Submitted URL: https://yl.fitaoe.com/
Effective URL: https://yl.fitaoe.com/pc
Submission: On June 19 via api from US — Scanned from NL

Summary

This website contacted 12 IPs in 3 countries across 7 domains to perform 49 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is yl.fitaoe.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 28th 2023. Valid for: a year.
This is the only time yl.fitaoe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
19 fitaoe.com
yl.fitaoe.com
307 KB
11 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744
www.google.com — Cisco Umbrella Rank: 5
74 KB
5 googlesyndication.com
6f45f73b6d3c1dfc2dd5d700c7ac1d7d.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
19 KB
5 gstatic.com
fonts.gstatic.com
91 KB
4 suimoo.com
img-trans.suimoo.com — Cisco Umbrella Rank: 502232
4 MB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
177 KB
2 seastt.com
pic2.seastt.com — Cisco Umbrella Rank: 270146
63 KB
49 7
Domain Requested by
19 yl.fitaoe.com 2 redirects yl.fitaoe.com
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
5 fonts.gstatic.com yl.fitaoe.com
4 img-trans.suimoo.com yl.fitaoe.com
4 securepubads.g.doubleclick.net yl.fitaoe.com
securepubads.g.doubleclick.net
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 pic2.seastt.com yl.fitaoe.com
1 www.google.com tpc.googlesyndication.com
1 6f45f73b6d3c1dfc2dd5d700c7ac1d7d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
49 10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
Subject Issuer Validity Valid
fitaoe.com
Cloudflare Inc ECC CA-3
2023-12-28 -
2024-12-27
a year crt.sh
*.g.doubleclick.net
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
suimoo.com
GTS CA 1P5
2024-05-12 -
2024-08-10
3 months crt.sh
seastt.com
E1
2024-04-25 -
2024-07-24
3 months crt.sh
*.gstatic.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
*.google.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh

This page contains 5 frames:

Primary Page: https://yl.fitaoe.com/pc
Frame ID: 93675790A87B23CDDB7AEDF49588B51B
Requests: 45 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 191258AD6D8F37E061B52A5084B8221B
Requests: 1 HTTP requests in this frame

Frame: https://6f45f73b6d3c1dfc2dd5d700c7ac1d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 31929205E08737894E9FEB6401CA08CB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E770FDDF983786C07212AB666C29A3F6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 035A390860B6F24AB5FF7002F05D21C3
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Cureheal - Caring for you, making your health better

Page URL History Show full URLs

  1. https://yl.fitaoe.com/ HTTP 302
    https://yl.fitaoe.com/mobile HTTP 302
    https://yl.fitaoe.com/pc Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

49
Requests

98 %
HTTPS

45 %
IPv6

7
Domains

10
Subdomains

12
IPs

3
Countries

4917 kB
Transfer

6098 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://yl.fitaoe.com/ HTTP 302
    https://yl.fitaoe.com/mobile HTTP 302
    https://yl.fitaoe.com/pc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request pc
yl.fitaoe.com/
Redirect Chain
  • https://yl.fitaoe.com/
  • https://yl.fitaoe.com/mobile
  • https://yl.fitaoe.com/pc
135 KB
15 KB
Document
General
Full URL
https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddc6ab59b5063a9c7bc15181e72cfcd5261c240abbcf930d2e17c9271e748d4f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8961eb148d381e60-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 07:48:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7MtwJcqZeGWPkzT0E1pvhbVsTCf8Ymd0V0Gn0JRkRR6wvsx6U0LKk7pgjAKGU%2FqsfsdCQxim5pk8fT2urrWdEK9UhFkZK4AAm157z%2BumkikghByCDF3vAV95LRHCprgC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache,must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8961eb133b8a1e60-FRA
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 07:48:42 GMT
location
/pc
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MPn%2FIM98avkDSwy4i2NTXfxkLM8Gx%2FGAN%2FcRHFbN%2FpPOjuFK2ozsoUZoSySBKkrJW%2BkwTri6fDOKbVK3MKyM0i5J7f3gvL1l9SPjWfJ56VEGnt%2F7Rfmu3UuTH0OYj%2FNn"}],"group":"cf-nel","max_age":604800}
server
cloudflare
style.min.css
yl.fitaoe.com/medical4/css/
95 KB
16 KB
Stylesheet
General
Full URL
https://yl.fitaoe.com/medical4/css/style.min.css
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/pc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 12 Sep 2023 02:54:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ffd2f5-17ced"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EGaDRLx0kL0WvdfrKhsXbttMFYeW17A2Xwih9gHu8qwia0SrhWzNi1V60clbLUMT26d3zcUb%2BGr1bt84vl%2FkMtvRFs1%2B0JX9puHH5C3tm7PVion12S0KjApsPxWP4n8D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
8961eb163f2f1e60-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 19:48:42 GMT
classic-themes.min.css
yl.fitaoe.com/medical4/css/
291 B
641 B
Stylesheet
General
Full URL
https://yl.fitaoe.com/medical4/css/classic-themes.min.css
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/pc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:42 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Sep 2023 02:54:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ffd2f5-123"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oqnPWyIc3oGP3VQhfv4cLX1gYyjjFKJX2ub2A7OJmABm7lsrizLHKVp6KUP2i9ujQluuBIVGRQ1PCuqxJrNSS42tRDZqH4SLeSySinqWfL35n62Oyjiul4ao4%2FkYrbbs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
8961eb163f351e60-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 19:48:42 GMT
style.css
yl.fitaoe.com/medical4/css/
129 KB
25 KB
Stylesheet
General
Full URL
https://yl.fitaoe.com/medical4/css/style.css?ver=1.0
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89cce14b5ef4c3767a935bca2eaff1eea9f8e2b85864e5995ae0c9b403e12be6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/pc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 12 Sep 2023 02:54:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ffd2f5-205d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BVZ1SZM0dnt0JQYEnw6fAX4gF1xRBojiOvlD6Xl%2Fspsmr%2Fun7ZIKDX0exm7fX5MA%2Bhbqher1FtLM2XGMfG8%2F8fCUysz0MG2AGd3g6SFp%2FYe22rMakSUL982o1PgImWfI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
8961eb163f3c1e60-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 19:48:42 GMT
reset.css
yl.fitaoe.com/medical4/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://yl.fitaoe.com/medical4/css/reset.css
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a56add0a0fe88ca8ad47ea3def87d8d5934976680db80c6530c0b28529854f0b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/pc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 12 Sep 2023 02:54:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ffd2f5-43a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iHwcGsAad0Qr2ybfmF%2FN8c4IlSigwpWZFYYftHKc3s2orCSJxzrogk8xau8gLwsKMzllX0COBtw1qp35qMSSQfvX6LzoK%2BQKGD6ot5T02tN%2FbKv1Bjp5EN0XvJDT%2Bbci"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
8961eb163f3e1e60-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 19:48:42 GMT
all.css
yl.fitaoe.com/medical4/css/
72 KB
15 KB
Stylesheet
General
Full URL
https://yl.fitaoe.com/medical4/css/all.css
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/pc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 12 Sep 2023 02:54:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ffd2f5-11f69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LJjDwbQiPJ2wxtyf%2FpmbcgZb0vRjoiX2cmEEJuLDRtNRFjkE9OXEndEvHLkHkLX2KwfSg4YLgdYWqH6rST56joRzTm1ppZcHIdgcul8UWjp0Jwb9NNJXXNrKEhN7bt%2BZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
8961eb163f3f1e60-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 19:48:42 GMT
font.css
yl.fitaoe.com/medical4/css/
29 KB
2 KB
Stylesheet
General
Full URL
https://yl.fitaoe.com/medical4/css/font.css
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5931f892f06f9c7cead04dc85292064f434ed3b4a142e4b16eeab2c1ecf4543

