urlscan.io logo urlscan.io
SecurityTrails logo

www.northmedicalspa.com Open in urlscan Pro
63.35.51.142  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://northmedicalspa.com/
Effective URL: https://www.northmedicalspa.com/
Submission: On June 18 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 57 HTTP transactions. The main IP is 63.35.51.142, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.northmedicalspa.com.
TLS certificate: Issued by R3 on April 15th 2024. Valid for: 3 months.
This is the only time www.northmedicalspa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    75.2.70.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com
northmedicalspa.com
1    63.35.51.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-51-142.eu-west-1.compute.amazonaws.com
www.northmedicalspa.com
19    172.64.153.29 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net
www.google.com
3    172.67.71.162 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.popupsmart.com
1    18.172.112.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-107.fra60.r.cloudfront.net
cdn-images.mailchimp.com
1    54.231.228.64 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    52.222.232.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-99.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    18.66.112.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-109.fra56.r.cloudfront.net
uploads-ssl.webflow.com
3    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
2    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.google.de
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
19 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 9424
3 MB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
558 KB
5 webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 15029
397 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
303 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 68
region1.google-analytics.com — Cisco Umbrella Rank: 2347
21 KB
3 popupsmart.com
cdn.popupsmart.com — Cisco Umbrella Rank: 76996
33 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 5
region1.analytics.google.com — Cisco Umbrella Rank: 3078
993 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
72 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 8196
126 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 132
305 B
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 457
fonts.googleapis.com — Cisco Umbrella Rank: 77
7 KB
2 northmedicalspa.com
northmedicalspa.com
www.northmedicalspa.com
10 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
30 KB
1 amazonaws.com
s3.amazonaws.com
140 KB
1 mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 7324
2 KB
57 16
Domain Requested by
19 cdn.prod.website-files.com www.northmedicalspa.com
6 www.googletagmanager.com www.northmedicalspa.com
www.googletagmanager.com
5 uploads-ssl.webflow.com cdn.prod.website-files.com
3 fonts.gstatic.com fonts.googleapis.com
3 cdn.popupsmart.com www.northmedicalspa.com
cdn.popupsmart.com
2 www.facebook.com www.northmedicalspa.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.northmedicalspa.com
connect.facebook.net
2 www.google.de www.northmedicalspa.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net www.northmedicalspa.com
1 s3.amazonaws.com www.northmedicalspa.com
1 cdn-images.mailchimp.com www.northmedicalspa.com
1 www.google.com www.northmedicalspa.com
1 ajax.googleapis.com www.northmedicalspa.com
1 www.northmedicalspa.com
1 northmedicalspa.com 1 redirects
57 21
Subject Issuer Validity Valid
www.northmedicalspa.com
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh
prod.website-files.com
GTS CA 1P5		 2024-04-26 -
2024-07-25		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
popupsmart.com
E1		 2024-05-02 -
2024-07-31		 3 months crt.sh
cdn-images.mailchimp.com
Amazon RSA 2048 M02		 2023-06-20 -
2024-07-17		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-05-25 -
2025-05-02		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
uploads-ssl.webflow.com
Amazon RSA 2048 M02		 2023-07-29 -
2024-08-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google.de
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-27 -
2024-06-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.northmedicalspa.com/
Frame ID: 9CA2102DC6A5567EBBA230B996680495
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

North Medical Spa | Toronto, Oakville, Collingwood

Page URL History Show full URLs

  1. http://northmedicalspa.com/ HTTP 307
    https://northmedicalspa.com/ HTTP 301
    https://www.northmedicalspa.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
  • cdn-images\.mailchimp\.com/[^>]*\.css
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

57
Requests

100 %
HTTPS

48 %
IPv6

16
Domains

21
Subdomains

21
IPs

4
Countries

4885 kB
Transfer

6883 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://northmedicalspa.com/ HTTP 307
    https://northmedicalspa.com/ HTTP 301
    https://www.northmedicalspa.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.northmedicalspa.com/
Redirect Chain
  • http://northmedicalspa.com/
  • https://northmedicalspa.com/
  • https://www.northmedicalspa.com/
42 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.northmedicalspa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.35.51.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-51-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
254eef55d04e821dfe8d82a67979b47d68941fa170d54a6eca5160750114e694

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-length
9674
content-type
text/html
date
Tue, 18 Jun 2024 00:55:24 GMT
vary
x-wf-forwarded-proto, Accept-Encoding
x-cache
MISS
x-cache-hits
0
x-cluster-name
eu-west-1-prod-hosting-red
x-lambda-id
654233cf-aa50-4d26-9e55-8fe6421dab75
x-served-by
cache-dub4321-DUB
x-timer
S1718672123.416814,VS0,VE613

