Submitted URL: https://www.swiss-health-nutrition.com/
Effective URL: https://www.bethechange.health/en/
Submission: On February 29 via automatic, source certstream-suspicious

Summary

This website contacted 11 IPs in 4 countries across 14 domains to perform 39 HTTP transactions. The main IP is 88.99.141.78, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.bethechange.health.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 7th 2020. Valid for: 3 months.
This is the only time www.bethechange.health was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
21 www.bethechange.health 2 redirects www.bethechange.health
4 bethechange.paloma.one www.bethechange.health
3 fast.a.klaviyo.com static.klaviyo.com
3 static.klaviyo.com www.googletagmanager.com
static.klaviyo.com
3 www.googletagmanager.com www.bethechange.health
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 s3.eu-central-1.amazonaws.com www.bethechange.health
1 www.google.de www.bethechange.health
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.youtube.com www.bethechange.health
1 www.bugherd.com www.bethechange.health
1 i.imgur.com www.bethechange.health
1 beaster.ch 1 redirects
1 www.swiss-health-nutrition.com 1 redirects
39 15

This site contains links to these domains. Also see Links.

Domain
www.ispo.com
www.instagram.com
www.facebook.com
Subject Issuer Validity Valid
bethechange.health
Let's Encrypt Authority X3
2020-01-07 -
2020-04-06
3 months crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA
2020-01-15 -
2022-03-16
2 years crt.sh
www.bugherd.com
Let's Encrypt Authority X3
2020-02-12 -
2020-05-12
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
*.google.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
*.s3.eu-central-1.amazonaws.com
DigiCert Baltimore CA-2 G2
2019-11-09 -
2020-12-10
a year crt.sh
fast.a.klaviyo.com
COMODO RSA Domain Validation Secure Server CA
2018-10-05 -
2020-10-04
2 years crt.sh
www.google.de
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
*.paloma.one
Gandi Standard SSL CA 2
2019-10-29 -
2021-11-20
2 years crt.sh

This page contains 2 frames:

Primary Page: https://www.bethechange.health/en/
Frame ID: F13EE16048BEA27D130AEECC9C87CDD2
Requests: 38 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ommvz9QbxtU?rel=0
Frame ID: 6031D8A1D4C68BCEFEE6C19246CEE1F4
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.swiss-health-nutrition.com/ HTTP 301
    http://beaster.ch/ HTTP 301
    https://www.bethechange.health/ HTTP 301
    https://www.bethechange.health/en HTTP 301
    https://www.bethechange.health/en/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

39
Requests

100 %
HTTPS

43 %
IPv6

14
Domains

15
Subdomains

11
IPs

4
Countries

2924 kB
Transfer

4605 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.swiss-health-nutrition.com/ HTTP 301
    http://beaster.ch/ HTTP 301
    https://www.bethechange.health/ HTTP 301
    https://www.bethechange.health/en HTTP 301
    https://www.bethechange.health/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=90146864&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bethechange.health%2Fen%2F&ul=en-us&de=UTF-8&dt=BE%20THE%20CHANGE%C2%AE&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1231412168&gjid=502941347&cid=884531211.1582962852&tid=UA-134518552-1&_gid=641196379.1582962852&_r=1&gtm=2wg2j0P5L6ZKS&z=943000570 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-134518552-1&cid=884531211.1582962852&jid=1231412168&_gid=641196379.1582962852&gjid=502941347&_v=j81&z=943000570 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134518552-1&cid=884531211.1582962852&jid=1231412168&_v=j81&z=943000570 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134518552-1&cid=884531211.1582962852&jid=1231412168&_v=j81&z=943000570&slf_rd=1&random=3247760418