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/pc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 12 Sep 2023 03:51:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ffe04c-72e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fBeXufVdBswx16%2FLhzxy74dMFtavs9NM9%2BYY12ZZMVVurSgImLgM%2FHsE32827cdqiCO7yC08siaUfvSrH1vK%2FBfMA04GkahIGwREC4ytu35yddcCiCTRHLCcmWdZVRFK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
8961eb163f411e60-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 19:48:42 GMT
media-queries.css
yl.fitaoe.com/medical4/css/
116 KB
17 KB
Stylesheet
General
Full URL
https://yl.fitaoe.com/medical4/css/media-queries.css?ver=1.0
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca98e4112c0368cfa696e1626a368e419a9bc772ac38d7f140992df22a69499

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/pc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 12 Sep 2023 02:54:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ffd2f5-1cfd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=056n81YgU8LCiIG3JNisZ9y4j5neZCIpzjRPRBnOy4KAVUg0gnn8c52foogxUuvJmgk7%2F7olGbVHn3lh0N4sDJPl1fW7%2BI1X%2FkbvChiG%2FH%2BNMdsjN%2FDkxuvpuULG0POR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
8961eb163f431e60-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 19:48:42 GMT
pubilc.css
yl.fitaoe.com/medical4/css/
9 KB
3 KB
Stylesheet
General
Full URL
https://yl.fitaoe.com/medical4/css/pubilc.css?ver=1.3
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a58b5577dbc9a83a7875ef3e06bb8fe54346116ce3be910bc49db56b30f5f09

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/pc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 13 Sep 2023 03:43:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65012fcf-245a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4wx1to%2BhA9hy0nue7MvfgvrCK8TEcaiJH7geNO8wj2HBRomnST3jPpRhAxMdYtH%2Bd8DgY89sLE8tZdKR99wkZAn1E7zYuYI7AkcYDFZORvXlNKVB1jU%2BoBFfON7Ukj0h"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
8961eb163f441e60-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 19:48:42 GMT
jquery.min.js
yl.fitaoe.com/medical4/js/
88 KB
35 KB
Script
General
Full URL
https://yl.fitaoe.com/medical4/js/jquery.min.js
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/pc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 12 Sep 2023 02:54:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ffd2f5-15ed7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QomrL%2BUTp0%2FAKoe75WmcIiNadTblRx7kbLjlKK0EwOcUe9lTtpRz9MPI1Vc6jDXEQLuO5KvnIiQFN2R%2BohvpRU4sDXPvz9wTpeSG%2B7TZlOXTLqdUblBu6JTRgMO2i726"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
8961eb163f451e60-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 19:48:42 GMT
jquery-migrate.min.js
yl.fitaoe.com/medical4/js/
13 KB
5 KB
Script
General
Full URL
https://yl.fitaoe.com/medical4/js/jquery-migrate.min.js
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/pc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 12 Sep 2023 02:54:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ffd2f5-3470"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y1hpPj7fAsGDQRAKBKAww5BCNYj4vaNFNfSCtj2f4KaFkFzIiuDWQ6iZY19fVlNsiaAVOChImXPIQiqpn5Poqy8WfPpjTlUX24YfV6Cm1o70jZ%2FO0WEt%2F5BFxh%2BwvnRx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
8961eb163f471e60-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 19:48:42 GMT
logo.png
yl.fitaoe.com/medical4/images/
12 KB
12 KB
Image
General
Full URL
https://yl.fitaoe.com/medical4/images/logo.png
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe5e8cd41556e4152148b475d113ba6dc4a24ef81a9580ff9c02e41ee3d7a066