Redirect headers

content-length
166
content-type
text/html
date
Tue, 18 Jun 2024 00:55:23 GMT
location
https://www.northmedicalspa.com/
north-medical-spa.webflow.fd48a019d.css
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/css/ 		116 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/css/north-medical-spa.webflow.fd48a019d.css
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f59d7194ab4ee006e5af6bb17949fddf09efea7e77d4ad10dae38ab16d709b7c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
content-encoding
gzip
x-amz-version-id
YWoYpeQ19DlD4H7dE26Xp0UHlikqUgN_
cf-cache-status
HIT
x-amz-request-id
03KM61TBDJ3JB1KF
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
20382
x-amz-id-2
dso3OOprHj33+y/YXs2mYtsZAplFXcKTXTIHuSK0O8LFSr7oJYfYoJtDp4tbInYp8vUHrN7do4c=
last-modified
Fri, 31 May 2024 10:22:29 GMT
server
cloudflare
etag
"cc8cf6caf1f76cde6ff48c98d8ba3e31"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
cf-ray
89575047bf8a2671-TXL
expires
Wed, 19 Jun 2024 00:25:24 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:42:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 00:42:19 GMT
js
www.googletagmanager.com/gtag/ 		255 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZE3TJL8E16
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4460bc2f7ef1f41aba7bd4d046c5d3f6cae2b1a90bcac1b91a5835fad8f4a135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92030
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 18 Jun 2024 00:55:24 GMT
api.js
www.google.com/recaptcha/ 		1 KB
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
2e330e8990203ba9f9131837c7d39e41b1558dd7a40c2ec2361e7cb22e1ebea0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 18 Jun 2024 00:55:24 GMT
bundle.js
cdn.popupsmart.com/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.popupsmart.com/bundle.js
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00cc63b111441e806249634a69ef055ae55c2970fed3a8f8450d540175b18d1a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
RQXNSG8MTA7DVWC6
age
5434
cf-polished
origSize=86703
x-amz-server-side-encryption
AES256
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
1mTF5UIa9E3dq+yBVotE5upnSZYyE7Ohg+WUXRI6Z88dfatM1b30mAWACAHfWVRix1K9skPa2P8=
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 12 Jun 2024 08:33:09 GMT
server
cloudflare
etag
W/"f4c83b5e2c0e5d3a28c2401a95f2c33b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zE7Ym3thjmsb%2BwHuQDtg4UraYGh4FF1CtosQoMuTFH%2BfvrjuZWBanct5H52R3c3kdo93aMN5QVe3VScRVruiWDnMNA7O2ZXDOx%2B4mRwG1Cj5to39daJKIRCEKTeXwO9orVHO3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
permissions-policy
microphone=()
cf-ray
89575048ec8f4d50-FRA
js
www.googletagmanager.com/gtag/ 		308 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9YGBNY754K
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9a9829ea8c8841b1681c90b574a6a6ac924edcafcc1c28e36fc4238d114d1f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105839
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 18 Jun 2024 00:55:24 GMT
61699170f9040f43993947df_North-Medical-Spa-Logo-Nav.svg
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/61699170f9040f43993947df_North-Medical-Spa-Logo-Nav.svg
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e19ed0a03b2c265876a66eb1e3e1f99c707a8a020d534793c96e87253805d71f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
kOmYoJ0nPX4LQYsQxa2FhvzIIy9QmZZn
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
H2728RB0HV780M9F
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Ve+19tjRiZUn6Ft1xrJsNuQ2kGnwTqKPrrAGGtmvQ8ToHtVilF15HxvAHqmvJUwDRQSRPDeqisI5APamPyoBOA==
last-modified
Fri, 15 Oct 2021 14:34:26 GMT
server
cloudflare
etag
W/"987111417c84d28757f32a622cd74158"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89575047bf852671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 7b2737d1601ba8c676e6f68b6aa113d8.cloudfront.net (CloudFront)
date
Mon, 17 Jun 2024 01:02:49 GMT
last-modified
Thu, 17 Dec 2015 16:52:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
age
85956
etag
W/"ae0fc9b84c30cada1784022044962394"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
nfN01PZdSjyu4Y_8aCdzwiOsalFoYAraGEB-v_YcEP8Nr51Hgqu9rw==
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
54.231.228.64 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 00:55:25 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
YA4Q310XHJVQVEZQ
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
d4zu1VI5Z+LKsWuwiG8Al7Fo/wpzAltBLHfIyvhp/FWxqcfNKNdET1GD43gVYunXF5j7l/NUBkA=
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=614df36c33adfd078fcd6d29
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Origin
https://www.northmedicalspa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 05:14:35 GMT
content-encoding
br
via
1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
age
70850
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
NqQuDSixrTSVoaz6EPsnRlR3lHyDMZd1Yxj-1KY6Netx6NOgvfJBtw==
webflow.f0ea0a2e6.js
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/js/ 		209 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/js/webflow.f0ea0a2e6.js
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38e24c27456ea61d5a35fde12098bb4c3a50a3ecdd4d4d23058edbdc8e1c2356

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
content-encoding
gzip
x-amz-version-id
8XM4WiJaLh1uMUsIeJZappumXWGB6i8M
cf-cache-status
HIT
x-amz-request-id
03KJYABYFB8MCETF
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
76704
x-amz-id-2
oJ4UEaxx5dRHOCQGZbXlA85PFsZeCOh4r9IsNMF/Tfk7ne+rVaJa7jrgMWdLoLupkRM49A9H97U=
last-modified
Fri, 31 May 2024 10:22:29 GMT
server
cloudflare
etag
"ab8319e504fbeda9fcf6c702309f5c02"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=84600
accept-ranges
bytes
cf-ray
8957504878922671-TXL
expires
Wed, 19 Jun 2024 00:25:24 GMT
css
fonts.googleapis.com/ 		32 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CPacifico:regular
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a526afb3dcf625a39390d03046e73fe2682c64615bf1552e17cca8d2ce0d516a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jun 2024 00:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jun 2024 00:55:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jun 2024 00:55:24 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/ 		518 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d865eecf3e86c11ab224434aecb84384c87cd8e52f5f0d5fb2f9b5291eab8578
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Origin
https://www.northmedicalspa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 16:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
210217
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 16:44:59 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Jun 2025 16:16:42 GMT
gtm.js
www.googletagmanager.com/ 		280 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KQQGH7S
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf4d58e061732ea90527e44943b2c0faff6b03dcf690b6f542974b8fde6a6c90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99606
x-xss-protection
0
last-modified
Tue, 18 Jun 2024 00:28:23 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 18 Jun 2024 00:55:24 GMT
6169a86a8bfa97ab38792a51_SuisseIntl-Book-WebXL.woff
uploads-ssl.webflow.com/614df36c33adfd078fcd6d29/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/614df36c33adfd078fcd6d29/6169a86a8bfa97ab38792a51_SuisseIntl-Book-WebXL.woff
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/css/north-medical-spa.webflow.fd48a019d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cefce2f30682017640afd68dbbb1019a8af8c8f2242feb014c2ab66bf451b5c9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://www.northmedicalspa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 18:28:03 GMT
x-amz-version-id
ZZgacuIl_bZ2Uw29Pp7qn2YK7Kccc3Jo
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
age
282442
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
55074
last-modified
Fri, 22 Oct 2021 15:27:11 GMT
server
AmazonS3
etag
"3afc1b09a3c11fa4095609da34a179cb"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
K4IjganF3yRj4HdLF-taPuAGYhGjQ2NHMaQzfvUG2KhP76cnU24Pfw==
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