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
www.bethechange.health/en/
Redirect Chain
  • https://www.swiss-health-nutrition.com/
  • http://beaster.ch/
  • https://www.bethechange.health/
  • https://www.bethechange.health/en
  • https://www.bethechange.health/en/
21 KB
5 KB
Document
General
Full URL
https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
520da6a6e240b27251494f5be305991eaefa0c2555d982f57943fafd19830e5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Host
www.bethechange.health
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Date
Sat, 29 Feb 2020 07:54:11 GMT
Server
Apache
Cache-Control
max-age=0, must-revalidate, private
Expires
Sat, 29 Feb 2020 07:54:11 GMT
Set-Cookie
PHPSESSID=p4blf0r1p7vf87pqhgi7lsen0l; path=/; secure; HttpOnly; SameSite=lax
Vary
Accept-Encoding
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
Content-Length
4538
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sat, 29 Feb 2020 07:54:11 GMT
Server
Apache
Location
https://www.bethechange.health/en/
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
app.f082cfcb.css
www.bethechange.health/build/
313 KB
51 KB
Stylesheet
General
Full URL
https://www.bethechange.health/build/app.f082cfcb.css
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
8d8413bfb0e741b3268dbec65d853434c52653b135fd1d0348d81499f1279fa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Sat, 29 Feb 2020 07:54:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Nov 2019 13:19:08 GMT
Server
Apache
ETag
"4e33f-597db246df76a-gzip"
X-Frame-Options
sameorigin
Content-Type
text/css; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
52240
Keep-Alive
timeout=5, max=97
bethechange-logo.png
www.bethechange.health/img/
115 KB
115 KB
Image
General
Full URL
https://www.bethechange.health/img/bethechange-logo.png
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
df1284eba091de67a160d50badd3717873471daf2ba25010956cff95efec7f76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 29 Feb 2020 07:54:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Sep 2019 05:46:33 GMT
Server
Apache
ETag
"1ca3c-591dbf5eeacc3"
X-Frame-Options
sameorigin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
117308
KaVM7Vi.png
i.imgur.com/
17 KB
18 KB
Image
General
Full URL
https://i.imgur.com/KaVM7Vi.png
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
070a2d8bd5ab798caf527222acd1c551392a0ae0cd1fe9e9ce4df737d19ea43d

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 29 Feb 2020 07:54:11 GMT
age
6806932
x-cache
HIT, HIT
status
200
content-length
17910
x-served-by
cache-bwi5129-BWI, cache-hhn4059-HHN
last-modified
Thu, 12 Dec 2019 13:05:18 GMT
server
cat factory 1.0
x-timer
S1582962852.842373,VS0,VE1
etag
"a3f334aab2f7675fa39bb80fe337ce94"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
footer_logo@2x.png
www.bethechange.health/img/
10 KB
11 KB
Image
General
Full URL
https://www.bethechange.health/img/footer_logo@2x.png
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
eed0c4f88494b76af5d882c9fd0c92bf0d3af9f34fc947b0b3dbf040ebaecbe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 29 Feb 2020 07:54:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Sep 2019 05:46:33 GMT
Server
Apache
ETag
"29b7-591dbf5eeacc3"
X-Frame-Options
sameorigin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
10679
translator.min.js
www.bethechange.health/bundles/bazingajstranslation/js/
4 KB
2 KB
Script
General
Full URL
https://www.bethechange.health/bundles/bazingajstranslation/js/translator.min.js
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
fee05c6738a4b8a3d27969c131de452ae42690462bf46200830c8c9f2f968fb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sat, 29 Feb 2020 07:54:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Nov 2019 13:18:42 GMT
Server
Apache
ETag
"11a6-597db22e91b8d-gzip"
X-Frame-Options
sameorigin
Content-Type
text/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
1852
Keep-Alive
timeout=5, max=96
translations
www.bethechange.health/
20 KB
4 KB
Script
General
Full URL
https://www.bethechange.health/translations?locales=en
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
96cf90230a19ee569cb706495d5fd741e9d8588a13c5af5ed18371cfc8416ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sat, 29 Feb 2020 07:54:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
ETag
"069b5cfc67491677c23316ff761441ea-gzip"
X-Frame-Options
sameorigin
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate, private
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
4087
Keep-Alive
timeout=5, max=94
Expires
Sat, 29 Feb 2020 07:54:11 GMT
runtime.1ba6bf05.js
www.bethechange.health/build/
1 KB
1 KB
Script
General
Full URL
https://www.bethechange.health/build/runtime.1ba6bf05.js
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
a978f8acfb0a4d06c77f2d9065bcc206bd5b83b75b3184afea0e3ad41ecadd95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sat, 29 Feb 2020 07:54:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Nov 2019 13:19:08 GMT
Server
Apache
ETag
"5b6-597db246df76a-gzip"
X-Frame-Options
sameorigin
Content-Type
text/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
724
Keep-Alive
timeout=5, max=100
0.5acf6108.js
www.bethechange.health/build/
645 KB
206 KB
Script
General
Full URL
https://www.bethechange.health/build/0.5acf6108.js
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
c10d5e881108530db5a2ea499346b580b4c2d0880c7f4830d10dd74e92583c8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sat, 29 Feb 2020 07:54:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Nov 2019 13:19:08 GMT
Server
Apache
ETag
"a1292-597db246df76a-gzip"
X-Frame-Options
sameorigin
Content-Type
text/javascript; charset=utf-8
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Keep-Alive
timeout=5, max=100
app.7d1e3b3b.js
www.bethechange.health/build/
186 KB
32 KB
Script
General
Full URL
https://www.bethechange.health/build/app.7d1e3b3b.js
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
db9b5fe44b09a78c9d0f0058021f7fdb63e2187f4fd3075135976ef7d98ba0ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sat, 29 Feb 2020 07:54:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Nov 2019 13:19:08 GMT
Server
Apache
ETag
"2e7da-597db246df76a-gzip"
X-Frame-Options
sameorigin
Content-Type
text/javascript; charset=utf-8
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
32054
Keep-Alive
timeout=5, max=99
sidebarv2.js
www.bugherd.com/
43 B
572 B
Script
General
Full URL
https://www.bugherd.com/sidebarv2.js?apikey=t6s8jylkeejqi1edl3jhrw
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.145.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-145-192.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
6faed0e4b708dd466ed2caf20a877b4b99ce8f938d31caa3af6f70772ba641ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