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/pc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 12 Sep 2023 02:54:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ffd2f5-316d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7zAEjRMClu0ADdEEwMG1CchX1HsKyeLA4b%2Bgi%2BDOMqi50XZAxH%2BplXOsnA02Ru0srBQWKaF6%2Fr1w41RJdVt%2B2TLZ8RO38VKv8xAAZyK1yb0yjszRBbuqV%2BP2DnbJfTcf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8961eb163f4b1e60-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 19 Jul 2024 07:48:42 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
99 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
afbbd5665946e6e869d98dc5636f5b3a979d2996e5566981bd716b29468f69be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31995
x-xss-protection
0
server
cafe
etag
718 / 19893 / m202406130101 / config-hash: 5515444381961717830
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 19 Jun 2024 07:48:43 GMT
171ac869dac699a7f9b8568248b26a21.png
img-trans.suimoo.com/uploads/image/20230324/
202 KB
203 KB
Image
General
Full URL
https://img-trans.suimoo.com/uploads/image/20230324/171ac869dac699a7f9b8568248b26a21.png
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949ab7af3de3479cbf6dc9c2cd86f1e5dc739d4fefce818d0c7e532d0f2d92b9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
207356
last-modified
Fri, 24 Mar 2023 01:53:03 GMT
server
cloudflare
etag
"641d027f-329fc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Pvcp2BfEJzczz3ZkNj7JutmdwtCXC55Anbdh4kjG%2BWtnxXxFkE44gldprOlP0Bm%2BtiU9uN9OjlMHNpzi27p4TSraFEW%2BDbAyHAwCD8utlqI3Ma5ECBfcVRsLKm%2FnLSrBKswhW6sbA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8961eb169d7b8eb5-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Fri, 19 Jul 2024 07:48:43 GMT
67ec8b535998e5556daf56d6e588a1af.jpeg
pic2.seastt.com/uploads/article/image/20221228/
23 KB
23 KB
Image
General
Full URL
https://pic2.seastt.com/uploads/article/image/20221228/67ec8b535998e5556daf56d6e588a1af.jpeg
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9164d2aae4cb97f1a5e810b5878156c7540200a05cf72a6335d7b79421fe1a18

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
419
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 09 Apr 2024 11:12:46 GMT
server
cloudflare
etag
W/"661522ae-5bc8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rFBzfkHTQrwdUWrfEOeJ9aB4mhtzKMuXwe26qK%2FP6pgfgiAa6FFRE0JVQYpG%2BF9E6EioSNGwsM5Zex3L%2F2W%2BkQaR%2FIBtz9cAKSujp8In%2BFArstp1hUmdazi607voXxjZNxGBCUYJa3tEDaIfSP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8961eb18c8109fc9-AMS
expires
Fri, 19 Jul 2024 07:41:44 GMT
lozad.min.js
yl.fitaoe.com/js/
3 KB
2 KB
Script
General
Full URL
https://yl.fitaoe.com/js/lozad.min.js
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62e2046339ae28406987c7816978f40b3766c7f230a77dcfbccfb6987c2358d6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/pc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 13 Jun 2024 01:49:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"666a5021-c2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8AeAKEqMM22JyotU6jPk%2BzsPjJx77ZxW0Bo8tn3cYGbQGsssbuasTQh8td5KoYdVoFO0YR72lsMxwaV5NJYaQawBxErs4PmIeY8YhtnJ9Aoco%2FHZUxhHfx9GPyTzZlwG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
8961eb18fb2c1e60-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 19:48:43 GMT
mvpcustom.js
yl.fitaoe.com/medical4/js/
0
466 B
Script
General
Full URL
https://yl.fitaoe.com/medical4/js/mvpcustom.js
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/pc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Tue, 12 Sep 2023 02:54:45 GMT
server
cloudflare
etag
"64ffd2f5-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dLeux1BfEA9NO4MpFz%2Bj%2BFSVjdeAeKq7mXfvi9p1lzzvZZQ9Szbc%2FOLyOvWp9Lak5ZP9lODPIWkBmx9MgbQVt0TBNeHN18eTQFQDaNLhx4zgcL1oNQY91mq6Mcc%2FK7XS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
8961eb199c3c1e60-FRA
expires
Wed, 19 Jun 2024 19:48:43 GMT
wpo-minify-footer.min.js
yl.fitaoe.com/medical4/js/
136 KB
49 KB
Script
General
Full URL
https://yl.fitaoe.com/medical4/js/wpo-minify-footer.min.js
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
211b2736debe4b0b448917dfaec04b07c2652ae7776a554698577bc4dc32c50b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/pc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 12 Sep 2023 02:54:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ffd2f5-221ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uUHcRDJSwA5BDADlF0f9O3F1qDXFPeFyni2hfoA3VoOJym6mceY2qM5yf6NvW6KKXQpHb4yesJ5fDtEh24GMhTv4DgXi6xw1j3wyHdg6v4x%2BgmHxDNYLYxle2xXZbjDz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
8961eb199c3e1e60-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 19:48:43 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/medical4/css/font.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Origin
https://yl.fitaoe.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:21:51 GMT
x-content-type-options
nosniff
age
59212
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 15:21:51 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/medical4/css/font.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Origin
https://yl.fitaoe.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:55:46 GMT
x-content-type-options
nosniff
age
60777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:55:46 GMT
fa-solid-900.woff2
yl.fitaoe.com/medical4/webfonts/
76 KB
77 KB
Font
General
Full URL
https://yl.fitaoe.com/medical4/webfonts/fa-solid-900.woff2
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/medical4/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/medical4/css/all.css
Origin
https://yl.fitaoe.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4251
alt-svc
h3=":443"; ma=86400
content-length
78268
last-modified
Tue, 12 Sep 2023 02:54:45 GMT
server
cloudflare
etag
"64ffd2f5-131bc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=08p0Rxn6FWw9TnKyyl1aPkEvrguPK7sU3Gh7zLjY%2B12yn%2B0VG2ceGWkqXwIQjLynK2NA0HdoeQ2zK8blNinuph6UfSeDdUjdQqskVEFXUQuN36oHMVodCdUkO5pi%2B3kS"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8961eb1a0cd11e60-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/medical4/css/font.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Origin
https://yl.fitaoe.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:43:19 GMT
x-content-type-options
nosniff
age
61524
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:43:19 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/medical4/css/font.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Origin
https://yl.fitaoe.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:50:02 GMT
x-content-type-options
nosniff
age
61121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:50:02 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/medical4/css/font.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Origin
https://yl.fitaoe.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:51:06 GMT
x-content-type-options
nosniff
age
61057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28512
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:44:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:51:06 GMT
27a5fe5cb52c6d86ca4c584d9adf1fa5.jpg
pic2.seastt.com/uploads/article/image/20230323/
40 KB
40 KB
Image
General
Full URL
https://pic2.seastt.com/uploads/article/image/20230323/27a5fe5cb52c6d86ca4c584d9adf1fa5.jpg
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0594d1f6a7a385c6eb23547ce2acbee0d7b68fa45fb81c121930eab12e85a3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48498
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 10 Apr 2024 01:08:19 GMT
server
cloudflare
etag
W/"6615e683-9e8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BP7aeuQMpuu0QTXuwahYo1unGdt2T04e68LaeP5CaVQ4ieQBa%2Ffw04cxTWF%2Bt9Tb6dPirkFsPjE94DbJQTuuqTArpLz2EPenacqGQuO4OhOKegAjHYeJDw8A5a7usNvZ28tbqjvd8uItENo4KZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8961eb1a09999fc9-AMS
expires
Thu, 18 Jul 2024 18:20:25 GMT
cadea7b95209933f84fe63b1e4dd9e2e.png
img-trans.suimoo.com/uploads/image/20230314/
2 MB
2 MB
Image
General
Full URL
https://img-trans.suimoo.com/uploads/image/20230314/cadea7b95209933f84fe63b1e4dd9e2e.png
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36fc3ec08b2698f834933ec93c21a8c722753453c5b1e0ad8d977977336d3978