Referer
Origin
https://www.northmedicalspa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
6176c74bbe0adc3ba9a31352_SuisseIntl-Medium-WebXL.woff
uploads-ssl.webflow.com/614df36c33adfd078fcd6d29/ 		84 KB
84 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/614df36c33adfd078fcd6d29/6176c74bbe0adc3ba9a31352_SuisseIntl-Medium-WebXL.woff
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/css/north-medical-spa.webflow.fd48a019d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b11124cb481e88818171533fff8fd7639643b591b0fcedeb0fb8794e0764f1f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://www.northmedicalspa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 23:06:57 GMT
x-amz-version-id
RrraaUa73QjMcVS.2GI4z5coBuwQD2H6
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
age
1561707
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
85600
last-modified
Mon, 25 Oct 2021 15:03:40 GMT
server
AmazonS3
etag
"21b6494c3338671449c6d5ddf8995ad5"
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
bKzloP6iRmJiADiWxAfjc-HOC9lW-oI2-79HnD9mqj3PHY7pp0t45Q==
6176c721c65bb0effc663cf6_SuisseIntl-SemiBold-WebXL.woff
uploads-ssl.webflow.com/614df36c33adfd078fcd6d29/ 		84 KB
85 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/614df36c33adfd078fcd6d29/6176c721c65bb0effc663cf6_SuisseIntl-SemiBold-WebXL.woff
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/css/north-medical-spa.webflow.fd48a019d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f84d1b9cd8b10966e350efa596f3ac5d736c8593ec738f19f7318c8e875e5520

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://www.northmedicalspa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 23:06:52 GMT
x-amz-version-id
7VM3fPjkSy6wCgsbITEoUYThNys.EX00
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
age
1561713
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
86248
last-modified
Mon, 25 Oct 2021 15:02:58 GMT
server
AmazonS3
etag
"ad0c546b53587e8d8a40c89a528134d7"
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
K2zNn8UtFKaxir3rQUwwT3Qpz7hxQXaqw3E3tYHr8srn67cWK7Rcqg==
6169a83a79cd31830c58a88f_SuisseIntl-Bold-WebXL.woff
uploads-ssl.webflow.com/614df36c33adfd078fcd6d29/ 		85 KB
85 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/614df36c33adfd078fcd6d29/6169a83a79cd31830c58a88f_SuisseIntl-Bold-WebXL.woff
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/css/north-medical-spa.webflow.fd48a019d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
039376505ee52fca1a76176c54fd0483c22e9cda7041c33be21a62b1483b6781

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://www.northmedicalspa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 14 Feb 2024 00:14:52 GMT
x-amz-version-id
N7lUE62bzHrFTb_GNI7wTp9NwLVGj9Nu
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
age
10802433
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
86887
last-modified
Fri, 15 Oct 2021 16:11:40 GMT
server
AmazonS3
etag
"572fb10eaf8f8e1632d15072eb1d35e7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
VraN1NfoU-BJWB-2SRyWwY7Qvg7sn_sqB4TyVga6u448A7j_9F3YRQ==
61a69b877296aa368a7d1fdb_Account.png
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/61a69b877296aa368a7d1fdb_Account.png
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e08062bedfdeea7fa549bcd42e6a1bfce68deb37b5207869c67d7c6a03c28a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
nh4Ws.rGED3oF9a4MdneG2ja18RDFb1i
cf-cache-status
HIT
x-amz-request-id
03KTM1AHR7TKC1CM
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
1706
x-amz-id-2
fivT2lrYjSZx+2ISN6p9QFpYT3fB3F1rBJItKMjEwVoEPNWXAzCyvZ2sHtTmlOSL1Sm9N/57nSA=
last-modified
Tue, 30 Nov 2021 21:45:44 GMT
server
cloudflare
etag
"b8976042a8620043e0f9cbae9e3284f3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504898b22671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
61a69bb2c2bbdc482035eaf2_calendar.png
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		667 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/61a69bb2c2bbdc482035eaf2_calendar.png
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f58122931447086efa3fb8ced3dbfc00e391d2353bf43697faeac61d92a9ce46