X-Runtime
0.014535
Date
Sat, 29 Feb 2020 07:54:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Cowboy
Etag
W/"2da8d75c1fcd701a82f3804f4c150cac"
X-Frame-Options
SAMEORIGIN
P3p
CP="NOI ADM DEV COM NAV OUR STP"
Via
1.1 vegur
Cache-Control
max-age=0, private, must-revalidate
Connection
close
Content-Type
text/javascript; charset=utf-8
Vary
Accept-Encoding
X-Xss-Protection
1; mode=block
X-Request-Id
4ac7bf77-7b3d-426b-88e1-1b7a86bdbba2
gtm.js
www.googletagmanager.com/
56 KB
21 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P5L6ZKS
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b9a356b9d438c15a279388bb45dd0a62d29b351673ce4ca836dc933a6998f3e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 29 Feb 2020 07:54:11 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21336
x-xss-protection
0
last-modified
Sat, 29 Feb 2020 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Feb 2020 07:54:11 GMT
ommvz9QbxtU
www.youtube.com/embed/ Frame 6031
0
0
Document
General
Full URL
https://www.youtube.com/embed/ommvz9QbxtU?rel=0
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/ommvz9QbxtU?rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.bethechange.health/en/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.bethechange.health/en/

Response headers

status
200
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
cache-control
no-cache
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 GMT
date
Sat, 29 Feb 2020 07:54:12 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=-kXM9xzYAdA; path=/; domain=.youtube.com; secure; expires=Thu, 27-Aug-2020 07:54:11 GMT; httponly; samesite=None YSC=g7esKDulfcY; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 29-Feb-2020 08:24:11 GMT VISITOR_INFO1_LIVE=-kXM9xzYAdA; path=/; domain=.youtube.com; secure; expires=Thu, 27-Aug-2020 07:54:11 GMT; httponly; samesite=None
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
btc_header17_2.jpg
s3.eu-central-1.amazonaws.com/aioma-cms-heal/heal/images/e80ef836-d933-11e9-aa60-0242ac120008/
861 KB
862 KB
Image
General
Full URL
https://s3.eu-central-1.amazonaws.com/aioma-cms-heal/heal/images/e80ef836-d933-11e9-aa60-0242ac120008/btc_header17_2.jpg
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.74.179 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7b31159aff22e27fe41ac85626e0dc7899f4b5161ce387501f4d54c424b31bda

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 29 Feb 2020 07:54:12 GMT
Last-Modified
Tue, 17 Sep 2019 10:14:18 GMT
Server
AmazonS3
x-amz-request-id
D3729CA58BD9C34D
ETag
"ea9ba94e7412edac1bb73bd7738424e2"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
882103
x-amz-id-2
8tSs8aheIcRcjAX9f+DRE8RI0tVo+1Kx4G7OUjHryZNozT80AP5z6GGHXc0cv6p4zsfuIMjB2kc=
btc_header18.jpg
s3.eu-central-1.amazonaws.com/aioma-cms-heal/heal/images/fdbf9e88-d933-11e9-9547-0242ac120008/
431 KB
432 KB
Image
General
Full URL
https://s3.eu-central-1.amazonaws.com/aioma-cms-heal/heal/images/fdbf9e88-d933-11e9-9547-0242ac120008/btc_header18.jpg
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.74.179 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ea913fdaebc7b82617f2c49f361d354b00b53f12e9c45b2f6ec9c2df6996d2c2