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
80747
alt-svc
h3=":443"; ma=86400
content-length
1608426
last-modified
Tue, 14 Mar 2023 05:59:37 GMT
server
cloudflare
etag
"64100d49-188aea"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUeo4GrpBoiIJvJ9qbEQ0UtZBt3pTH%2FFl75e59u1uYfvPbFV6ZLzrLa%2FJXoWXTtYtz1vJkgjklZBSptr7oX9co0BahSkGnt6W5BEM%2Bd897QZ1qrmKLlTi4umCe98Cj7U3wRaUXvJow%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8961eb1a09728eb5-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Thu, 18 Jul 2024 09:22:55 GMT
93ebe1779881eba35e7e834c2fa1f051.png
img-trans.suimoo.com/uploads/image/20230323/
556 KB
556 KB
Image
General
Full URL
https://img-trans.suimoo.com/uploads/image/20230323/93ebe1779881eba35e7e834c2fa1f051.png
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f8ff4adbf0bca2195ea574af2542df0fab5753f4f9c00e02bb6723e2eef6da5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
158124
alt-svc
h3=":443"; ma=86400
content-length
569039
last-modified
Thu, 23 Mar 2023 01:28:12 GMT
server
cloudflare
etag
"641bab2c-8aecf"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FU7A3AY6om8ZBrBXkncOG1bDh%2FYmbLpCMmpHKYKwXRu1FpLU4dKLCwCQz0tPgk%2FLG1fEykhDEqsfl5P0X9XUvJ6q19BreoLVkhgTjrk9iBaJ3mZsFWLx4NYerf7LUDBHHxt2CmTfLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8961eb1a09748eb5-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Wed, 17 Jul 2024 11:53:19 GMT
3b4f15f2ce50211c3a8220af532fd302.png
img-trans.suimoo.com/uploads/image/20230320/
2 MB
2 MB
Image
General
Full URL
https://img-trans.suimoo.com/uploads/image/20230320/3b4f15f2ce50211c3a8220af532fd302.png
Requested by
Host: yl.fitaoe.com
URL: https://yl.fitaoe.com/pc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94062b3960ad19edeffe6abaa7eba8647af3f6f0aa6d1b7392f80fbd79900488