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
MFSBQQvT6Gqh61K3kbJKr_uNOrlFfVhy
cf-cache-status
HIT
x-amz-request-id
03KYC2AJN36QQR30
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
667
x-amz-id-2
XyTR1/UwCLdd3rY1NQi9KzLtdYY3aNJJVlfDnsAY0YEDVsF+NNvFCGhfByBPIlyVNG2ZH5J17LA=
last-modified
Tue, 30 Nov 2021 21:46:27 GMT
server
cloudflare
etag
"0dbb3c7e5c3aba8b691a5343c8cd6771"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504898b92671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
61a69bb79c4651b1aecbdd13_shop.png
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		759 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/61a69bb79c4651b1aecbdd13_shop.png
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cc8e1f7f9d4c1eb9084740f3e902bd5bbacf8ddd7cadf1092817242871c3538

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
2NzUwDlPt2yi4nZMnMg_ok7jMSZW7TT4
cf-cache-status
HIT
x-amz-request-id
03KK63GSKHSGW4Z4
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
759
x-amz-id-2
//JseLATW7rkaJyqf58gnlZM7vKrDPYtkw7dbLcZBKgN2Sdr5o7TyybpNCn3L1BqT4xpqGtj/3s=
last-modified
Tue, 30 Nov 2021 21:46:32 GMT
server
cloudflare
etag
"000fd5254349416a49e2c6924b7089f4"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504898bf2671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
6659a510b320496557f15c1c_HYDRAFACIAL%20-%20FRONT%20PAGE%20-%20JUNE%20OFFER%20(1).png
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		480 KB
481 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/6659a510b320496557f15c1c_HYDRAFACIAL%20-%20FRONT%20PAGE%20-%20JUNE%20OFFER%20(1).png
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
571bc497e3494f10e4d63f7befb806ae65b495b434a09c9f33a343a507006fbc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
vDTrawrZB3ttkm8R0dugEmrM0rcBNlx8
cf-cache-status
HIT
x-amz-request-id
6NYKRYQ12BMFTVWV
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
492012
x-amz-id-2
gf6imvpEBF+rMI+sb46mAwjcNT1RKHeH1PNyMgwsHjFQ1HjM4dBxkOEVby4RPiWXg7/p5ZCj9j8=
last-modified
Fri, 31 May 2024 10:23:13 GMT
server
cloudflare
etag
"bdbbc630d13ec443864ac0fd760fb180"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504898c22671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
656df83debf01a21dd2367e3_IMG_7839.jpg
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/656df83debf01a21dd2367e3_IMG_7839.jpg
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29f13a091f5ad477174b108e0e07a6c2758f7ee15ecb292608ccc9ea6d020756

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
VDfBF8u_aUZsdPbTXVJf2HBlrDJTj5wA
cf-cache-status
HIT
x-amz-request-id
9DANE624RXY2DR0G
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
85535
x-amz-id-2
q+D1wCvLyFmgt4VR1ndAv6kT2j2nev1jobVYAPjtsj2HGkRD2wBur6Ux/NysxmWJFuPIJ5ALh3U=
cf-bgj
h2pri
last-modified
Mon, 04 Dec 2023 16:03:10 GMT
server
cloudflare
etag
"35425c0f83bef1952a3045905e4214c5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504898c52671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
62f3f5a9df91455a9222cc7f_Your%20best%20friend%20in%20skincare%20(1)-p-500.png
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/62f3f5a9df91455a9222cc7f_Your%20best%20friend%20in%20skincare%20(1)-p-500.png
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f28869a598359c7002741c502d3a0a53b76331f512e600f063289b09241b382d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
fVbXE_DiEGIgphUKeq_3X1_i8OwNr.zd
cf-cache-status
HIT
x-amz-request-id
03KYPDX50RJNK4FX
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
19573
x-amz-id-2
Q2T0WpJvHa1HajAYzWtr9P3Hh6y5aruiAYYg9RAagflfKP3ycDEEcrYG8tsTrAzi9cFiVvkviIM=
last-modified
Wed, 10 Aug 2022 18:15:08 GMT
server
cloudflare
etag
"62193f9306078f05c68e0d79fed6e5b8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504898c72671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
61a6ea58abb8bf2724f614b4_Untitled%20design%20(22)-p-500.png
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/61a6ea58abb8bf2724f614b4_Untitled%20design%20(22)-p-500.png
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4262506f5db814d387521de59cbab317392b3c82d91ce57bf81003400b18085f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
yNas4Y5rKBe74fc6525orm_BMkswrmCJ
cf-cache-status
HIT
x-amz-request-id
QT29HVQVEGMY98NF
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
106668
x-amz-id-2
VNUCqoxkKRBtoj7E5e1GR36dPte7JpqyTwX81z92WWMvluGJiMhYaBUx2AZqjnAdTWLncMY1qrM=
last-modified
Wed, 01 Dec 2021 03:22:02 GMT
server
cloudflare
etag
"25c9decdc08d8ebc634eb7cd71c512e0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504898c92671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
61a6eb037def3756a62815d6_Untitled%20design%20(25)-p-500.png
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/61a6eb037def3756a62815d6_Untitled%20design%20(25)-p-500.png
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
877a5f85701ff2a234977144ff9818844f5bfd85edc04fff11ef722f39542a73

