Submitted URL: https://backfunnel.com.br/sfunnel/6079/0.23450658330311502
Effective URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Submission: On December 17 via api from US — Scanned from NL

Summary

This website contacted 13 IPs in 4 countries across 8 domains to perform 46 HTTP transactions. The main IP is 172.67.130.90, located in United States and belongs to CLOUDFLARENET, US. The main domain is naturalmedicalpost.com.
TLS certificate: Issued by WE1 on December 9th 2024. Valid for: 3 months.
This is the only time naturalmedicalpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 188.114.97.3 13335 (CLOUDFLAR...)
21 172.67.130.90 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:ab0... 20940 (AKAMAI-AS...)
1 2 172.66.40.234 13335 (CLOUDFLAR...)
1 172.66.43.115 13335 (CLOUDFLAR...)
1 2606:4700:310... 13335 (CLOUDFLAR...)
2 2a02:26f0:ab0... 20940 (AKAMAI-AS...)
2 172.217.18.3 15169 (GOOGLE)
1 2606:4700:310... 13335 (CLOUDFLAR...)
3 2400:52e0:1e0... 60068 (CDN77 Dat...)
2 18.235.252.237 14618 (AMAZON-AES)
7 2a02:26f0:470... 20940 (AKAMAI-AS...)
46 13
Apex Domain
Subdomains
Transfer
21 naturalmedicalpost.com
naturalmedicalpost.com
330 KB
11 converteai.net
images.converteai.net — Cisco Umbrella Rank: 152923
scripts.converteai.net — Cisco Umbrella Rank: 148649
cdn.converteai.net — Cisco Umbrella Rank: 107139
4 MB
5 buygoods.com
display.buygoods.com — Cisco Umbrella Rank: 701567
tracking.buygoods.com — Cisco Umbrella Rank: 360379
buygoods.com — Cisco Umbrella Rank: 269870
www.buygoods.com — Cisco Umbrella Rank: 753862
9 KB
3 b-cdn.net
vt-h-1.b-cdn.net — Cisco Umbrella Rank: 122669
2 vturb.com.br
api.vturb.com.br — Cisco Umbrella Rank: 151713
139 B
2 gstatic.com
fonts.gstatic.com
36 KB
2 backfunnel.com.br
backfunnel.com.br
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
46 8
Domain Requested by
21 naturalmedicalpost.com naturalmedicalpost.com
7 cdn.converteai.net scripts.converteai.net
naturalmedicalpost.com
3 vt-h-1.b-cdn.net scripts.converteai.net
2 api.vturb.com.br scripts.converteai.net
2 fonts.gstatic.com fonts.googleapis.com
2 scripts.converteai.net naturalmedicalpost.com
scripts.converteai.net
2 buygoods.com naturalmedicalpost.com
2 images.converteai.net naturalmedicalpost.com
scripts.converteai.net
2 backfunnel.com.br 2 redirects
1 www.buygoods.com 1 redirects
1 tracking.buygoods.com naturalmedicalpost.com
1 display.buygoods.com naturalmedicalpost.com
1 fonts.googleapis.com naturalmedicalpost.com
46 13

This site contains links to these domains. Also see Links.

Domain
vturb.com
backfunnel.com.br
Subject Issuer Validity Valid
naturalmedicalpost.com
WE1
2024-12-09 -
2025-03-09
3 months crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
converteai.net
R10
2024-12-04 -
2025-03-04
3 months crt.sh
buygoods.com
WE1
2024-10-23 -
2025-01-21
3 months crt.sh
*.gstatic.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA
2024-11-05 -
2025-11-11
a year crt.sh
*.vturb.com.br
Amazon RSA 2048 M03
2024-09-19 -
2025-10-18
a year crt.sh

This page contains 2 frames:

Primary Page: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Frame ID: 2FFCC6EDDB45BD0D75E3F9A8AF8851EB
Requests: 43 HTTP requests in this frame

Frame: https://buygoods.com/affiliates/go/conversion/iframe/bg?a=9237&t=d4c4b5b28fce26589cdc95bb9e460f76&conversion=1&s=&o=null&ut=null
Frame ID: 6598E842F854E008F5AD7954DB03B481
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Special Offer - Lipozem

Page URL History Show full URLs

  1. https://backfunnel.com.br/sfunnel/6079/0.23450658330311502 HTTP 301
    https://backfunnel.com.br/sfunnel/6079/0.23450658330311502/ HTTP 303
    https://naturalmedicalpost.com/mvp/lipozem/upsell/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

46
Requests

93 %
HTTPS

54 %
IPv6

8
Domains

13
Subdomains

13
IPs

4
Countries

4779 kB
Transfer

5677 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://backfunnel.com.br/sfunnel/6079/0.23450658330311502 HTTP 301
    https://backfunnel.com.br/sfunnel/6079/0.23450658330311502/ HTTP 303
    https://naturalmedicalpost.com/mvp/lipozem/upsell/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://www.buygoods.com/images/buygoods_black.png HTTP 301
  • https://buygoods.com/images/buygoods_black.png

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
naturalmedicalpost.com/mvp/lipozem/upsell/
Redirect Chain
  • https://backfunnel.com.br/sfunnel/6079/0.23450658330311502
  • https://backfunnel.com.br/sfunnel/6079/0.23450658330311502/
  • https://naturalmedicalpost.com/mvp/lipozem/upsell/
41 KB
11 KB
Document
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
555d6ef90adfcf6650db40bdd3e17847f22496a6a0fdfd8215f8d36a3253187d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f38da0e2d7766aa-AMS
content-encoding
zstd
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Tue, 17 Dec 2024 18:07:16 GMT
last-modified
Fri, 19 Jul 2024 19:09:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
panel
hpanel
platform
hostinger
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mBindv8ALD6zCePGpC4mAzOcoLgUaTQDjpGoNEK2TJMk%2Bg231y1PC8cjP0mbw3%2Beogjd7IrzaesEfLd%2BTnpxVETQos5ptvnuzFA5uu%2F6cYW48AecOszHOYZCF%2B2KIZhDwwauHYFfbk%2BM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=18925&min_rtt=15513&rtt_var=8695&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4165&recv_bytes=4507&delivery_rate=706&cwnd=12000&unsent_bytes=0&cid=35cf804fef21bfb3&ts=449&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