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261404
alt-svc
h3=":443"; ma=86400
content-length
1898869
last-modified
Mon, 20 Mar 2023 02:42:32 GMT
server
cloudflare
etag
"6417c818-1cf975"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kIldnkt0v8L3JBdG%2FJnaqP43PZJNdUt5aPmnFZQIjhIZeXlwNWj3njkUrONtiEQkGWkP%2Bftg6FrzzlOnQ4F3f5pstmrbNzvJxBSbWhestxUd23SK5TWjT4I3WKe4FuXLIXtocRfIxg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8961eb1a09788eb5-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Tue, 16 Jul 2024 07:11:59 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/
467 KB
146 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
60e0d3bc202871fc6a3126bace9ea0e533987ae39e613e6f44a8e49e96569696
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 05:02:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
9976
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149174
x-xss-protection
0
server
cafe
etag
3598326600462146374
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 19 Jun 2025 05:02:27 GMT
22824143019
fundingchoicesmessages.google.com/i/
197 KB
65 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/22824143019?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dca99d781f49e90f0e959f679301fb5972b3f1059690ef9b5d9d06a58ee56312
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-8DcE8OpjE8bxZ2Ufu_8nPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:43 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-8DcE8OpjE8bxZ2Ufu_8nPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw05BiOHHrNtMFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYg_Pz7H-huIk_6dZy0C4vbPF1inA_GSiIushxIvsgrxcNyedWozm8CGF89mMytpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGJgZmukZmMcXGAAAqIU_CQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW22TFNl_W6VnnbAmiNzVcuD0UoSTWC7DXtfazzcgh6MKvUKIARiow1kVfTqkK7j3ZdhBurmHZGBSvEwExBIbR_aoaTodO8pAHu8pIPEN94ITRelrnupNNdHcL483lTavhKUE7cJg==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW22TFNl_W6VnnbAmiNzVcuD0UoSTWC7DXtfazzcgh6MKvUKIARiow1kVfTqkK7j3ZdhBurmHZGBSvEwExBIbR_aoaTodO8pAHu8pIPEN94ITRelrnupNNdHcL483lTavhKUE7cJg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE4NzgzMzI0LDQzMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3lsLmZpdGFvZS5jb20vcGMiLG51bGwsW1s4LCJyTVcxX1dPaWpUOCJdLFs5LCJubCJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.rMW1_WOijT8.es5.O/am=CAM/d=1/rs=AJlcJMym24oM70GLhvUNCQYrRuJXcZjHsQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8dfd3f652ce725aa11059c74c7ce14926519463405a5d7d545cf5c252ebfd6b1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lUzkF6eV_PCee7Ab4oDYog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:44 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lUzkF6eV_PCee7Ab4oDYog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw0pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLi9s8XWKcD8ZKIi6yHEi-yHnx8kfUkEAtxc9yZdWozm8CM2ZuUlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMzAzN9AzM4wsMAPa7Pd8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 1912
0
0
Document
General
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://yl.fitaoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
608
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28560
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Jun 2024 07:38:36 GMT
expires
Wed, 19 Jun 2024 08:28:36 GMT
last-modified
Mon, 17 Jun 2024 19:47:23 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
2 KB
470 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1491009195966281&correlator=760032696939582&eid=31084449%2C21065724%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406130101&ptt=17&impl=fifs&gdpr=0&iu_parts=22824143019%2Chk_fitaoe.com_mb_50266-yl-1%2Chk_fitaoe.com_mb_50266-yl-2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C336x280%2C320x50&fluid=height%2C0&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1718783324080&lmt=1718783324&adxs=560%2C640&adys=66%2C1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&url=https%3A%2F%2Fyl.fitaoe.com%2Fpc&vis=1&psz=480x280%7C320x-1&msz=480x280%7C320x-1&fws=4%2C516&ohw=480%2C320&ga_vid=1453258213.1718783324&ga_sid=1718783324&ga_hid=250304211&ga_fc=false&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1718783322578&idt=886&adks=262083361%2C2120992936&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
c7af7b8dfd3618dbe3a2247503e4d5d80112ffaf0d993a07ba033bc4877733c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
439
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yl.fitaoe.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6f45f73b6d3c1dfc2dd5d700c7ac1d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3192
0
0
Document
General
Full URL
https://6f45f73b6d3c1dfc2dd5d700c7ac1d7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://yl.fitaoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Jun 2024 07:48:44 GMT
expires
Wed, 19 Jun 2024 07:48:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxX3DAvlAaBzaMicwirqbO2Xt2L1y_Il8j7u4n654bmBAU21C_wnwWn1A1p87I7M97YILwO3XpT5boiGwPS6No0XkYil5By1IFET8JuUpP_XBIFSsRNGnJTrNQ-T5LAcBN1AdjB0yA==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX3DAvlAaBzaMicwirqbO2Xt2L1y_Il8j7u4n654bmBAU21C_wnwWn1A1p87I7M97YILwO3XpT5boiGwPS6No0XkYil5By1IFET8JuUpP_XBIFSsRNGnJTrNQ-T5LAcBN1AdjB0yA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE4NzgzMzI0LDE4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsIm5sIl0sImh0dHBzOi8veWwuZml0YW9lLmNvbS9wYyIsbnVsbCxbWzgsInJNVzFfV09palQ4Il0sWzksIm5sIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.rMW1_WOijT8.es5.O/am=CAM/d=1/rs=AJlcJMym24oM70GLhvUNCQYrRuJXcZjHsQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