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 29 Feb 2020 07:54:12 GMT
Last-Modified
Tue, 17 Sep 2019 10:14:56 GMT
Server
AmazonS3
x-amz-request-id
538ABF4AA1629E9A
ETag
"6061de939299ca47fdcc3f141005ff33"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
441773
x-amz-id-2
fuxldggQqe5Mhf/qEd3L4mjytHgDMXnHfjb5XjtRFCGOsJex+5/PHZW6E7/nvnqSrFctCg++zY0=
instagram.d2690c13.svg
www.bethechange.health/build/images/
1 KB
964 B
Image
General
Full URL
https://www.bethechange.health/build/images/instagram.d2690c13.svg
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
b17c91443837b480aa4902aa65b578f35d66d587318a3918909c627ae2617561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/build/app.f082cfcb.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 29 Feb 2020 07:54:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Nov 2019 13:19:08 GMT
Server
Apache
ETag
"4f9-597db246de7ca-gzip"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
578
Keep-Alive
timeout=5, max=97
facebook.6b9f943f.svg
www.bethechange.health/build/images/
612 B
751 B
Image
General
Full URL
https://www.bethechange.health/build/images/facebook.6b9f943f.svg
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
350e4a7e647c8429ac5ba89b798c3ad3b4530336ef7d7e9e8da9c9554243e9ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/build/app.f082cfcb.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 29 Feb 2020 07:54:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Nov 2019 13:19:08 GMT
Server
Apache
ETag
"264-597db246dd82a-gzip"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
365
Keep-Alive
timeout=5, max=99
AkkuratPro-Regular_1.9f75f642.woff2
www.bethechange.health/build/fonts/
20 KB
21 KB
Font
General
Full URL
https://www.bethechange.health/build/fonts/AkkuratPro-Regular_1.9f75f642.woff2
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
e0a382bab4337016e732ae7601aaeaffa0e5066be73a6368af15735206498b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/build/app.f082cfcb.css
Origin
https://www.bethechange.health
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 29 Feb 2020 07:54:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Nov 2019 13:19:08 GMT
Server
Apache
ETag
"5190-597db246dd82a"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
20880
AkkuratPro-Bold_1.ab6ab39d.woff2
www.bethechange.health/build/fonts/
20 KB
21 KB
Font
General
Full URL
https://www.bethechange.health/build/fonts/AkkuratPro-Bold_1.ab6ab39d.woff2
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
c28529d71153ffa2b24e91b98ca1581cd5058fcad51465397d5b2a809f39152b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/build/app.f082cfcb.css
Origin
https://www.bethechange.health
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 29 Feb 2020 07:54:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Nov 2019 13:19:08 GMT
Server
Apache
ETag
"5188-597db246dd82a"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
20872
fa-regular-400.d3d31317.woff2
www.bethechange.health/build/fonts/
149 KB
149 KB
Font
General
Full URL
https://www.bethechange.health/build/fonts/fa-regular-400.d3d31317.woff2
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
e689270b831964b3fbff3e17fdc3be952cd831cef717bd5ef39bcf0199c4feae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/build/app.f082cfcb.css
Origin
https://www.bethechange.health
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 29 Feb 2020 07:54:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Nov 2019 13:19:08 GMT
Server
Apache
ETag
"25280-597db246dd82a"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
152192
klinicslabmedium-webfont.2151d4e6.woff
www.bethechange.health/build/fonts/
19 KB
19 KB
Font
General
Full URL
https://www.bethechange.health/build/fonts/klinicslabmedium-webfont.2151d4e6.woff
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
50cdf480934cb1e7c3804469b8d70e71fcf82162069586146075025feaae5b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/build/app.f082cfcb.css
Origin
https://www.bethechange.health
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 29 Feb 2020 07:54:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Nov 2019 13:19:08 GMT
Server
Apache
ETag
"4c24-597db246de7ca"
X-Frame-Options
sameorigin
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
19492
AkkuratPro-Light_1.c9bcfa27.woff2
www.bethechange.health/build/fonts/
20 KB
21 KB
Font
General
Full URL
https://www.bethechange.health/build/fonts/AkkuratPro-Light_1.c9bcfa27.woff2
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
20a5731c19b9f752d8d4709e8abf0eb55d6a4465180a8e3676e653f80e489150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/build/app.f082cfcb.css
Origin
https://www.bethechange.health
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 29 Feb 2020 07:54:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Nov 2019 13:19:08 GMT
Server
Apache
ETag
"511c-597db246dd82a"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
20764
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5L6ZKS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
120
date
Sat, 29 Feb 2020 07:52:11 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Sat, 29 Feb 2020 09:52:11 GMT
klaviyo.js
static.klaviyo.com/onsite/js/
98 KB
28 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=QuD4Gy
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5L6ZKS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83021c694a2666c8a0b41e56a35e0994a485761e9bb3d66279b7775abb8641e0