accept-ch
Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8f38da0babf85c48-AMS
content-type
text/html; charset=UTF-8
date
Tue, 17 Dec 2024 18:07:15 GMT
location
https://naturalmedicalpost.com/mvp/lipozem/upsell/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l5v%2B8G1FKEoE9eL8%2B%2FjpkR3apSH41Nr5b60m%2F%2Bz2Pp1dp%2FBt7pwc5R0RcdQsIx5G7ilfSSjOxrH86y28qdFmyU6jutoBjcu8jyay336oQDPaU62GIa3a3UOZjY7QrxY9shC9fA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15449&min_rtt=14851&rtt_var=2339&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4956&recv_bytes=4930&delivery_rate=45474&cwnd=12000&unsent_bytes=0&cid=335dfff9422a825d&ts=391&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-redirect-by
SmartFunnel
css2
fonts.googleapis.com/
28 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 18:07:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 17 Dec 2024 17:59:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bootstrap.min.css
naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/bootstrap/
289 KB
38 KB
Stylesheet
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/bootstrap/bootstrap.min.css
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d749da54ee185be72cba4804468f84e6fdc55ce3b8033443f7b5a69247cfadf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"48271-669ab78e-1b9935145ec79fa6;br"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PxqXmT98vihsYx%2B%2FV6r4sgZloETYF8A1jUZ98F3SRJFxy7LnZ8cZghp6y3GXQgNSvXSddo6mLzpUj05v7Vv4YhvD4hgg1Tt7eAVmZkIzwQk9AugPwuRs8qdaRjVYeP7i8%2F9brjX0CUQR"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16734&min_rtt=14647&rtt_var=3547&sent=27&recv=22&lost=0&retrans=0&sent_bytes=19606&recv_bytes=7310&delivery_rate=794551&cwnd=12000&unsent_bytes=0&cid=35cf804fef21bfb3&ts=490&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
text/css
last-modified
Fri, 19 Jul 2024 18:59:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da10f96566aa-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
bootstrap-icons.min.css
naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/bootstrap/
104 KB
15 KB
Stylesheet
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/bootstrap/bootstrap-icons.min.css
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1ccd2f6407fc10ba88718fdd387f97a60bff553794563e6509d54200d50578d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"19fdd-669ab781-2b3da3dc5ae5598;br"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=an%2BKDbjbz7RhyZeFWqvS3EI9GEQInQE53Wu8WZmYna%2FR8017zjLlfLaQloGhJZvdj7ARIPj0N6eBIia2%2F3DXVbdeI0bpJu0Ulmkev76aoneGr%2B%2B5Eq7U6h4wnRpUEEmLSdcdNwvL5pBu"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16734&min_rtt=14647&rtt_var=3547&sent=34&recv=22&lost=0&retrans=0&sent_bytes=27826&recv_bytes=7310&delivery_rate=794551&cwnd=12000&unsent_bytes=0&cid=35cf804fef21bfb3&ts=490&x=1", cfExtPri, cfHdrFlush;dur=13
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
text/css
last-modified
Fri, 19 Jul 2024 18:59:13 GMT
vary
Accept-Encoding
priority
u=0,i=?0
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da10f96866aa-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
products.css
naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/products/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/products/css/products.css
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
754ffb81d2c0f2e96ba16bf1e322711214f082e4d507fb714cba95dc3275cfbf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"1136-669ab7fe-7038b2ad38c54b6b;br"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0lnGzs%2BlcQRkhb%2FMr8MrBX0LliVFC4igPYjeZvF%2FcZ2v8D5kQWg5GD3Mov%2Bg76oJZjaDr4jSvCMbppBqEh0P356RizASd4BcaM6bXI0uNetAlmEM%2B8d%2BPBORCdi1%2BdBVFWXwyUYwUHS6"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16734&min_rtt=14647&rtt_var=3547&sent=25&recv=22&lost=0&retrans=0&sent_bytes=17368&recv_bytes=7310&delivery_rate=794551&cwnd=12000&unsent_bytes=0&cid=35cf804fef21bfb3&ts=488&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
text/css
last-modified
Fri, 19 Jul 2024 19:01:18 GMT
vary
Accept-Encoding
priority
u=0,i=?0
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da10f96b66aa-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
main.css
naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/css/main.css
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fae78f9e81c01dfcfaa1e0385c04a833fd4cae406aba668b83d8272ef8de9fb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"60b-669ab7ad-acac59dd9eb0a025;br"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6pV4bk%2Fx2ggg%2FhQbCRKu9tEPyj48YjpK7h5bbQNLbKEOFbv3FYQk8nIb6agc22D3%2B2rNuS%2BqVMwxVidlIfXwhaEb1PC5zFVtKAVQkqjZkiydQQWflmECu3bubpIQfmyEEc8jLnM6UHvo"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16734&min_rtt=14647&rtt_var=3547&sent=23&recv=22&lost=0&retrans=0&sent_bytes=15826&recv_bytes=7310&delivery_rate=794551&cwnd=12000&unsent_bytes=0&cid=35cf804fef21bfb3&ts=488&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
text/css
last-modified
Fri, 19 Jul 2024 18:59:57 GMT
vary
Accept-Encoding
priority
u=0,i=?0
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da10f96f66aa-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
style.css
naturalmedicalpost.com/mvp/lipozem/upsell/assets/pages/upsell/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/pages/upsell/css/style.css
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03b0c54bdb3ec3feaac939cafeeb9766d3834872c0196fc956b32c358718f391
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"4d2-669ab84e-68261d0930124ff6;br"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IRdm0SLA4nzLxDp9oNRlYr1NeLq9dvDexumssmSzYcgaehanK1xnqzKYEYOXd%2F18lEj1LdZ%2F534ZiBdfiiwDvBoWo69AzVqKTh0nmoaworE9Q8zmnGb6ds9YgXi6P%2FwSrs0RdGsUCs5s"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16734&min_rtt=14647&rtt_var=3547&sent=34&recv=22&lost=0&retrans=0&sent_bytes=27826&recv_bytes=7310&delivery_rate=794551&cwnd=12000&unsent_bytes=0&cid=35cf804fef21bfb3&ts=496&x=1", cfExtPri, cfHdrFlush;dur=7
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
text/css
last-modified
Fri, 19 Jul 2024 19:02:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da10f97066aa-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
logo-b.png
naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/img/
12 KB
13 KB
Image
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/img/logo-b.png
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
970ec1d0656023b4a721a4fdfb130b5ba4b31382407d52936b838f74cc2aec75
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