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
D2I.M8L7QrQGcer2VuhV96b6zctZ.ypR
cf-cache-status
HIT
x-amz-request-id
D28NNFZWNKMH7CPM
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
42208
x-amz-id-2
k1QCq/3cJsXXgir602P6CwWjKCJvTrrGBr1icBTVnDpCE//ukYFqjdabwM9aTz8I4Sgl01O6TF0=
last-modified
Wed, 01 Dec 2021 03:24:53 GMT
server
cloudflare
etag
"7812032f5d7aab0501345e1c27bc90fd"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504898ca2671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
61a6eb3887566d686e8b7293_Untitled%20design%20(26)-p-500.png
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		332 KB
332 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/61a6eb3887566d686e8b7293_Untitled%20design%20(26)-p-500.png
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b8e5f67644538ddad45b17974cfd9787c2761fe39a74f445c23973f7cc168b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
TyQUp2FckSAogqH7j7z6GZQP81qK.On4
cf-cache-status
HIT
x-amz-request-id
D28SE8QTWFH6BN80
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
339564
x-amz-id-2
kbxPKqauK28LnUSp87EgC8kTO7psgs/amajPDxko9tjzLiFV2cMcFux3yGPt8ciCV5pApPZx3Bs=
last-modified
Wed, 01 Dec 2021 03:25:47 GMT
server
cloudflare
etag
"7d1ab2fe473909db483e46e7c10aa35e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504898cc2671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
617702845c8bc52928d16c9d_nms-new-to-north-badge%402x.png
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/617702845c8bc52928d16c9d_nms-new-to-north-badge%402x.png
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8025cb38d35dc4f4a0efb8d71af8d45065870d7ffd89383564fb229f450511d9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
r_ezsATVUfVyl2IxfhBMo9DcrT0d6Gp3
cf-cache-status
HIT
x-amz-request-id
D28NT2DCA70683MJ
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
13022
x-amz-id-2
/f0GeHUgcp+SLdK0C5qqVegw3f7krrfFFvSBrQHpS4WNuHma0XN/qKQ/p/+fu/mhsM32b/7DwbrH3Tzu8VmM2Q==
last-modified
Mon, 25 Oct 2021 19:16:22 GMT
server
cloudflare
etag
"6a68b2e07be70f4e842dcfd243e4dcc7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504898cf2671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
6369da14a274eb6c8f14b545_Asset%2070.png
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		636 KB
636 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/6369da14a274eb6c8f14b545_Asset%2070.png
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
578e15bbf30cbd73dd27bde5889b50728dc55cc018aa7837685fd506de0e9878

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
75VQtOTPjpWXOUatyKxmO36zE0iQzeKr
cf-cache-status
HIT
x-amz-request-id
D28SQMEE3JTW9VX3
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
651098
x-amz-id-2
rhmlcjH//ku/zA0xdwqKyJ0+7VEP//VZMEVJsp0l+l2xAs48+8PV90OXytH6dMGd5fyIvNCteHA=
last-modified
Tue, 08 Nov 2022 04:24:53 GMT
server
cloudflare
etag
"8612322c0078869f5db3da8468f9df67"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504898d02671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
6176da65d1732f055c8bccce_Mask%20Group%20798%402x-p-500.png
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		378 KB
379 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/6176da65d1732f055c8bccce_Mask%20Group%20798%402x-p-500.png
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
883ab6b222727838506f6194345f238589414aa85f71e5170f2f1bd5ec59fea8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
Ykl_uMpgpxkE.9rLX1QWozcknRIuX0tn
cf-cache-status
HIT
x-amz-request-id
Y3C66CG6RER250TH
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
387249
x-amz-id-2
PtQ9eKbg1KN4EguIIJ4bzMyiaF2PV1QyEqy9Ee+xkWn2RqKc6ddRQOznKcG4e6tWbHq2rDvygtM=
last-modified
Mon, 25 Oct 2021 16:25:12 GMT
server
cloudflare
etag
"3683cab3a97a34ac9cd508ba68b5bb2d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504898d22671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
6176da6f9186ac6f3e1865f1_Mask%20Group%20798%402x-p-500.png
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		362 KB
363 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/6176da6f9186ac6f3e1865f1_Mask%20Group%20798%402x-p-500.png
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
363ecfab5a3bad40a3447d8db4091d4e97d56534fd18d92c5af8720633f8b015