b769cf64e0598fdea7717356366001173ad654286de4bd60a703cb16ee5746dd
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-boewTZFacZZpSAoeMru7pQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:44 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-boewTZFacZZpSAoeMru7pQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmII0JBiOHnrNtNFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYg_Pz7H-huIk_6dZy0C4vbPF1inA_GSiIushxKB-PFF1lNALMTNcWfWqc1sAhsuL09V0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjEwMzTTMzCPLzAAAOVaQ4Y"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406130101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f7e5449c55c1469e3571c50de53a98e8c284e684ae41d3cd888c07ada0ec07ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12608
x-xss-protection
0
favicon.png
yl.fitaoe.com/medical4/images/
32 KB
31 KB
Other
General
Full URL
https://yl.fitaoe.com/medical4/images/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07889c9df7f1bf92ee6a48629373b231bbdafdbb8f915e7be66697901afb8baa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/pc
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:44 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 12 Sep 2023 02:54:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ffd2f5-7eab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8cJKcAB4H5B5PYQxzLshXTmN5YznEoWSgyTWM0WwPGVa3WdKc9YJ7F3Wr04Vp%2BS7bh%2F79GA0jawclG91D9KWmqmXhQ8FpwPUUj0wwWXpUOEeuz5kRLPG7uUUSRofWeHU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8961eb217e9c1e60-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 19 Jul 2024 07:48:44 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jun 2024 07:48:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E770
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://yl.fitaoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
9807
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Jun 2024 05:05:17 GMT
expires
Thu, 19 Jun 2025 05:05:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 035A
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZbccdWxzOSpC3wMw_4Mn7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://yl.fitaoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ZbccdWxzOSpC3wMw_4Mn7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 19 Jun 2024 07:48:44 GMT
expires
Wed, 19 Jun 2024 07:48:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads_check.
fundingchoicesmessages.google.com/f/AGSKWxU8_ACEoi6BA46cN3UU1kWtY5SZJ23-h2S2ibJi5EcjL0kPsHp8qSY-5W9hVThQFsD-p-dN5CIt0-s3LeCUWsmBEUKqjdBRBLFFVR2avVzW1bMfdlFQksNsrqb46-pOQpgjeza5FD8dejG9nm1PIjPY3snkm...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU8_ACEoi6BA46cN3UU1kWtY5SZJ23-h2S2ibJi5EcjL0kPsHp8qSY-5W9hVThQFsD-p-dN5CIt0-s3LeCUWsmBEUKqjdBRBLFFVR2avVzW1bMfdlFQksNsrqb46-pOQpgjeza5FD8dejG9nm1PIjPY3snkmUmHwce-9qv3ugpJouFjXog_v1temBnY/_/public/ads_/headvert.-affiliate-link./floating-ad-/ads_check.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.rMW1_WOijT8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxxz7Wpnnj4-jKRUMkHUklYZdrSkw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
126e0493a0e57f0c24d4b9bd30f061e72ba3cda65e9125f6d36efd4d2f7ce91b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NZR-Lm7k874VGbodIYVOpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-NZR-Lm7k874VGbodIYVOpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw1ZBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLi9s8XWKcD8ZKIi6yHEi-yCvFw3Jl1ajObwIurazYzK2kk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBma6RmYxxcYAAD-nTn-"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/
61 B
76 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.rMW1_WOijT8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxxz7Wpnnj4-jKRUMkHUklYZdrSkw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:06:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
2525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
server
cafe
etag
16023549773543154165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 19 Jun 2024 08:06:39 GMT
AGSKWxVBLQFaGz6wT2dBu1XJ4wo3gWOalMnPSZJ53TAtqMFh2x_YBrxl5kcg5BXA2VO6Pw0ocUksMNLkc6sZ2vV3g3e3AIpzQX2bPmcqvJZ5FuVAFILShPodqzfk9dS_ungUy0Hnav2Edw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVBLQFaGz6wT2dBu1XJ4wo3gWOalMnPSZJ53TAtqMFh2x_YBrxl5kcg5BXA2VO6Pw0ocUksMNLkc6sZ2vV3g3e3AIpzQX2bPmcqvJZ5FuVAFILShPodqzfk9dS_ungUy0Hnav2Edw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.rMW1_WOijT8.es5.O/am=CAM/d=1/rs=AJlcJMym24oM70GLhvUNCQYrRuJXcZjHsQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-u8UbidajH0djTm5EIG4JNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jun 2024 07:48:44 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-u8UbidajH0djTm5EIG4JNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw3Fn1qnNbAIvplw-yazkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDM30DMzjCwwAdb8sPg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://yl.fitaoe.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVBLQFaGz6wT2dBu1XJ4wo3gWOalMnPSZJ53TAtqMFh2x_YBrxl5kcg5BXA2VO6Pw0ocUksMNLkc6sZ2vV3g3e3AIpzQX2bPmcqvJZ5FuVAFILShPodqzfk9dS_ungUy0Hnav2Edw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVBLQFaGz6wT2dBu1XJ4wo3gWOalMnPSZJ53TAtqMFh2x_YBrxl5kcg5BXA2VO6Pw0ocUksMNLkc6sZ2vV3g3e3AIpzQX2bPmcqvJZ5FuVAFILShPodqzfk9dS_ungUy0Hnav2Edw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.rMW1_WOijT8.es5.O/am=CAM/d=1/rs=AJlcJMym24oM70GLhvUNCQYrRuJXcZjHsQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3YDMUYTmHja8dcM_Yy8OLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jun 2024 07:48:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-3YDMUYTmHja8dcM_Yy8OLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw3Fn1qnNbAIbfjacZFZyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmhmZ6BubxBQYAY24sBw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://yl.fitaoe.