cf-cache-status
HIT
etag
"2f6a-669ab7cb-11d1c1ebd7437185;;;"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uqSdIxjkryqSTusjpLjWFkPmDsFMgEX9b6VpG8%2FKl77S88QDn56MPgtltgR%2FCXkGAKW9Db7oz2OUeeUtvyygkse8bhWW0kTo6HiRqfT3sbehrxOsreB8ug72rRhtSLF%2B2CRvgkPUQCtY"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16734&min_rtt=14647&rtt_var=3547&sent=34&recv=22&lost=0&retrans=0&sent_bytes=27826&recv_bytes=7310&delivery_rate=794551&cwnd=12000&unsent_bytes=0&cid=35cf804fef21bfb3&ts=491&x=1", cfExtPri, cfHdrFlush;dur=12
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
image/png
last-modified
Fri, 19 Jul 2024 19:00:27 GMT
vary
Accept-Encoding
priority
u=2,i
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da10f97166aa-AMS
accept-ranges
bytes
content-length
12138
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
secure-badge.svg
naturalmedicalpost.com/mvp/lipozem/upsell/assets/pages/upsell/img/
5 KB
4 KB
Image
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/pages/upsell/img/secure-badge.svg
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee08b3e67410abd9be500a3052b480ca3c676e0819a65a58397d6fc60e5f0fd6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"13ca-669ab87b-d385cac7f751d25d;br"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0FioEaPY8UUYop02Qw6G8m3rXNmtcGmekKbvBUNl4JmuT0KXhASmaMz4K9E%2Fcv31PB1kFaJlrauGPzEpwF%2FVc922zN7%2B71ooaFi9CiyPv6VCpZs2sRsLwBw5OiHWfr7jSm7ane3Dn%2B6C"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16734&min_rtt=14647&rtt_var=3547&sent=34&recv=22&lost=0&retrans=0&sent_bytes=27826&recv_bytes=7310&delivery_rate=794551&cwnd=12000&unsent_bytes=0&cid=35cf804fef21bfb3&ts=494&x=1", cfExtPri, cfHdrFlush;dur=12
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
image/svg+xml
last-modified
Fri, 19 Jul 2024 19:03:23 GMT
vary
Accept-Encoding
priority
u=2,i
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da10f97266aa-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
logo.png
naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/img/
11 KB
12 KB
Image
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/img/logo.png
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d68ec69ca5c686188fe29f49652474bb377ae329f328bace8c5f9d6c4214a55
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

cf-cache-status
HIT
etag
"2dd1-669ab7cb-ebdb7f6b0cbecefb;;;"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vOG4I5WwUTfNrOqGCYPxVuYS4e2p2mIHpFmBsBBzCdvBKRPfAORHqKu2a2yaElWmf%2FFuboHcvWW641enfEP1%2FPAjISNyZKsL6cRCcuv1%2Ftshmb7vQWN2p7YK%2BTAyNJi00gJUBCjZAZV"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15900&min_rtt=14191&rtt_var=876&sent=98&recv=59&lost=0&retrans=0&sent_bytes=93888&recv_bytes=9280&delivery_rate=2302864&cwnd=45600&unsent_bytes=0&cid=35cf804fef21bfb3&ts=552&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
image/png
last-modified
Fri, 19 Jul 2024 19:00:27 GMT
vary
Accept-Encoding
priority
u=2,i
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da1159e466aa-AMS
accept-ranges
bytes
content-length
11729
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
thumbnail.jpg
images.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/players/6673463c51b368000cd38bac/
1 KB
2 KB
Image
General
Full URL
https://images.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/players/6673463c51b368000cd38bac/thumbnail.jpg
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:3352 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
bf1668cad3243625ee1bbd05beb9b5af3784bc6fc593f7851a4e590a3ea04f1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/

Response headers

etag
"8b8f1828d6e97fbcf68ba4e053c88f5f"
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
server-timing
cdn-cache; desc=HIT, edge; dur=87, origin; dur=0, ak_p; desc="1734458836755_3088659269_173830684_8840_1491_25_85_219";dur=1
content-length
1262
x-amz-cf-id
tjADmQmmjsTeu1Oa18mludtIWDQMfoPdGcm0I3GoE42vjt57pBo2Zw==
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
image/jpeg
last-modified
Wed, 19 Jun 2024 20:57:34 GMT
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
stars.webp
naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/products/img/
1 KB
2 KB
Image
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/products/img/stars.webp
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e0ac4fdbcbecad301275bb3b3af1681cebb15f4db248a208157691d3a82a2ed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

cf-cache-status
HIT
etag
"5fe-669ab824-f5de5ae1cd359cad;;;"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1Srr%2Fe6IzMMi%2BKwHN%2BFETU03Pd3w9M2IhO%2Bmlrk%2BLnWIvAJoNvQgkfQDTNHsFNwq1nKrVMRR4hqnCWQONFx4YUlzwTSK893dYnONSTfLEtmJ%2BPXJxhC%2B6%2FRT5OKuNKRXYgXUsmU5H6D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18174&min_rtt=14191&rtt_var=2892&sent=112&recv=74&lost=0&retrans=0&sent_bytes=106757&recv_bytes=13874&delivery_rate=397052&cwnd=45600&unsent_bytes=0&cid=35cf804fef21bfb3&ts=590&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
image/webp
last-modified
Fri, 19 Jul 2024 19:01:56 GMT
vary
Accept-Encoding
priority
u=2,i
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da119a4166aa-AMS
accept-ranges
bytes
content-length
1534
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
img-3-bottles.webp
naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/products/img/
68 KB
69 KB
Image
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/products/img/img-3-bottles.webp
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55acd86f6537058bdafaaf5ad3602f448934343d30dc33cb9841bf7c1347e60f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

cf-cache-status
HIT
etag
"10f80-669ab824-57a0423824ae0a77;;;"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hd8wfv2K%2FNJPbs2NGlvHREN6zRPqPjJxKMj7AUQ3k%2Fmwr1wrzIYpnkbYTLsiarQE9HrRyqGkWW9gKaTNxhAsxgn3GE4IvL1tJYPXCqEPcFRQvdJdoV7bpWhMr4SWtmIxGJlfWIsOHWBw"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18174&min_rtt=14191&rtt_var=2892&sent=115&recv=74&lost=0&retrans=0&sent_bytes=109185&recv_bytes=13874&delivery_rate=397052&cwnd=45600&unsent_bytes=0&cid=35cf804fef21bfb3&ts=593&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
image/webp
last-modified
Fri, 19 Jul 2024 19:01:56 GMT
vary
Accept-Encoding
priority
u=3,i
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da11aa4666aa-AMS
accept-ranges
bytes
content-length
69504
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
cards.png
naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/products/img/
3 KB
3 KB
Image
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/products/img/cards.png
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
956da9f264d49755192711c93da2704645e7125d2689a23a07a4c6b98a9b4458
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

cf-cache-status
HIT
etag
"a33-669ab824-f6d9d9cfd3aa950d;;;"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nDscj1d0ZOrFfk%2Bk%2FK3WEP9%2FQrHiYFPj3bF%2FcL1OCn0GYhGFyeyVduqSJANtu1mfFG1GXhNm7jBB1wVkJdkSfLWoJ%2Fjgs8plcSnwUFNVeuLED8kpO1EYmUPR3MUOA9xYYY8MOTFRdl2W"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18174&min_rtt=14191&rtt_var=2892&sent=151&recv=74&lost=0&retrans=0&sent_bytes=152357&recv_bytes=13874&delivery_rate=397052&cwnd=45600&unsent_bytes=0&cid=35cf804fef21bfb3&ts=596&x=1", cfExtPri, cfHdrFlush;dur=13
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
image/png
last-modified
Fri, 19 Jul 2024 19:01:56 GMT
vary
Accept-Encoding
priority
u=3,i
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da11aa4766aa-AMS
accept-ranges
bytes
content-length
2611
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
img-9-bottles.webp
naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/products/img/
70 KB
71 KB
Image
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/products/img/img-9-bottles.webp
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e341f6baa52f518053b118fc416137d82753765bebed76bfb53b13d33996ed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