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
I9bjaOfKY2PmlGwrhlt2LWiJJNYeUsAv
cf-cache-status
MISS
x-amz-request-id
YA4J2Z9MVTHE6WCW
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
370745
x-amz-id-2
pYWDP3hKSpAxETqDeSfxPsYg9/62H3jODWXQQY1xmtCQZV/HNn75D9M+Cyv0igw88QQpGigIZkk=
last-modified
Mon, 25 Oct 2021 16:25:22 GMT
server
cloudflare
etag
"8ba74e8df889342034b4fb04089f259b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504898d32671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
620bad540e60f64d45e5d7c7_6176da7ff091c7c3092dcd59_Mask_1%20Group%20798%402x2-p-500.png
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		497 KB
497 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/620bad540e60f64d45e5d7c7_6176da7ff091c7c3092dcd59_Mask_1%20Group%20798%402x2-p-500.png
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c9661a04cfdb306ebad26cf5703707fff85af71f53f65ad6fe331bfdd50716e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
SdRPuOJh3afy0ywUOM9zWviOrSLyzaNU
cf-cache-status
HIT
x-amz-request-id
D28JP8GTYQA60XNQ
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
508853
x-amz-id-2
gbnP+8H5DTFqtJOpqGHhgw2b8Z5l2Q7sh0rgjKkmsGNG+M/lDyH5tK81Oc97i7t+lamOnePT00E=
last-modified
Tue, 15 Feb 2022 13:40:43 GMT
server
cloudflare
etag
"a3b8787d56e704117196ff5795f1f6c3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504898d42671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
6176da8c7f254132c12adda2_Mask%20Group%20798%402x-p-500.png
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		250 KB
250 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/6176da8c7f254132c12adda2_Mask%20Group%20798%402x-p-500.png
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0288a9580ee4b66531ab5f2f7bfb5c849af34afab32a1b89bd794b8e07ecf0e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
x-amz-version-id
uiyx9Gium8ak2hyenp7x9ORDlsDW5YCd
cf-cache-status
HIT
x-amz-request-id
D28XZSG9CBNVECZE
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
255597
x-amz-id-2
DSw7cKouX4L7QD+rJ52evmNde8Wi2NDgsrNXlbHJPgx8JNPV5czAuuC5Zad1aeLWM3DyHyVFVZghj0zMYVvEd6pnNabVqjhSjmeO0/3AY0E=
last-modified
Mon, 25 Oct 2021 16:25:50 GMT
server
cloudflare
etag
"e98d12ae4abe0c17794a9879486bd3b9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504898d62671-TXL
expires
Wed, 18 Jun 2025 00:55:24 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CPacifico:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.northmedicalspa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:16:13 GMT
x-content-type-options
nosniff
age
369551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 18:16:13 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CPacifico:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.northmedicalspa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 13:36:16 GMT
x-content-type-options
nosniff
age
386348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34288
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 13:36:16 GMT
FwZY7-Qmy14u9lezJ-6H6Mk.woff2
fonts.gstatic.com/s/pacifico/v22/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/pacifico/v22/FwZY7-Qmy14u9lezJ-6H6Mk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CPacifico:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50488656aeea003d0042da0979cd15675c0bc1c028a21dddfafd7656d54c709e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.northmedicalspa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:34:42 GMT
x-content-type-options
nosniff
age
364842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30908
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:34:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 19:34:42 GMT
loader.json
cdn.popupsmart.com/accounts/59034/ 		243 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.popupsmart.com/accounts/59034/loader.json
Requested by
Host: cdn.popupsmart.com
URL: https://cdn.popupsmart.com/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73527983ad5eea386a98efe34d9733cb1174d8ee0ecd303c4625bbef0954ef89
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YA4X5G5RFYY48QPE
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
cRLLmyi2ZnF+Vu+45tB7DuuoH1+f2fpo2RG4lI3HkcW+kZpKBj86EzftmgywoNCKqA2E4mRvUAs=
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/xml
location
eyJpcCI6IjgwLjI1NS43LjEwOSIsImNvdW50cnlDb2RlIjoiREUiLCJjb3VudHJ5IjoiR2VybWFueSIsImxhdGl0dWRlIjoiNTEuMjk5MzAiLCJsb25naXR1ZGUiOiI5LjQ5MTAwIiwidGltZXpvbmUiOiJFdXJvcGUvQmVybGluIiwiYXNPcmdhbml6YXRpb24iOiJDb3JlLUJhY2tib25lIn0=
access-control-allow-origin
*
access-control-expose-headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, cf, clientIP, location
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3jvgfHxlWtdG7hucxvq5wlQmniqXzz2w4mXpQVs84OYteSmoVxL%2F4JY5Y8Ggtlqs9pUgnDRe5UJ7XOaiyic9kWKUOnCry5iUM8yPzUcLcaX%2FbB5M9E%2BcjW1QRlCBpP53c9NeMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
permissions-policy
microphone=()
cf-ray
8957504a0a7d6964-FRA
x-robots-tag
noindex
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-ZE3TJL8E16&gtm=45je46c0h1v9132351246za200&_p=1718672124223&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&gdid=dZGVlNj&cid=1293307066.1718672125&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718672124&sct=1&seg=0&dl=https%3A%2F%2Fwww.northmedicalspa.com%2F&dt=North%20Medical%20Spa%20%7C%20Toronto%2C%20Oakville%2C%20Collingwood&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1678&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZE3TJL8E16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 00:55:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.northmedicalspa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZE3TJL8E16&cid=1293307066.1718672125&gtm=45je46c0h1v9132351246za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZE3TJL8E16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 00:55:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.northmedicalspa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		305 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9YGBNY754K&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZE3TJL8E16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b842c4357ac5633b0cabb10a8e7b4d77a9ff23616d1788764eeef4ff8c44c0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105020
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 18 Jun 2024 00:55:24 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZE3TJL8E16&cid=1293307066.1718672125&gtm=45je46c0h1v9132351246za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=2060233088
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 00:55:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 18 Jun 2024 00:55:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
3nG96Eob3gzHOc0lTiXX2PJGbZSpxY2olaItBKY3aQfMa+czRixoZcCYwCERTzZwtXxB2WosptuP+Zc/gYiZXA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		207 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-92417906-5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9YGBNY754K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
63961fc0679b54f1427f57802cc1b05c2823e095700712dcc54639d23f573e5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76286
x-xss-protection
0
last-modified
Tue, 18 Jun 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 18 Jun 2024 00:55:24 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9YGBNY754K&gtm=45je46c0v872501031za200zb9132351246&_p=1718672124223&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&gdid=dZGVlNj&cid=1293307066.1718672125&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718672124&sct=1&seg=0&dl=https%3A%2F%2Fwww.northmedicalspa.com%2F&dt=North%20Medical%20Spa%20%7C%20Toronto%2C%20Oakville%2C%20Collingwood&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1708&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9YGBNY754K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 00:55:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.northmedicalspa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9YGBNY754K&cid=1293307066.1718672125&gtm=45je46c0v872501031za200zb9132351246&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9YGBNY754K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 00:55:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.northmedicalspa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9YGBNY754K&cid=1293307066.1718672125&gtm=45je46c0v872501031za200zb9132351246&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=427371234
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 00:55:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		254 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FF3VFCS3JS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92417906-5&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
dbf3ea98740e672573680f36069856e55b8b8ed8ca1e1ab17911c696b40e3c50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91979
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 18 Jun 2024 00:55:24 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92417906-5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Jun 2024 23:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4461
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 18 Jun 2024 01:41:03 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FF3VFCS3JS&gtm=45je46c0v9133996231za200&_p=1718672124223&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1293307066.1718672125&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1718672124&sct=1&seg=0&dl=https%3A%2F%2Fwww.northmedicalspa.com%2F&dt=North%20Medical%20Spa%20%7C%20Toronto%2C%20Oakville%2C%20Collingwood&en=page_view&_fv=1&_ss=1&tfd=1929&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FF3VFCS3JS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 00:55:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.northmedicalspa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
721456225105186
connect.facebook.net/signals/config/ 		57 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/721456225105186?v=2.9.158&r=stable&domain=www.northmedicalspa.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2f5538b5ef63448bf2200bd0491fbf9cb534c35f517c57713192e057ddd1ebbb
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 18 Jun 2024 00:55:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=48, rtx=0, c=64, mss=1297, tbw=63533, tp=-1, tpl=-1, uplat=117, ullat=0
pragma
public
x-fb-debug
1/NF3lnPAb+t+d4MKYE612fysgoEoXKeZJ16ufJpQHNMXK4qcW94jWsnFSglyt6sA63ClKH5BbFR1JcgIdAs7g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1032695166&t=pageview&_s=1&dl=https%3A%2F%2Fwww.northmedicalspa.com%2F&ul=de-de&de=UTF-8&dt=North%20Medical%20Spa%20%7C%20Toronto%2C%20Oakville%2C%20Collingwood&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=258252452&gjid=1549366749&cid=1293307066.1718672125&tid=UA-92417906-5&_gid=1684405242.1718672125&_r=1&gtm=457e46c0z8872501031za200zb872501031&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1210165325
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 00:55:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.northmedicalspa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=721456225105186&ev=PageView&dl=https%3A%2F%2Fwww.northmedicalspa.com&rl=&if=false&ts=1718672124966&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1718672124965.505842587817077093&pm=1&hrl=5e7e06&ler=empty&cdl=API_unavailable&it=1718672124792&coo=false&cs_cc=1&cas=7982949271723873%2C5516074511831636%2C5483641008318785%2C3912328542201018&rqm=GET
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2821, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 18 Jun 2024 00:55:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=721456225105186&ev=PageView&dl=https%3A%2F%2Fwww.northmedicalspa.com&rl=&if=false&ts=1718672124966&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1718672124965.505842587817077093&pm=1&hrl=5e7e06&ler=empty&cdl=API_unavailable&it=1718672124792&coo=false&cs_cc=1&cas=7982949271723873%2C5516074511831636%2C5483641008318785%2C3912328542201018&rqm=FGET
Requested by
Host: www.northmedicalspa.com
URL: https://www.northmedicalspa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x5a239f894fa7e31c","source_keys":["1","2"]},{"key_piece":"0x5499443711c21e89","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 18 Jun 2024 00:55:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7381640569556504693", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=17, mss=1297, tbw=3139, tp=-1, tpl=-1, uplat=167, ullat=0
pragma
no-cache
x-fb-debug
wJwCzTPRQLKvgMi9Z2PIqohJdhjqXh7/Dz+TaWlOg4i/1hURsPK+tohqQQakKMgL0bmUNmgW1jBR86LBN2zLIg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7381640569556504693"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
616da18d2627de676849c384_fa-brands-400.woff
uploads-ssl.webflow.com/614df36c33adfd078fcd6d29/ 		88 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/614df36c33adfd078fcd6d29/616da18d2627de676849c384_fa-brands-400.woff
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/css/north-medical-spa.webflow.fd48a019d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9217f66874b0c01cd8c10b6a295dbc4f609acb6f5adc41c37da46641b57eb02