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
vA3HqBJNdMk2seReUyQUhYRtxi98WBnX
content-encoding
gzip
age
0
x-cache
MISS
status
200
date
Sat, 29 Feb 2020 07:54:12 GMT
content-length
27972
x-amz-id-2
OknYEDnNFpGeokpS7Z5XJr88Uvba2bGjpXHu7OY79+8cBn14ACAE7LSumSalyuSMtZgrBLJp5AE=
x-served-by
cache-fra19152-FRA
last-modified
Sat, 29 Feb 2020 00:10:40 GMT
server
AmazonS3
etag
"d988d4bbfa3bc600081683a7693cd946"
vary
Accept-Encoding
x-amz-request-id
D8FF0502DE016466
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
content-type
application/x-javascript
x-cache-hits
0
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=90146864&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bethechange.health%2Fen%2F&ul=en-us&de=UTF-8&dt=BE%20THE%20CHANGE%C2%AE&sd=24-bit&sr=1600x1200&...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-134518552-1&cid=884531211.1582962852&jid=1231412168&_gid=641196379.1582962852&gjid=502941347&_v=j81&z=943000570
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134518552-1&cid=884531211.1582962852&jid=1231412168&_v=j81&z=943000570
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134518552-1&cid=884531211.1582962852&jid=1231412168&_v=j81&z=943000570&slf_rd=1&random=3247760418
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134518552-1&cid=884531211.1582962852&jid=1231412168&_v=j81&z=943000570&slf_rd=1&random=3247760418
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Feb 2020 07:54:12 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Feb 2020 07:54:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-134518552-1&cid=884531211.1582962852&jid=1231412168&_v=j81&z=943000570&slf_rd=1&random=3247760418
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
search
www.bethechange.health/en/api/
3 KB
1 KB
XHR
General
Full URL
https://www.bethechange.health/en/api/search
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/build/0.5acf6108.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
90ab5c070f186c3af3c17605935d9a48cbf3b6ffa3041ebe6de842af1130975e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Origin
https://www.bethechange.health
x-csrf-token
luEGGKjG52bwxQ3yJtStpxpRiOI6v0ovPZEE8xQjrUw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://www.bethechange.health/en/
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest

Response headers

Date
Sat, 29 Feb 2020 07:54:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
sameorigin
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, must-revalidate, private
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
969
Keep-Alive
timeout=5, max=99
Expires
Sat, 29 Feb 2020 07:54:12 GMT
fa-solid-900.ed0564f6.woff2
www.bethechange.health/build/fonts/
120 KB
121 KB
Font
General
Full URL
https://www.bethechange.health/build/fonts/fa-solid-900.ed0564f6.woff2
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
550f1ae5d566afed493ab8b5f1dd1b4d5a777ef19d1b3c57bf7b01025fefd38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/build/app.f082cfcb.css
Origin
https://www.bethechange.health
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 29 Feb 2020 07:54:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Nov 2019 13:19:08 GMT
Server
Apache
ETag
"1e0fc-597db246dd82a"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
123132
fa-light-300.50ef43c2.woff2
www.bethechange.health/build/fonts/
161 KB
161 KB
Font
General
Full URL
https://www.bethechange.health/build/fonts/fa-light-300.50ef43c2.woff2
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.141.78 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
svhtnr03.srv.origammi.ch
Software
Apache /
Resource Hash
f8cdfe0414eac9a2380c093c8f3de44e1298e2ef2f9fcdf3a999f86c357ab5e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.bethechange.health/build/app.f082cfcb.css
Origin
https://www.bethechange.health
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 29 Feb 2020 07:54:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Nov 2019 13:19:08 GMT
Server
Apache
ETag
"28374-597db246dd82a"
X-Frame-Options
sameorigin
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
164724
a
www.googletagmanager.com/
0
130 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-P5L6ZKS&cv=2&v=3&t=t&pid=550263328&rv=2j0&es=1&e=gtm.js&eid=0&tc=2&tr=1ua.1html.5ua&ti=1ua.1html.1ua&z=0
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 29 Feb 2020 07:54:12 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
BTC_Essentials_1_VitaminsD3K2Omega3fattyacids_detailansicht_hero.png
bethechange.paloma.one/images/medium/product-images/126001/btkfrzbao.png/
101 KB
102 KB
Image
General
Full URL
https://bethechange.paloma.one/images/medium/product-images/126001/btkfrzbao.png/BTC_Essentials_1_VitaminsD3K2Omega3fattyacids_detailansicht_hero.png
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.203.210.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.115.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
5096daabaddfd59761f84440d0ad167ff3025c1d78f57f01aa85c9f2cd6fda1a