cf-cache-status
HIT
etag
"117ae-669ab824-8aeeb721e9e5360;;;"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xc%2BPResi40dpKB5fwh1%2Fz6yrcA%2B7T8BaFMidRgtvDvIXvIxaZ8QKUp%2B1Cpqe4BMRuJehutosJjVW5%2FfBFZPSt4Rx2kSuw6ZbZe0J1f1PZjvVu8lK7nx0%2BwDcONpZbb6XP82vZ40M1ri9"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18174&min_rtt=14191&rtt_var=2892&sent=151&recv=74&lost=0&retrans=0&sent_bytes=152357&recv_bytes=13874&delivery_rate=397052&cwnd=45600&unsent_bytes=0&cid=35cf804fef21bfb3&ts=597&x=1", cfExtPri, cfHdrFlush;dur=12
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
image/webp
last-modified
Fri, 19 Jul 2024 19:01:56 GMT
vary
Accept-Encoding
priority
u=3,i
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da11aa4866aa-AMS
accept-ranges
bytes
content-length
71598
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
img-6-bottles.webp
naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/products/img/
65 KB
66 KB
Image
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/products/img/img-6-bottles.webp
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3693051be878b4942ef22b4c2a5c35bae14350f47615044aa4b8bb54a09beae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

cf-cache-status
HIT
etag
"1056c-669ab824-54af4cceff5f5301;;;"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZShj0oveQ%2BHGMo35ke71AsRpjwRM%2Fk%2BtAnvwGZCipsWJPA0Z91YU%2FbBYgI7PxBN2Bn%2FrhfPjhbBy%2Bm79dHiTTJLWTsXFfFwgBZ5sLZu0fQAJJtioRHUJcX2QWCrRLJZfIRYY%2BRSmsDa8"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18174&min_rtt=14191&rtt_var=2892&sent=151&recv=74&lost=0&retrans=0&sent_bytes=152357&recv_bytes=13874&delivery_rate=397052&cwnd=45600&unsent_bytes=0&cid=35cf804fef21bfb3&ts=596&x=1", cfExtPri, cfHdrFlush;dur=15
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
image/webp
last-modified
Fri, 19 Jul 2024 19:01:56 GMT
vary
Accept-Encoding
priority
u=3,i
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da11aa4a66aa-AMS
accept-ranges
bytes
content-length
66924
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
gmp.svg
naturalmedicalpost.com/mvp/lipozem/upsell/assets/pages/upsell/img/
3 KB
2 KB
Image
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/pages/upsell/img/gmp.svg
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
091e5c0784f62f10bd5f2a7d3a55e7a03090f83f9a2c84fa9311ee3095b1a5c5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"db9-669ab87b-2d10aef6294c8da0;br"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jhji0WBBBSHmur3FHB%2F%2BUA3R%2Fhn0aGS2DqXDuDYJT3jkVU74hyBRZhFYkBYF8Ld24Jw3elziTtzEPRdq1444NnplicE9rfmwKtwt%2FmutjxBjm6GOKn2Fx7ykbOFs3mV0ewBQaE3z3reV"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18174&min_rtt=14191&rtt_var=2892&sent=125&recv=74&lost=0&retrans=0&sent_bytes=121185&recv_bytes=13874&delivery_rate=397052&cwnd=45600&unsent_bytes=0&cid=35cf804fef21bfb3&ts=594&x=1", cfExtPri, cfHdrFlush;dur=17
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
image/svg+xml
last-modified
Fri, 19 Jul 2024 19:03:23 GMT
vary
Accept-Encoding
priority
u=3,i
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da11aa4c66aa-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
made-in-usa.svg
naturalmedicalpost.com/mvp/lipozem/upsell/assets/pages/upsell/img/
6 KB
2 KB
Image
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/pages/upsell/img/made-in-usa.svg
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a2fabe6c2aa4c3b0f4d1a6ef3795df2681f033f76ce2446404bb22d8eb4b21c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"1780-669ab87b-9d1cd306f4d684e6;br"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5koFbqzWuIH5LZcNqwxI02DjkfQmf1GNJmyHk2MFip1mSTAeJZq24LRwsk7LokWR18mw%2BNr3%2BpXp4XgcyPpRHzLoxsAMiW0gi0rClNtp%2FHrGxbd1gPAMfQSUAoxE7pdtz9CVX2zPzhVK"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18174&min_rtt=14191&rtt_var=2892&sent=151&recv=74&lost=0&retrans=0&sent_bytes=152357&recv_bytes=13874&delivery_rate=397052&cwnd=45600&unsent_bytes=0&cid=35cf804fef21bfb3&ts=607&x=1", cfExtPri, cfHdrFlush;dur=4
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
image/svg+xml
last-modified
Fri, 19 Jul 2024 19:03:23 GMT
vary
Accept-Encoding
priority
u=3,i
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da11aa4d66aa-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
nsf.svg
naturalmedicalpost.com/mvp/lipozem/upsell/assets/pages/upsell/img/
1 KB
1 KB
Image
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/pages/upsell/img/nsf.svg
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67aa5c20795c049c4399db966b6218a6707fcef2d750393078abebd50d863962
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"4cd-669ab87b-f3644b4f6261e79b;br"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W6zut3zi%2FGcqFU4idnUTdbuIjDk%2B3HrHR4sY%2FymYZf0EliwJZPIi5lfMxiDCfodhf%2FwMqNDy5X49CPYRcQVgY9GT1je8oZcmw%2BHmEt0ldcpxtUKvsCRcQPXWBlX0TpcMZFRX77JqY1i%2B"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18174&min_rtt=14191&rtt_var=2892&sent=151&recv=74&lost=0&retrans=0&sent_bytes=152357&recv_bytes=13874&delivery_rate=397052&cwnd=45600&unsent_bytes=0&cid=35cf804fef21bfb3&ts=597&x=1", cfExtPri, cfHdrFlush;dur=14
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
image/svg+xml
last-modified
Fri, 19 Jul 2024 19:03:23 GMT
vary
Accept-Encoding
priority
u=3,i
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da11aa5166aa-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
logo-buygoods.svg
naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/img/
6 KB
3 KB
Image
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/main/img/logo-buygoods.svg
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3179ef9a2de55865664c4399b8569e4bf50ddd825323e4e1765375c8b072a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"1602-669ab7cb-5776ed3e2cab40ba;br"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5z0TlbWfJF4ubZhmdTx%2Fjmx5mrhqU9QVryw7ySmGP7zKt%2B4EwBBX7qSilUAzyqxBm0nfEQBOHTguvakHPvfCWjFpJlqh5tioqsrL9w8FPTUHJTyI9901fYd4Ic7bjqGPirTT1m%2FKLoW"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18174&min_rtt=14191&rtt_var=2892&sent=151&recv=74&lost=0&retrans=0&sent_bytes=152357&recv_bytes=13874&delivery_rate=397052&cwnd=45600&unsent_bytes=0&cid=35cf804fef21bfb3&ts=602&x=1", cfExtPri, cfHdrFlush;dur=9
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
image/svg+xml
last-modified
Fri, 19 Jul 2024 19:00:27 GMT
vary
Accept-Encoding
priority
u=3,i
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da11aa5466aa-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
disclaimer
display.buygoods.com/v1/
1 KB
2 KB
Script
General
Full URL
https://display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=9237
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/