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.prod.website-files.com/
Origin
https://www.northmedicalspa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 23:06:50 GMT
x-amz-version-id
nev.ndCF_LvJiOW3YQAB104jwuPDkMVW
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
age
1561716
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
89988
last-modified
Mon, 18 Oct 2021 16:32:15 GMT
server
AmazonS3
etag
"1a575a4138e5f366474f0e7c5bd614a5"
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
9L45Sxujdmrkjz98H-5R5Rk1VEvbQ0kIvLU3M5NRZmWHjIzoy6fS0A==
loader.json
cdn.popupsmart.com/accounts/59034/ 		243 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.popupsmart.com/accounts/59034/loader.json
Requested by
Host: cdn.popupsmart.com
URL: https://cdn.popupsmart.com/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae7306c93eaf54250993f127e662572f7a2a13cf8a96b4477dc90aec8828a413
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
X0VFCJV6YKWHWGN2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ztP5jVlirpXtvGQOkamK5NkInRugB6F03hvwtyb17+/mha2PSyhJ+F2WJh6IizvA7fOWj6lcMfs=
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/xml
location
eyJpcCI6IjgwLjI1NS43LjEwOSIsImNvdW50cnlDb2RlIjoiREUiLCJjb3VudHJ5IjoiR2VybWFueSIsImxhdGl0dWRlIjoiNTEuMjk5MzAiLCJsb25naXR1ZGUiOiI5LjQ5MTAwIiwidGltZXpvbmUiOiJFdXJvcGUvQmVybGluIiwiYXNPcmdhbml6YXRpb24iOiJDb3JlLUJhY2tib25lIn0=
access-control-allow-origin
*
access-control-expose-headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, cf, clientIP, location
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35a1QiQXtbcXwa8bwiMRrs8hDqdu%2BXz71ZkV0tQD9LrBaRQdsnXE3x7Zm2PJIsb608vpsxPCKSMDLIg1OzOo8PMH71ZgXw6MfJOSy4A%2FM1RMbDiMGJXgxXyv%2FxUxmv0oFKpM2A%3D%3D"}],"group":"cf-nel","max_age":604800}
permissions-policy
microphone=()
cf-ray
8957504dbcc66964-FRA
x-robots-tag
noindex
61f455e4f297c0420538ca86_north-medical-spa-logo-mark-black-rgb-1500px%4072ppi%20-%20Copy.png
cdn.prod.website-files.com/614df36c33adfd078fcd6d29/ 		853 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/614df36c33adfd078fcd6d29/61f455e4f297c0420538ca86_north-medical-spa-logo-mark-black-rgb-1500px%4072ppi%20-%20Copy.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d22cf5eb6829b103d2fed1134c167b97e6bff10c0c481207563bcc720753d5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.northmedicalspa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 00:55:25 GMT
x-amz-version-id
9nVe7xU5ypz1Gva4YelJtaDhkVlB2lkH
cf-cache-status
HIT
x-amz-request-id
DZHB1H1GJ5YDM5Z4
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
853
x-amz-id-2
Louikbk9v6+n6EQA1RoKBV7iXCs/nmoELBvjhTqBUGWq38wHFltTVFjpWefCW3eCRcXD+0P0xhIDfEzJfdLKx4xoCNOa/ApVnQpJafED/xU=
last-modified
Fri, 28 Jan 2022 20:45:25 GMT
server
cloudflare
etag
"5f4eb400f69a02b99255b0496bef976a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8957504f09082671-TXL
expires
Wed, 18 Jun 2025 00:55:25 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| WebFont function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| google_tag_manager object| google_tag_data object| gaGlobal function| fbq function| _fbq function| onYouTubeIframeAPIReady string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData function| $ function| jQuery object| mc function| $mcj object| fnames object| ftypes function| tram object| Webflow