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVBLQFaGz6wT2dBu1XJ4wo3gWOalMnPSZJ53TAtqMFh2x_YBrxl5kcg5BXA2VO6Pw0ocUksMNLkc6sZ2vV3g3e3AIpzQX2bPmcqvJZ5FuVAFILShPodqzfk9dS_ungUy0Hnav2Edw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVBLQFaGz6wT2dBu1XJ4wo3gWOalMnPSZJ53TAtqMFh2x_YBrxl5kcg5BXA2VO6Pw0ocUksMNLkc6sZ2vV3g3e3AIpzQX2bPmcqvJZ5FuVAFILShPodqzfk9dS_ungUy0Hnav2Edw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.rMW1_WOijT8.es5.O/am=CAM/d=1/rs=AJlcJMym24oM70GLhvUNCQYrRuJXcZjHsQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ld2nwgE-nACjWUANm4Xxwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jun 2024 07:48:44 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ld2nwgE-nACjWUANm4Xxwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw3Fn1qnNbAIdl79eY1ZyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmhmZ6BubxBQYAeE8sSg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://yl.fitaoe.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVBLQFaGz6wT2dBu1XJ4wo3gWOalMnPSZJ53TAtqMFh2x_YBrxl5kcg5BXA2VO6Pw0ocUksMNLkc6sZ2vV3g3e3AIpzQX2bPmcqvJZ5FuVAFILShPodqzfk9dS_ungUy0Hnav2Edw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVBLQFaGz6wT2dBu1XJ4wo3gWOalMnPSZJ53TAtqMFh2x_YBrxl5kcg5BXA2VO6Pw0ocUksMNLkc6sZ2vV3g3e3AIpzQX2bPmcqvJZ5FuVAFILShPodqzfk9dS_ungUy0Hnav2Edw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.rMW1_WOijT8.es5.O/am=CAM/d=1/rs=AJlcJMym24oM70GLhvUNCQYrRuJXcZjHsQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ADlY7uysos11kNJeBb4JCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jun 2024 07:48:44 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ADlY7uysos11kNJeBb4JCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw3Fn1qnNbAI_-hdeZVZyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmhmZ6BubxBQYAaissGg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://yl.fitaoe.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWFb98m29CBfnjNH_z37K-DR-k1J5pe0sZhekme2kgam6B5a1ao0WY8eS6IJ48M2JybfHNnS0vEtNb3F4hgPXwJxoMdXyC4BAbpL0_Kkk3Q-srChWOo-BKThIb2gdvQwhGMaPVpSQ==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWFb98m29CBfnjNH_z37K-DR-k1J5pe0sZhekme2kgam6B5a1ao0WY8eS6IJ48M2JybfHNnS0vEtNb3F4hgPXwJxoMdXyC4BAbpL0_Kkk3Q-srChWOo-BKThIb2gdvQwhGMaPVpSQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE4NzgzMzI0LDk2OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwibmwiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly95bC5maXRhb2UuY29tL3BjIixudWxsLFtbOCwick1XMV9XT2lqVDgiXSxbOSwibmwiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.rMW1_WOijT8.es5.O/am=CAM/d=1/rs=AJlcJMym24oM70GLhvUNCQYrRuJXcZjHsQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
09c1fa5e8b79a06b5249fafc956cf3ed53b740dd2b946a8ed481e251ce4fd38f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-P1BMW_1O4HpdCOpqaD6I3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 07:48:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-P1BMW_1O4HpdCOpqaD6I3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw15BiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLi9s8XWKcD8ZKIi6yHEi-yCvFw3Jl1ajObwIdZq28xK2kk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBma6RmYxxcYAAD9Cjnz"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXJAm178rVgQGflyBE00DME8ImRuc2RKpRqYsQ7JEZzTSejBO_b0Gxme1EZf4fuNS71-RbgzywDMAFV-S2ohxssZHOwdbQq8_o2iayfzBUUGtiYKwKj6WZnCFV4Pdu_RP46sDBijA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXJAm178rVgQGflyBE00DME8ImRuc2RKpRqYsQ7JEZzTSejBO_b0Gxme1EZf4fuNS71-RbgzywDMAFV-S2ohxssZHOwdbQq8_o2iayfzBUUGtiYKwKj6WZnCFV4Pdu_RP46sDBijA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.rMW1_WOijT8.es5.O/am=CAM/d=1/rs=AJlcJMym24oM70GLhvUNCQYrRuJXcZjHsQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CyLlGIASWFkPd34t191asg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://yl.fitaoe.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jun 2024 07:48:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CyLlGIASWFkPd34t191asg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzXF31qnNbAI73rx2UnJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBmaGZnoG5vEFBgBOViv0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://yl.fitaoe.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406130101&jk=1491009195966281&bg=!09Cl0J_NAAb64txl2uI7ADQBe5WfOMBgXtlF7noCOiVi4LNSazdYYqA3pUpd5TrXZpHqLXP-iEukEg3O9KxstBeGukW-AgAAAPFSAAAACWgBB34ANeegdnkTRHes95_J0AU4ygXaE9PoT8_he0QhzWvie5n5_q0PGt_3VSHrlEHcpYFK-5HT6pTmmQLe1X4QzGZZUMLaGL5J2wb8Ik-5MAYID7JZhSuW7_FWYExTRASEhg9vaT-uPvbyA_jzsSNUt_d11lCIbIepiNQ4PhHyWkeWwSKpsL0y1A4p6UVL1-7T0-AV5WCUqeVMB5ESxIke1jpBgz6qO3VSwW2LL9O66yZB7JnYx_csnOTE2nB7GzVpgIASEPvfYTsop6YJuDd72QqqFnnzK2VfTri9eUyTezX8-82Mv0iGYqJnPHV_GVGxJzeSjo0biy7CXlUcJEptglM5ZZ7wYvsnZSBgaBtVZm08IatiTtua2c65vGFCEkVK5Gq0wDxWsJCurm38g9-QIgXAiB_Q5EVFfTSSyiV7UBdAmvRy5L4W_0vgeQfUmIZbk7lrGjHfGTkFiqhy4VVEWi186rCsV0iRhdHSFJHHSuRfNRpCB90y8H1S3wehBONcSO7e0c-JvnYOVu-41d5_5_jYgOQL84-CuK7zckCr6IKUwtxH0tgKHkLfioVag9jbBilDNgkY1kzzcuFSlsMdnHPAK627Foy3fX6rjQy8VG1jxNijsVcBdilLb3jF0itAjN5yawtc7ETsdfba8MtvJzNM0kJs3wVw2HH88fpaN2LjcJals0RVaGIjwD1Lp49pFHl240_O0xujEw9ZhTGOfLYlHj7RyncDyR01AlHCT--Gp72EAYeqhBagq5V5YxaKr20jSR-lYpEl7Wq5P-4d2Z6XmoN36vegC1OY0tpT7VV5cdyTu0OolN-Tlx8pxlT2lZXcrMcUqFFtyCu9a3iNWDw25weIsHwRQtUrLckrCExg0QuPpW9I4or05BpXSpjVb3AMJpJp59JTV4r12zubtyoQZKb-qzZCUiwIbjEaV37RL9_YfJ1DbGjItJdCSUlOk_d4L3pvvNxSwy_iW6ItbN8MmYcD64lUm3zyBanSxonFstD8xzaiJdALlnCVL98Af8hV2ogqdWnniZhdKrC3Y7x_mn2F7Qx5JSI