Response headers

server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8f38da120aaf9ff3-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 17 Dec 2024 18:07:16 GMT
x-powered-by
Express
x-server
WEB_6_7500
priority
u=1,i=?0
visits
naturalmedicalpost.com/api/
0
0
Script
General
Full URL
https://naturalmedicalpost.com/api/visits?page_id=14&page_version=&request_id=AC45F18A%3A9D4E_C0A85015%3A01BB_669AB6B7_8F1E7%3A1F3D93&querystring=&fbclid=&fbp=&fbc=&referrer=
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJ%2BIKvOWu4iaznmshD3j6SZBVvTKC1u%2BvmNeLFR6k1%2FvLyj6zbvxfVbtjtZ1Cj70KEhpaKqKKnUprZxgCzE4dMykbDcVL0S%2BL9zxQqCIDMR6CQC2TmqrhBOJG8dCqq5otf7%2FUzd6JXdE"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16578&min_rtt=14191&rtt_var=1084&sent=316&recv=97&lost=0&retrans=0&sent_bytes=339459&recv_bytes=14911&delivery_rate=111271&cwnd=159600&unsent_bytes=0&cid=35cf804fef21bfb3&ts=1017&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 18:07:17 GMT
content-type
text/html
last-modified
Tue, 31 Oct 2023 20:21:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
platform
hostinger
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da11aa5666aa-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
14
naturalmedicalpost.com/api/conversions/tracker/
2 KB
2 KB
Image
General
Full URL
https://naturalmedicalpost.com/api/conversions/tracker/14?request_id=AC45F18A:9D4E_C0A85015:01BB_669AB6B7_8F1E7:1F3D93&conversionData=&conversionUrl=https%3A%2F%2Fnaturalmedicalpost.com%2Fmvp%2Flipozem%2Fupsell%2F&referrer=
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P15o%2BKP%2FLVxRmWRbfAEaNJv6AZUruIBc6f%2F0Mi8NAba6PF3x18ML3qkQ1bDJ5gF7R%2BpUvk5E6Fua7H24VQ1VWVkIKbdtiwWvjB%2Bb%2BJaaSGtoSR2MgOnML%2FjmWgWrTK2QsOwbZEf6G9jP"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16882&min_rtt=14191&rtt_var=636&sent=314&recv=96&lost=0&retrans=0&sent_bytes=337451&recv_bytes=14866&delivery_rate=6650420&cwnd=159600&unsent_bytes=0&cid=35cf804fef21bfb3&ts=797&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 18:07:16 GMT
content-type
text/html
last-modified
Tue, 31 Oct 2023 20:21:21 GMT
vary
Accept-Encoding
priority
u=3,i
platform
hostinger
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da11aa5866aa-AMS
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
/
tracking.buygoods.com/track/
6 KB
2 KB
Script
General
Full URL
https://tracking.buygoods.com/track/?a=9237&firstcookie=0&tracking_redirect=&referrer=&sessid2=&funnel_step=Upsell1&funnel_codename=3&product=lip3u,lip6u,lip9u&vid1=&vid2=&vid3=&caller_url=https%3A%2F%2Fnaturalmedicalpost.com%2Fmvp%2Flipozem%2Fupsell%2F
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db0a633d804603915c209293ddf20eedcd9acf0e72b7c155e2c5300e2d5fb89a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
expires
Tue, Jan 12 1999 01:01:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
date
Tue, 17 Dec 2024 18:07:17 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-server
WEB_6
priority
u=3,i=?0
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
no-cache, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8f38da11dec496fb-AMS
access-control-allow-origin
*
server
cloudflare
bg
buygoods.com/affiliates/go/conversion/iframe/ Frame 6598
0
0
Document
General
Full URL
https://buygoods.com/affiliates/go/conversion/iframe/bg?a=9237&t=d4c4b5b28fce26589cdc95bb9e460f76&conversion=1&s=&o=null&ut=null
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://naturalmedicalpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f38da11fad89f66-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 17 Dec 2024 18:07:17 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-server
WEB_2
player.js
scripts.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/players/6673463c51b368000cd38bac/
4 KB
2 KB
Script
General
Full URL
https://scripts.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/players/6673463c51b368000cd38bac/player.js
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:332a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
89e91ffce10d2d07c8ea3b9a964aa582f2cf2534f570a629ff660254be96905d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/

Response headers

content-encoding
gzip
etag
"0350a1214a604b5dd5caf5ebe69191ad"
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1711
x-amz-cf-id
6duKJRcNWXUiOhj_ck8vIWt8S_I-cQ72n-fw5V5xdgpdK5LEXsAeQg==
date
Tue, 17 Dec 2024 18:07:17 GMT
content-type
text/javascript
last-modified
Tue, 15 Oct 2024 11:04:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://naturalmedicalpost.com
Referer
https://fonts.googleapis.com/

Response headers

age
546970
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 10:11:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 10:11:06 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://naturalmedicalpost.com
Referer
https://fonts.googleapis.com/

Response headers

age
32458
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:06:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:06:18 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
buygoods_black.png
buygoods.com/images/
Redirect Chain
  • https://www.buygoods.com/images/buygoods_black.png
  • https://buygoods.com/images/buygoods_black.png
4 KB
5 KB
Image
General
Full URL
https://buygoods.com/images/buygoods_black.png
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
H2
Server
2606:4700:3108::ac42:28ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"59b77ee8-257c"
age
12819
cf-cache-status
HIT
expires
Fri, 15 Dec 2034 18:07:17 GMT
cf-polished
origFmt=png, origSize=9596
alt-svc
h3=":443"; ma=86400
date
Tue, 17 Dec 2024 18:07:17 GMT
content-type
image/webp
content-disposition
inline; filename="buygoods_black.webp"
x-server
WEB_2
last-modified
Tue, 12 Sep 2017 06:30:00 GMT
vary
Accept
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=315360000
cf-ray
8f38da139b3296f7-AMS
accept-ranges
bytes
content-length
4492
server
cloudflare

Redirect headers

strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=14400
location
https://buygoods.com/images/buygoods_black.png
cf-cache-status
HIT
age
5551
cf-ray
8f38da131bec9ff3-AMS
expires
Tue, 17 Dec 2024 22:07:16 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Tue, 17 Dec 2024 18:07:16 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
smartplayer.min.js
scripts.converteai.net/lib/js/smartplayer/v1/
673 KB
180 KB
Script
General
Full URL
https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Requested by
Host: scripts.converteai.net
URL: https://scripts.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/players/6673463c51b368000cd38bac/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:332a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
a4d816db9f50eda8f84a1d15b76552ca49e236689eadb73585aa047902c42ec3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/