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 29 Feb 2020 07:54:12 GMT
Last-Modified
Tue, 10 Sep 2019 16:05:47 GMT
Server
nginx
ETag
"5d77c9db-19565"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
103781
BTC_Immune_1_ColostrumProbioticsCaps_detailansicht_hero.png
bethechange.paloma.one/images/medium/product-images/150501/iorquzeac.png/
100 KB
100 KB
Image
General
Full URL
https://bethechange.paloma.one/images/medium/product-images/150501/iorquzeac.png/BTC_Immune_1_ColostrumProbioticsCaps_detailansicht_hero.png
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.203.210.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.115.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
c55876143601f15118cfac9fe689f82cf49776fc4edc3d02bd162f6bb0bcabee

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 29 Feb 2020 07:54:12 GMT
Last-Modified
Tue, 10 Sep 2019 16:06:46 GMT
Server
nginx
ETag
"5d77ca16-18e92"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102034
BTC_Immune_2_ColostrumLiquidExtractPear_detailansicht_hero.png
bethechange.paloma.one/images/medium/product-images/152901/evhxuape.png/
88 KB
88 KB
Image
General
Full URL
https://bethechange.paloma.one/images/medium/product-images/152901/evhxuape.png/BTC_Immune_2_ColostrumLiquidExtractPear_detailansicht_hero.png
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.203.210.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.115.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
fbabec603d8486d477703b2ad7f5ec945ba3f1e6aa8e0b26314e82d673bb8fd9

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 29 Feb 2020 07:54:12 GMT
Last-Modified
Tue, 10 Sep 2019 16:07:37 GMT
Server
nginx
ETag
"5d77ca49-15f9f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90015
BTC_Sports_6_SwissEnergySpread_detailansicht_hero.png
bethechange.paloma.one/images/medium/product-images/137601/iorjtrcam.png/
76 KB
76 KB
Image
General
Full URL
https://bethechange.paloma.one/images/medium/product-images/137601/iorjtrcam.png/BTC_Sports_6_SwissEnergySpread_detailansicht_hero.png
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.203.210.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.115.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
6025f40a4df8613d04a9ceac97616dc5107b8205bf9ccbedb8d462c2cf5e8e0d

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 29 Feb 2020 07:54:12 GMT
Last-Modified
Tue, 10 Sep 2019 16:08:07 GMT
Server
nginx
ETag
"5d77ca67-13087"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77959
klaviyo_analytics.js
fast.a.klaviyo.com/media/js/analytics/
20 KB
7 KB
Script
General
Full URL
https://fast.a.klaviyo.com/media/js/analytics/klaviyo_analytics.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=QuD4Gy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f8dc817b80ca92e9440a677e51e353798f95f9d67bbefcfd4427509703bf92ee
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 29 Feb 2020 07:54:12 GMT
content-encoding
gzip
age
30279
x-cache
HIT
status
200
strict-transport-security
max-age=900
content-length
6980
x-served-by
cache-hhn4033-HHN
last-modified
Wed, 14 Aug 2019 16:06:18 GMT
server
nginx
etag
W/"5d54317a-51c4"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
expires
Fri, 06 Sep 2019 23:28:00 GMT
cache-control
max-age=86400, public
accept-ranges
bytes
x-cache-hits
4442
modules
fast.a.klaviyo.com/onsite/api/v2/
53 B
393 B
Fetch
General
Full URL
https://fast.a.klaviyo.com/onsite/api/v2/modules?company_id=QuD4Gy
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=QuD4Gy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
64e7dfcc1780721fbc6ed47a4abe4c5b63824ac30476d1d86c875ca34902191c
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.bethechange.health/en/
Origin
https://www.bethechange.health
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 29 Feb 2020 07:54:12 GMT
content-encoding
gzip
age
4668600
x-cache
HIT
status
200
access-control-max-age
86400
strict-transport-security
max-age=900
content-length
73
via
1.1 varnish
x-served-by
cache-hhn4057-HHN
access-control-allow-origin
*
server
nginx
vary
Accept-Encoding, Cookie
access-control-allow-methods
GET
content-type
application/json
x-upstream
Sync-Api, Sync-Api
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
1
a
www.googletagmanager.com/
0
56 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-P5L6ZKS&cv=2&v=3&t=t&pid=550263328&rv=2j0&es=1&e=gtm.dom&eid=2&tc=2&z=0
Requested by
Host: www.bethechange.health
URL: https://www.bethechange.health/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 29 Feb 2020 07:54:12 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendors~signupForms.f797d3dde5fa93d1b470.js
static.klaviyo.com/onsite/js/
577 KB
165 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/vendors~signupForms.f797d3dde5fa93d1b470.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=QuD4Gy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d3d95e8c212f704cde4fa8d887b412ea2fa94653b89dd2f2cffeb26e38390ff

