d79f10715811c3f7523153454a0e0fe2466900
4a5a698ff3c64f3816318327c9d9229af2110a7e97042cb084d4628a269622d1
4bc9d1e13177ff01aa396544ecba5a2d1803ed85aeb2ecf316996c7abcf7ec29
4c6452476c07de7dd21d7ae36e5e8e7d29ad645bd40884cd8de865e2be7057f5
4d5d1ed19c5edb1e57229499d407de174ba80ee3dac4a8b163961e83524b51a1
51df0d8aebbf2a09eec21bb89998d92349b04f4f91db6044169a6f8d214bf22d
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
542479b6ea9078e53066c275ed53e0b235eff72b7ef1c0a753856eceb8d67245
54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480
55cbc381872f6a47295e5a0a51cca29f918ec6082c2274d5ee116bdf6a84e82d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c1b133e4da2d3c32efabe11e0aea725cf19372d47fa794ff41df965bf5ebe59
5f5c234486362bc34b345b88c49f6dcda866875aa98925da0f75645f8f35b042
5fd0239db0f11f756644db003a00e88d6f811faf2488bc2e5bfe9cdead40abc1
65f66f1391ceb42ec3b5b5f4404840eb2f061e2a9c9d6e8ae5ae5ae9e5487ef6
6a69f8a9080d319ded2c30a6e0caa45ddb77dd91080f9e8fa97f49d156833bb3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f80f400049a3aeec9aed7dfacde33d3f587cc1090f16f41bd3b11bb4045e3dc
730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
74b777a8e3235c212581e8444cea6279d7da298bdb10c6c4c0db74de106ba889
7775e58d125213ae4f84ae78037b866c49eca0681ee33d3942f2ea9d5e5ee0ac
7b5cdcf3dd912c83db92ae4e1cae8e936bd6f4970c480c73427da31638b81868
7e81c0026102621c4adc2770334c4a933286676ece8f0e5e9ac91e0c54a16945
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7f4f3336e0e35f086435f2037ee0a52abf3ced5e386c74a5ccc2f18edd1c3207
887759fcfe5d50866ffb6ac76868744f58a10ea17da39b818536f3e711e2d6bd
88aab890491ba6e62c694f1b4a18167732b7d61083017e89ef10c870b6a629ed
89f0532a4b12bb276fa3a0a19be00484e3c357f1b39bf36d823ee32966506414
8a962ad876ad1796e2c28fdace6a228cdafa8dae89ac2a78765986cd4c9f6f10
8fd0e79fe04e510f99d7693dd7ee10ddd58a662c42732a03626f6c1447b09154
95d00f72c1db39e0cf57117406525ede2502865d3e7b72efc80412c53dff30e4
96884203ea0efacd55e8a8a17d91081a6b74c1bae49f8cfb241a84386478f990
9af21d270ad7f1c8277f0797876dccd67617dbe832218b3e22103dcd0f18c6ea
9b7e7e3b78bc5291bbc428ffa823079bea3ee452f9a73d5e55d9811b5dabbb43
a03fa747a48bb6f9ea053f115e19cd3b4bffad6840c18ac70e4e11080f81ebd9
a6563f1b77608e27cb823aeea1c95a4db298557918d9ed6e8e9db5160d8aabdd
a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b
a715c9dfae3847f6e41bd48b8da5bd0747df17bfc0f0f4b2052c7c404043d2df
a731c3e7e5a97ed0db1a5539f732ce8d7aa8dd4498712783ce7bf971c0343862
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a7edd2ece4e20b2bda3b1b2e554788ae0fbf42aeba8e8753a9fe143572aad40b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4a767306e8eb3bbfa60a212ac5e673648d4315bfc9544a71367e62fe49ed93
af820bf974060bbe1e95a510f719ca1cc390279d0e7c67bfaffd79057b52849f
b2fcb4e395770da38f41b7cd965495684427b2de5fe554aa37da327c9fb69783
b8e95ab636af26df8cd827aee2b29d44846e239d2d8f6958cfcd4410655f25d3
bb6b9412cba1fdf39531f4ad653f0f1056bac0b620d2485b68294f97ae1e7584
bc3811b5c5344ec687d2e1c537809a875ddb4b9144c1180d398761e45ee868ff
bccaf4aab2d725717166d3a75922bc5625da88720dbb18fba1006c51856574b8
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c3d182e6c7ded5d8563b8417d098ed9887023b5f749eaa024423a08208a931a4
ca1b64970e36407703f7bd9a05adeaa28bbdb0173d9bdf596db299cbf8bceca2
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d868b1cb56f7bb69c7f20eb319e45ae7795f5a973211e100d9dcca46270c1e1c
d9818bb8c2fdb71f1ab9318ab72befa827e18f1ceabe700a34ee2c63daf032d7
d9a33c7782bcf33c0834f972bc1006623be9e4fe049dd1d53b9a2be11b838c2f
da8a33557a88dd159852e176ef18ec7d718c6765ecbd8cfdb407238de2d844b9
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db508103ea4ce863baa64add9efa68915e570a1637f2ed0633d8b3936e22e764
e099fcc2ec768e3565f08bbdb2453d3241b95421ad0b013d499fa98cd5fda723
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ea95286176dcb68c3b0f65f971fcba8699956c8dfcb4c7f79c60b80d6a7fc3
e4ae58826d26b97bee634e4400db5c58427946467c13cf59b37e7f6c336343b3
e6a725855360bd20a9853ff9d4b8169a3f624cdf7fb8f8a7363f9710645620cf
e745ccf3d5d2b75f1e0001abf6160d742a964045ef60c43786a7d08599669fe2
e77731f1be6a90ae60740fc18a27ce00b1b594bc41fea90f1268706259b835d4
ec3be3f5056ff6016b8f96a94ffdcc39be8976825714a1028be41f977c133dbd
ed8fa1ff8b55dd19225f59a5e74520a8b20206c2f6d354e1e6f0e5881d93fe4a
edc47d606c6e57574c937d3797b968580b150eaa875c60fb56c2fb31dd881f7f
ef37c39871c964445b3c059a5b775675e1e7c4722446d42ccb7b64cd4d4e43da
f19512e413c3f6efb0160b04acfab22e1c9c79adbdde7569dec5388e32a0ad4b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

buy.duotrim.com Open in urlscan Pro 2606:4700::6810:10c2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

95 %HTTPS

74 %IPv6

22 Domains

32 Subdomains

27 IPs

3 Countries

8938 kBTransfer

14464 kBSize

38 Cookies

7 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

buy.duotrim.com Open in urlscan Pro
2606:4700::6810:10c2 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

95 %
HTTPS

74 %
IPv6

22
Domains

32
Subdomains

27
IPs

3
Countries

8938 kB
Transfer

14464 kB
Size

38
Cookies

121 HTTP transactions
0 data transactions