Response headers

content-encoding
gzip
etag
"1bfc81f2bb801334ca08346da28648d4"
accept-ranges
bytes
content-length
183759
x-amz-cf-id
zTpjfg3m4jZSKytF3TP_hG7oJjImSyHZ-NulSqtYt4waVVtbkkhETQ==
date
Tue, 17 Dec 2024 18:07:17 GMT
content-type
text/javascript
last-modified
Mon, 09 Dec 2024 13:28:08 GMT
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
x
vt-h-1.b-cdn.net/ Frame
0
0
Preflight
General
Full URL
https://vt-h-1.b-cdn.net/x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://naturalmedicalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin
*
access-control-max-age
43200
cache-control
public, max-age=0
cdn-cachedat
12/17/2024 18:07:17
cdn-edgestorageid
1080
cdn-proxyver
1.06
cdn-pullzone
2820877
cdn-requestcountrycode
NL
cdn-requestid
65f7ba68d2a102f119bb8c39036e479f
cdn-requestpullcode
204
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-status
204
cdn-uid
4247456a-6900-4e79-b7d3-d05d8f618f99
date
Tue, 17 Dec 2024 18:07:17 GMT
server
BunnyCDN-DE1-1081
check
api.vturb.com.br/vturb/ Frame
0
0
Preflight
General
Full URL
https://api.vturb.com.br/vturb/check
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.252.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-252-237.compute-1.amazonaws.com
Software
APISIX/3.8.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://naturalmedicalpost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Origin
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
43200
date
Tue, 17 Dec 2024 18:07:17 GMT
server
APISIX/3.8.0
cover.jpg
images.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/players/6673463c51b368000cd38bac/
57 KB
57 KB
Image
General
Full URL
https://images.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/players/6673463c51b368000cd38bac/cover.jpg
Requested by
Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:3352 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
5c3ab4cc1eb7280c948e75b8c1404620f28d3d80ff9ae82045bc14fc424aee73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/

Response headers

etag
"ee774cec37b4090198f07ea6659829fb"
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1734458837327_3088659269_173831840_816_1660_29_0_146";dur=1
content-length
58117
x-amz-cf-id
Tsx3fyNa8YWgjij3NBebwkuau-oy8ZuXMfBbXXAUmjQ3Ci9cAM4wXg==
date
Tue, 17 Dec 2024 18:07:17 GMT
content-type
image/jpeg
last-modified
Wed, 19 Jun 2024 20:57:34 GMT
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
main.m3u8
cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/66734567f555f9000bf44589/
496 B
1020 B
XHR
General
Full URL
https://cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/66734567f555f9000bf44589/main.m3u8
Requested by
Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:250 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3e247fcf9e9729fb0799dd1e3dd2675b9e6117e893faf00d69052fbe2bc195b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/

Response headers

Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Content-Encoding
gzip
ETag
"0894a01101bc8f949c5de7146bfe853a:1718830774.054702"
Access-Control-Allow-Methods
GET,POST,OPTIONS
Date
Tue, 17 Dec 2024 18:07:17 GMT
Content-Type
application/x-mpegURL
Last-Modified
Wed, 19 Jun 2024 20:58:59 GMT
Vary
Accept-Encoding
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control
max-age=30266064
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
243
Server
AkamaiNetStorage
Akamai-Mon-Iucid-Del
1429301
truncated
/
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
x
vt-h-1.b-cdn.net/
0
0
Fetch
General
Full URL
https://vt-h-1.b-cdn.net/x
Requested by
Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash

Request headers

Referer
https://naturalmedicalpost.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
4247456a-6900-4e79-b7d3-d05d8f618f99
cdn-requestid
c942b3100c8f8ce91420324f7866c48f
cdn-pullzone
2820877
cdn-proxyver
1.06
access-control-allow-origin
*
date
Tue, 17 Dec 2024 18:07:17 GMT
cdn-edgestorageid
1081
cdn-cachedat
12/17/2024 18:07:17
server
BunnyCDN-DE1-1081
cdn-requestcountrycode
NL
cdn-requestpullcode
204
666b464d91312a00019568a4.png
cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/2024/06/13/
60 KB
61 KB
Image
General
Full URL
https://cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/2024/06/13/666b464d91312a00019568a4.png
Requested by
Host: naturalmedicalpost.com
URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:250 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50744cb509af8d1ed871fb92f2063a89599e8cbe845caa6ae3d7243f18db4332

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/

Response headers

Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
ETag
"97fa523e2d8bfcde31adef89c25b44fb"
Access-Control-Allow-Methods
GET,POST,OPTIONS
X-Amz-Cf-Id
vSA2NYTWlWdmMZOZQAO9SAUaNdY6Q2Lcf6fW3bZO7bEvWZ_S8r7diQ==
Date
Tue, 17 Dec 2024 18:07:17 GMT
Content-Type
application/x-www-form-urlencoded
Last-Modified
Thu, 13 Jun 2024 19:19:43 GMT
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control
max-age=30180123
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
61243
X-Amz-Cf-Pop
MIA3-P1
Server
AmazonS3
Akamai-Mon-Iucid-Del
1429301
x-amz-server-side-encryption
AES256
check
api.vturb.com.br/vturb/
0
139 B
XHR
General
Full URL
https://api.vturb.com.br/vturb/check
Requested by
Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.252.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-252-237.compute-1.amazonaws.com
Software
APISIX/3.8.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://naturalmedicalpost.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
*
access-control-expose-headers
Content-Length
content-length
0
date
Tue, 17 Dec 2024 18:07:17 GMT
server
APISIX/3.8.0
access-control-allow-credentials
true
logo-a.png
naturalmedicalpost.com/mvp/lipozem/upsell/assets/pages/upsell/img/
8 KB
9 KB
Other
General
Full URL
https://naturalmedicalpost.com/mvp/lipozem/upsell/assets/pages/upsell/img/logo-a.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e981efed486a1705afe98d93bbad0666946d1a8a5717fc923adddc3dac312c2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/mvp/lipozem/upsell/

Response headers

cf-cache-status
HIT
etag
"2102-669ab8a9-851c6007ed73bb1d;;;"
age
43134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hsSPhsmCCDLBqMfkVTLw9Rx8fbFtBMcjaU8K3%2F8qzDzulXgS0HM5L7G4kc7y6lOXINupq53%2BtnN3tEBDSp8YFjQtp199%2B%2F6XhVf3Gcfo8dT3UhzREfGMn%2FpuaMoc2KoWaabCXJVV4Cqu"}],"group":"cf-nel","max_age":604800}
expires
Tue, 24 Dec 2024 06:08:23 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16815&min_rtt=14191&rtt_var=1286&sent=319&recv=99&lost=0&retrans=0&sent_bytes=341494&recv_bytes=15449&delivery_rate=87940&cwnd=159600&unsent_bytes=0&cid=35cf804fef21bfb3&ts=1384&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 18:07:17 GMT
content-type
image/png
last-modified
Fri, 19 Jul 2024 19:04:09 GMT
vary
Accept-Encoding
priority
u=1,i
platform
hostinger
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f38da16895e66aa-AMS
accept-ranges
bytes
content-length
8450
x-turbo-charged-by
LiteSpeed
server
cloudflare
panel
hpanel
original_360p.m3u8
cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/66734567f555f9000bf44589/
3 KB
1 KB
XHR
General
Full URL
https://cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/66734567f555f9000bf44589/original_360p.m3u8
Requested by
Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:250 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
cf0c746a81b7a9004094f0341c6c2d6c3039ab0ecf308a10660f9e25c9f12a73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/