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
j4iP37RNqqs.Wr152S.iyMthmAKg6YZI
content-encoding
gzip
age
27774
x-cache
HIT
status
200
date
Sat, 29 Feb 2020 07:54:12 GMT
content-length
168663
x-amz-id-2
y2CcTyEuBD3ELSA6gfeGb3lQxsUQuGvuUXmIPVxq4SYtqXD5AVsiwVLzNLByuAKJfFL4+1aj/JY=
x-served-by
cache-fra19152-FRA
last-modified
Sat, 29 Feb 2020 00:10:40 GMT
server
AmazonS3
etag
"b3c56a56c86e90f4ac5c6debac69797c"
vary
Accept-Encoding
x-amz-request-id
40EE5132D41BEF0E
via
1.1 varnish
cache-control
max-age=2592000
accept-ranges
bytes
content-type
application/x-javascript
x-cache-hits
709
signupForms.460bd4f79eef27c004dc.js
static.klaviyo.com/onsite/js/
282 KB
60 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/signupForms.460bd4f79eef27c004dc.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=QuD4Gy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5372bea6794e238c2797168a691e7609131d700909d5f8c77e24a3dedbe09c6

Request headers

Referer
https://www.bethechange.health/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
7awx_pe6rpFyB7KfkME1zgMqv97I5f2Q
content-encoding
gzip
age
27774
x-cache
HIT
status
200
date
Sat, 29 Feb 2020 07:54:12 GMT
content-length
61421
x-amz-id-2
kq6rOgZMu3f6UqI74NbMSzqmHSbL92jpVCG1ZWElgxF4kqXNw+vI0MnTXw8KM3SeVpna0pczuJI=
x-served-by
cache-fra19152-FRA
last-modified
Sat, 29 Feb 2020 00:10:40 GMT
server
AmazonS3
etag
"1fe7f0f390d6b561a3b392a9e11d18f3"
vary
Accept-Encoding
x-amz-request-id
65EF2C35D6F6102D
via
1.1 varnish
cache-control
max-age=2592000
accept-ranges
bytes
content-type
application/x-javascript
x-cache-hits
726
full-forms
fast.a.klaviyo.com/forms/api/v3/
21 KB
4 KB
Fetch
General
Full URL
https://fast.a.klaviyo.com/forms/api/v3/full-forms?company_id=QuD4Gy
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signupForms.460bd4f79eef27c004dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d0e03eef2a490402b16aa7e71534182521d37b4b65d29107f33edc5cdcbb11af
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://www.bethechange.health/en/
Origin
https://www.bethechange.health
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 29 Feb 2020 07:54:12 GMT
content-encoding
gzip
age
1812153
x-cache
HIT
status
200
access-control-max-age
86400
strict-transport-security
max-age=900
content-length
3600
via
1.1 varnish
x-served-by
cache-hhn4057-HHN
access-control-allow-origin
*
allow
OPTIONS, GET
server
nginx
vary
Accept-Encoding, Cookie
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
x-upstream
Sync-Api, Sync-Api
cache-control
max-age=10
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
1

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| PALOMA object| Translator object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackJsonp function| setImmediate function| clearImmediate object| klaviyoOnsiteJSONP object| SENTRY_RELEASE object| core object| regeneratorRuntime object| _learnq string| __klKey object| scCGSHMRCache object| Cleave

8 Cookies

Domain/Path Name / Value
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: YSC
Value: g7esKDulfcY
www.bethechange.health/ Name: __kla_id
Value: eyIkcmVmZXJyZXIiOnsidHMiOjE1ODI5NjI4NTIsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmJldGhlY2hhbmdlLmhlYWx0aC9lbi8ifSwiJGxhc3RfcmVmZXJyZXIiOnsidHMiOjE1ODI5NjI4NTIsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmJldGhlY2hhbmdlLmhlYWx0aC9lbi8ifX0=
.bethechange.health/ Name: _gid
Value: GA1.2.641196379.1582962852
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: -kXM9xzYAdA
.bethechange.health/ Name: _ga
Value: GA1.2.884531211.1582962852
.bethechange.health/ Name: _gat_UA-134518552-1
Value: 1
www.bethechange.health/ Name: PHPSESSID
Value: p4blf0r1p7vf87pqhgi7lsen0l