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 undefined| event object| fence object| sharedStorage undefined| $ function| jQuery object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue function| lozad function| loadCSS undefined| google_measure_js_timing object| google_reactive_ads_global_state function| ResizeSensor object| NiceScroll function| retinajs object| addComment function| BezierClass number| a object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NmMzNTQ1Yjk3YzUxOTc4YmxvYWRlcl9qcw== string| NmMzNTQ1Yjk3YzUxOTc4YmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state number| google_unique_id object| gaGlobal object| GoogleGcLKhOms boolean| f787ee2f-7d93-466c-9fe1-ef6ed0f0f91f object| google_image_requests

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.fitaoe.com/ Name: __gads
Value: ID=328ebcf77b6d702d:T=1718783324:RT=1718783324:S=ALNI_MaoWTaAUp2Ph9lkvDLtlIFIp4BUCw
.fitaoe.com/ Name: __gpi
Value: UID=00000e5e6fb7b78b:T=1718783324:RT=1718783324:S=ALNI_MZiJHxSE3g6wI2y2i0ZYMhUuwYgNA
.fitaoe.com/ Name: __eoi
Value: ID=cdebccc3362d15d8:T=1718783324:RT=1718783324:S=AA-AfjYFvEEpKxTFOVPrDLEbFYDz
.fitaoe.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-877DW2JUqM-oWE-GhFb-v2ctYfjwWzcySLqvUSDaPPHNm1Jl569srcdBO2QF4RN8xCej5s0ODdC0nbIOuProPWkPwSxsd3zT62sMWyBCNYpyuILkH9qsN6MUXeyHIRf7iUtQzwhD6IUstEl_wwsUucPYh_w%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6f45f73b6d3c1dfc2dd5d700c7ac1d7d.safeframe.googlesyndication.com
fonts.gstatic.com
fundingchoicesmessages.google.com
img-trans.suimoo.com
pagead2.googlesyndication.com
pic2.seastt.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
yl.fitaoe.com
pagead2.googlesyndication.com
142.250.185.226
142.250.185.228
142.250.186.110
188.114.96.3
188.114.97.3
216.58.206.34
2606:4700:3038::6815:eb77
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
07889c9df7f1bf92ee6a48629373b231bbdafdbb8f915e7be66697901afb8baa
09c1fa5e8b79a06b5249fafc956cf3ed53b740dd2b946a8ed481e251ce4fd38f
0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc
126e0493a0e57f0c24d4b9bd30f061e72ba3cda65e9125f6d36efd4d2f7ce91b
211b2736debe4b0b448917dfaec04b07c2652ae7776a554698577bc4dc32c50b
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
36fc3ec08b2698f834933ec93c21a8c722753453c5b1e0ad8d977977336d3978
3f8ff4adbf0bca2195ea574af2542df0fab5753f4f9c00e02bb6723e2eef6da5
4e0594d1f6a7a385c6eb23547ce2acbee0d7b68fa45fb81c121930eab12e85a3
60e0d3bc202871fc6a3126bace9ea0e533987ae39e613e6f44a8e49e96569696
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e2046339ae28406987c7816978f40b3766c7f230a77dcfbccfb6987c2358d6
6a58b5577dbc9a83a7875ef3e06bb8fe54346116ce3be910bc49db56b30f5f09
89cce14b5ef4c3767a935bca2eaff1eea9f8e2b85864e5995ae0c9b403e12be6
8dfd3f652ce725aa11059c74c7ce14926519463405a5d7d545cf5c252ebfd6b1
9164d2aae4cb97f1a5e810b5878156c7540200a05cf72a6335d7b79421fe1a18
94062b3960ad19edeffe6abaa7eba8647af3f6f0aa6d1b7392f80fbd79900488
949ab7af3de3479cbf6dc9c2cd86f1e5dc739d4fefce818d0c7e532d0f2d92b9
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
a56add0a0fe88ca8ad47ea3def87d8d5934976680db80c6530c0b28529854f0b
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
aca98e4112c0368cfa696e1626a368e419a9bc772ac38d7f140992df22a69499
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afbbd5665946e6e869d98dc5636f5b3a979d2996e5566981bd716b29468f69be
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b769cf64e0598fdea7717356366001173ad654286de4bd60a703cb16ee5746dd
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c5931f892f06f9c7cead04dc85292064f434ed3b4a142e4b16eeab2c1ecf4543
c7af7b8dfd3618dbe3a2247503e4d5d80112ffaf0d993a07ba033bc4877733c6
dca99d781f49e90f0e959f679301fb5972b3f1059690ef9b5d9d06a58ee56312
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
ddc6ab59b5063a9c7bc15181e72cfcd5261c240abbcf930d2e17c9271e748d4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7e5449c55c1469e3571c50de53a98e8c284e684ae41d3cd888c07ada0ec07ee
fe5e8cd41556e4152148b475d113ba6dc4a24ef81a9580ff9c02e41ee3d7a066