Response headers

Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Content-Encoding
gzip
ETag
"d4d8e058bafef020d8ec26823ee889fc:1718830774.301362"
Access-Control-Allow-Methods
GET,POST,OPTIONS
Date
Tue, 17 Dec 2024 18:07:17 GMT
Content-Type
application/x-mpegURL
Last-Modified
Wed, 19 Jun 2024 20:58:59 GMT
Vary
Accept-Encoding
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control
max-age=31253833
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
323
Server
AkamaiNetStorage
Akamai-Mon-Iucid-Del
1429301
segment__00001.ts
cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/66734567f555f9000bf44589/original_360p/
613 KB
614 KB
XHR
General
Full URL
https://cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/66734567f555f9000bf44589/original_360p/segment__00001.ts
Requested by
Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:250 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5b1eda3e129986e98463e9a3e2833d5e7dc133db4e4916def11264769e99fb3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/

Response headers

Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
ETag
"e6989298fd5c2d43262461b4cd3e9b1f:1718830774.743433"
Access-Control-Allow-Methods
GET,POST,OPTIONS
Date
Tue, 17 Dec 2024 18:07:18 GMT
Last-Modified
Wed, 19 Jun 2024 20:58:12 GMT
Content-Type
video/MP2T
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control
max-age=31325897
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
628108
Server
AkamaiNetStorage
Akamai-Mon-Iucid-Del
1429301
4f54fbf5-961e-4191-85ec-e574bdbe5508
https://naturalmedicalpost.com/ Frame
0
0

original_720p.m3u8
cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/66734567f555f9000bf44589/
3 KB
1 KB
XHR
General
Full URL
https://cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/66734567f555f9000bf44589/original_720p.m3u8
Requested by
Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:250 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ffd96d9e5ed675d4ac60448617baa0ef9ee9d708dec954e3b4de0d5ee6962b38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/

Response headers

Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Content-Encoding
gzip
ETag
"1943570116ccdae230394d7a48036e98:1718830774.585322"
Access-Control-Allow-Methods
GET,POST,OPTIONS
Date
Tue, 17 Dec 2024 18:07:18 GMT
Content-Type
application/x-mpegURL
Last-Modified
Wed, 19 Jun 2024 20:58:59 GMT
Vary
Accept-Encoding
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control
max-age=31473788
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
323
Server
AkamaiNetStorage
Akamai-Mon-Iucid-Del
1429301
x
vt-h-1.b-cdn.net/
0
0
Fetch
General
Full URL
https://vt-h-1.b-cdn.net/x
Requested by
Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash

Request headers

Referer
https://naturalmedicalpost.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
4247456a-6900-4e79-b7d3-d05d8f618f99
cdn-requestid
50fb5e4a3a1fc3bebe71b235826708b7
cdn-pullzone
2820877
cdn-proxyver
1.06
access-control-allow-origin
*
date
Tue, 17 Dec 2024 18:07:18 GMT
cdn-edgestorageid
1081
cdn-cachedat
12/17/2024 18:07:18
server
BunnyCDN-DE1-1081
cdn-requestcountrycode
NL
cdn-requestpullcode
204
segment__00002.ts
cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/66734567f555f9000bf44589/original_720p/
2 MB
2 MB
XHR
General
Full URL
https://cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/66734567f555f9000bf44589/original_720p/segment__00002.ts
Requested by
Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:250 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0623c65cf6ae2bc78b4e65865f76586804d76e4b922fea91ca9575fdbffb57eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/

Response headers

Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
ETag
"1ea4e6066aa6b300616fd2773187b59f:1718830795.884618"
Access-Control-Allow-Methods
GET,POST,OPTIONS
Date
Tue, 17 Dec 2024 18:07:19 GMT
Last-Modified
Wed, 19 Jun 2024 20:58:12 GMT
Content-Type
video/MP2T
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control
max-age=30130409
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1892408
Server
AkamaiNetStorage
Akamai-Mon-Iucid-Del
1429301
segment__00003.ts
cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/66734567f555f9000bf44589/original_720p/
2 MB
2 MB
XHR
General
Full URL
https://cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/66734567f555f9000bf44589/original_720p/segment__00003.ts
Requested by
Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:250 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
098bd7672cf68d4ae5f72a9d0d9df29939b3852214b8fd4cd6822983cbf94425

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://naturalmedicalpost.com/

Response headers

Access-Control-Max-Age
86400
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
ETag
"1adb78f65791f9c2e15b79e99dcd35cd:1718830796.036079"
Access-Control-Allow-Methods
GET,POST,OPTIONS
Date
Tue, 17 Dec 2024 18:07:20 GMT
Last-Modified
Wed, 19 Jun 2024 20:58:12 GMT
Content-Type
video/MP2T
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control
max-age=30913755
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1673952
Server
AkamaiNetStorage
Akamai-Mon-Iucid-Del
1429301
segment__00004.ts
cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/66734567f555f9000bf44589/original_720p/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
naturalmedicalpost.com
URL
blob:https://naturalmedicalpost.com/4f54fbf5-961e-4191-85ec-e574bdbe5508
Domain
cdn.converteai.net
URL
https://cdn.converteai.net/a69a2e49-27d1-4ec3-8f00-39c14d078e68/66734567f555f9000bf44589/original_720p/segment__00004.ts

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __app function| recordEmailConversion string| mysrc object| newScript object| s function| ReadCookie object| oid function| vTurbChangePlayer function| vTurbCreatSmartvdsElements function| vTurbLoadSmrtvds function| vTurbSmrtvds object| vTurbOriginalPlayer string| vTurbSrcId object| vTurbPlayer function| smrtvds function| _smrtvds function| Hls function| setImmediate function| clearImmediate function| Hermes object| dataLayer function| gtag object| smartplayer object| spitoday object| spiexpire function| SPIGetDomainName string| hostname object| spi_myNodelist number| spi_i string| spi_pattern_enc_bg string| spi_pattern_base_bg string| spi_replace_str_bg string| spi_pattern_enc_bg_html string| spi_pattern_base_bg_html string| spi_replace_str_bg_html string| spi_pattern_enc_bg_html2 string| spi_pattern_base_bg_html2 string| spi_replace_str_bg_html2 string| spi_pattern_enc_spi string| spi_pattern_base_spi string| spi_replace_str_spi string| spi_pattern_enc_cbd string| spi_pattern_base_cbd string| spi_replace_str_cbd string| spi_pattern_enc_cbd_html string| spi_pattern_base_cbd_html string| spi_replace_str_cbd_html string| spi_replace_enc_cbd string| spi_replace_enc_cbd_html string| spi_replace_enc_bg string| spi_replace_enc_bg_html string| spi_replace_enc_bg_html2 string| spi_replace_enc_spi string| spi_track_link