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beaster.ch
bethechange.paloma.one
fast.a.klaviyo.com
i.imgur.com
s3.eu-central-1.amazonaws.com
static.klaviyo.com
stats.g.doubleclick.net
www.bethechange.health
www.bugherd.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.swiss-health-nutrition.com
www.youtube.com
116.203.210.115
149.126.4.43
151.101.112.193
151.101.114.133
151.101.14.133
2a00:1450:4001:809::2003
2a00:1450:4001:81a::2008
2a00:1450:4001:81f::2004
2a00:1450:4001:821::200e
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9d
34.230.145.192
52.219.74.179
88.99.141.78
070a2d8bd5ab798caf527222acd1c551392a0ae0cd1fe9e9ce4df737d19ea43d
20a5731c19b9f752d8d4709e8abf0eb55d6a4465180a8e3676e653f80e489150
350e4a7e647c8429ac5ba89b798c3ad3b4530336ef7d7e9e8da9c9554243e9ec
5096daabaddfd59761f84440d0ad167ff3025c1d78f57f01aa85c9f2cd6fda1a
50cdf480934cb1e7c3804469b8d70e71fcf82162069586146075025feaae5b7b
520da6a6e240b27251494f5be305991eaefa0c2555d982f57943fafd19830e5e
550f1ae5d566afed493ab8b5f1dd1b4d5a777ef19d1b3c57bf7b01025fefd38c
6025f40a4df8613d04a9ceac97616dc5107b8205bf9ccbedb8d462c2cf5e8e0d
64e7dfcc1780721fbc6ed47a4abe4c5b63824ac30476d1d86c875ca34902191c
6faed0e4b708dd466ed2caf20a877b4b99ce8f938d31caa3af6f70772ba641ac
7b31159aff22e27fe41ac85626e0dc7899f4b5161ce387501f4d54c424b31bda
83021c694a2666c8a0b41e56a35e0994a485761e9bb3d66279b7775abb8641e0
8d8413bfb0e741b3268dbec65d853434c52653b135fd1d0348d81499f1279fa5
90ab5c070f186c3af3c17605935d9a48cbf3b6ffa3041ebe6de842af1130975e
96cf90230a19ee569cb706495d5fd741e9d8588a13c5af5ed18371cfc8416ef5
9d3d95e8c212f704cde4fa8d887b412ea2fa94653b89dd2f2cffeb26e38390ff
a978f8acfb0a4d06c77f2d9065bcc206bd5b83b75b3184afea0e3ad41ecadd95
b17c91443837b480aa4902aa65b578f35d66d587318a3918909c627ae2617561
b5372bea6794e238c2797168a691e7609131d700909d5f8c77e24a3dedbe09c6
b9a356b9d438c15a279388bb45dd0a62d29b351673ce4ca836dc933a6998f3e1
c10d5e881108530db5a2ea499346b580b4c2d0880c7f4830d10dd74e92583c8a
c28529d71153ffa2b24e91b98ca1581cd5058fcad51465397d5b2a809f39152b
c55876143601f15118cfac9fe689f82cf49776fc4edc3d02bd162f6bb0bcabee
d0e03eef2a490402b16aa7e71534182521d37b4b65d29107f33edc5cdcbb11af
db9b5fe44b09a78c9d0f0058021f7fdb63e2187f4fd3075135976ef7d98ba0ef
df1284eba091de67a160d50badd3717873471daf2ba25010956cff95efec7f76
e0a382bab4337016e732ae7601aaeaffa0e5066be73a6368af15735206498b0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e689270b831964b3fbff3e17fdc3be952cd831cef717bd5ef39bcf0199c4feae
ea913fdaebc7b82617f2c49f361d354b00b53f12e9c45b2f6ec9c2df6996d2c2
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eed0c4f88494b76af5d882c9fd0c92bf0d3af9f34fc947b0b3dbf040ebaecbe0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8cdfe0414eac9a2380c093c8f3de44e1298e2ef2f9fcdf3a999f86c357ab5e2
f8dc817b80ca92e9440a677e51e353798f95f9d67bbefcfd4427509703bf92ee
fbabec603d8486d477703b2ad7f5ec945ba3f1e6aa8e0b26314e82d673bb8fd9
fee05c6738a4b8a3d27969c131de452ae42690462bf46200830c8c9f2f968fb4