12 Cookies

Domain/Path Name / Value
backfunnel.com.br/ Name: wp_sfunnel_route
Value: af14665339d57ccca4d7939462514479
backfunnel.com.br/ Name: wp_sfunnel_traffic_origin
Value: 10
backfunnel.com.br/ Name: wp_sfunnel_traffic_origin_204
Value: 10
backfunnel.com.br/ Name: wp_sfunnel_first_navigation
Value: 6079
backfunnel.com.br/ Name: wp_sfunnel_traffic_first_204
Value: 10
backfunnel.com.br/ Name: wp_sfunnel_user
Value: 9d849dfdfe3dd7900b65a83d91bc3f68
backfunnel.com.br/ Name: wp_sfunnel_user_204
Value: 9d849dfdfe3dd7900b65a83d91bc3f68
backfunnel.com.br/ Name: wp_sfunnel_funnel
Value: 204
backfunnel.com.br/ Name: wp_sfunnel_log
Value: 2940589
.naturalmedicalpost.com/ Name: sessid2
Value: sessid20241217180745309
.naturalmedicalpost.com/ Name: spi_funnel_codename
Value: 3
.naturalmedicalpost.com/ Name: referrer
Value: 31.204.153.75::naturalmedicalpost.com%2Fmvp%2Flipozem%2Fupsell

4 Console Messages

Source Level URL
Text
network error URL: https://naturalmedicalpost.com/api/conversions/tracker/14?request_id=AC45F18A:9D4E_C0A85015:01BB_669AB6B7_8F1E7:1F3D93&conversionData=&conversionUrl=https%3A%2F%2Fnaturalmedicalpost.com%2Fmvp%2Flipozem%2Fupsell%2F&referrer=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://naturalmedicalpost.com/api/visits?page_id=14&page_version=&request_id=AC45F18A%3A9D4E_C0A85015%3A01BB_669AB6B7_8F1E7%3A1F3D93&querystring=&fbclid=&fbp=&fbc=&referrer=
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Message:
Specifying 'overflow: visible' on img, video and canvas tags may cause them to produce visual content outside of the element bounds. See https://github.com/WICG/view-transitions/blob/main/debugging_overflow_on_images.md for details.
rendering warning URL: https://naturalmedicalpost.com/mvp/lipozem/upsell/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0601D004C1C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.vturb.com.br
backfunnel.com.br
buygoods.com
cdn.converteai.net
display.buygoods.com
fonts.googleapis.com
fonts.gstatic.com
images.converteai.net
naturalmedicalpost.com
scripts.converteai.net
tracking.buygoods.com
vt-h-1.b-cdn.net
www.buygoods.com
cdn.converteai.net
naturalmedicalpost.com
172.217.18.3
172.66.40.234
172.66.43.115
172.67.130.90
18.235.252.237
188.114.97.3
2400:52e0:1e00::1081:1
2606:4700:3108::ac42:28ea
2606:4700:3108::ac42:2b16
2a00:1450:4001:813::200a
2a02:26f0:4700::210:250
2a02:26f0:ab00::b819:332a
2a02:26f0:ab00::b819:3352
03b0c54bdb3ec3feaac939cafeeb9766d3834872c0196fc956b32c358718f391
0623c65cf6ae2bc78b4e65865f76586804d76e4b922fea91ca9575fdbffb57eb
091e5c0784f62f10bd5f2a7d3a55e7a03090f83f9a2c84fa9311ee3095b1a5c5
098bd7672cf68d4ae5f72a9d0d9df29939b3852214b8fd4cd6822983cbf94425
0d3179ef9a2de55865664c4399b8569e4bf50ddd825323e4e1765375c8b072a8
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
2a2fabe6c2aa4c3b0f4d1a6ef3795df2681f033f76ce2446404bb22d8eb4b21c
33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
3e247fcf9e9729fb0799dd1e3dd2675b9e6117e893faf00d69052fbe2bc195b4
50744cb509af8d1ed871fb92f2063a89599e8cbe845caa6ae3d7243f18db4332
555d6ef90adfcf6650db40bdd3e17847f22496a6a0fdfd8215f8d36a3253187d
55acd86f6537058bdafaaf5ad3602f448934343d30dc33cb9841bf7c1347e60f
5b1eda3e129986e98463e9a3e2833d5e7dc133db4e4916def11264769e99fb3b
5c3ab4cc1eb7280c948e75b8c1404620f28d3d80ff9ae82045bc14fc424aee73
67aa5c20795c049c4399db966b6218a6707fcef2d750393078abebd50d863962
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6e0ac4fdbcbecad301275bb3b3af1681cebb15f4db248a208157691d3a82a2ed
6fae78f9e81c01dfcfaa1e0385c04a833fd4cae406aba668b83d8272ef8de9fb
754ffb81d2c0f2e96ba16bf1e322711214f082e4d507fb714cba95dc3275cfbf
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89e91ffce10d2d07c8ea3b9a964aa582f2cf2534f570a629ff660254be96905d
8d68ec69ca5c686188fe29f49652474bb377ae329f328bace8c5f9d6c4214a55
8d749da54ee185be72cba4804468f84e6fdc55ce3b8033443f7b5a69247cfadf
956da9f264d49755192711c93da2704645e7125d2689a23a07a4c6b98a9b4458
970ec1d0656023b4a721a4fdfb130b5ba4b31382407d52936b838f74cc2aec75
a1ccd2f6407fc10ba88718fdd387f97a60bff553794563e6509d54200d50578d
a4d816db9f50eda8f84a1d15b76552ca49e236689eadb73585aa047902c42ec3
b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236
bf1668cad3243625ee1bbd05beb9b5af3784bc6fc593f7851a4e590a3ea04f1c
c5e341f6baa52f518053b118fc416137d82753765bebed76bfb53b13d33996ed
cf0c746a81b7a9004094f0341c6c2d6c3039ab0ecf308a10660f9e25c9f12a73
d3693051be878b4942ef22b4c2a5c35bae14350f47615044aa4b8bb54a09beae
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
db0a633d804603915c209293ddf20eedcd9acf0e72b7c155e2c5300e2d5fb89a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e981efed486a1705afe98d93bbad0666946d1a8a5717fc923adddc3dac312c2b
ee08b3e67410abd9be500a3052b480ca3c676e0819a65a58397d6fc60e5f0fd6
ffd96d9e5ed675d4ac60448617baa0ef9ee9d708dec954e3b4de0d5ee6962b38