8 Cookies

Domain/Path Name / Value
.northmedicalspa.com/ Name: _ga_ZE3TJL8E16
Value: GS1.1.1718672124.1.0.1718672124.60.0.0
.northmedicalspa.com/ Name: _gcl_au
Value: 1.1.1521096093.1718672125
.northmedicalspa.com/ Name: _ga_9YGBNY754K
Value: GS1.1.1718672124.1.0.1718672124.60.0.0
.northmedicalspa.com/ Name: _ga_FF3VFCS3JS
Value: GS1.1.1718672124.1.0.1718672124.0.0.0
.northmedicalspa.com/ Name: _ga
Value: GA1.2.1293307066.1718672125
.northmedicalspa.com/ Name: _gid
Value: GA1.2.1684405242.1718672125
.northmedicalspa.com/ Name: _gat_gtag_UA_92417906_5
Value: 1
.northmedicalspa.com/ Name: _fbp
Value: fb.1.1718672124965.505842587817077093

2 Console Messages

Source Level URL
Text
network error URL: https://cdn.popupsmart.com/accounts/59034/loader.json
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.popupsmart.com/accounts/59034/loader.json
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn-images.mailchimp.com
cdn.popupsmart.com
cdn.prod.website-files.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
northmedicalspa.com
region1.analytics.google.com
region1.google-analytics.com
s3.amazonaws.com
stats.g.doubleclick.net
uploads-ssl.webflow.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.northmedicalspa.com
142.250.184.196
142.250.184.200
142.250.186.67
172.64.153.29
172.67.71.162
18.172.112.107
18.66.112.109
2001:4860:4802:32::178
2001:4860:4802:34::36
2a00:1450:4001:802::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c06::9c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
52.222.232.99
54.231.228.64
63.35.51.142
75.2.70.75
00cc63b111441e806249634a69ef055ae55c2970fed3a8f8450d540175b18d1a
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
039376505ee52fca1a76176c54fd0483c22e9cda7041c33be21a62b1483b6781
254eef55d04e821dfe8d82a67979b47d68941fa170d54a6eca5160750114e694
29f13a091f5ad477174b108e0e07a6c2758f7ee15ecb292608ccc9ea6d020756
2b11124cb481e88818171533fff8fd7639643b591b0fcedeb0fb8794e0764f1f
2e330e8990203ba9f9131837c7d39e41b1558dd7a40c2ec2361e7cb22e1ebea0
2f5538b5ef63448bf2200bd0491fbf9cb534c35f517c57713192e057ddd1ebbb
363ecfab5a3bad40a3447d8db4091d4e97d56534fd18d92c5af8720633f8b015
38d22cf5eb6829b103d2fed1134c167b97e6bff10c0c481207563bcc720753d5
38e24c27456ea61d5a35fde12098bb4c3a50a3ecdd4d4d23058edbdc8e1c2356
3b842c4357ac5633b0cabb10a8e7b4d77a9ff23616d1788764eeef4ff8c44c0f
3cc8e1f7f9d4c1eb9084740f3e902bd5bbacf8ddd7cadf1092817242871c3538
4262506f5db814d387521de59cbab317392b3c82d91ce57bf81003400b18085f
4460bc2f7ef1f41aba7bd4d046c5d3f6cae2b1a90bcac1b91a5835fad8f4a135
45e08062bedfdeea7fa549bcd42e6a1bfce68deb37b5207869c67d7c6a03c28a
50488656aeea003d0042da0979cd15675c0bc1c028a21dddfafd7656d54c709e
571bc497e3494f10e4d63f7befb806ae65b495b434a09c9f33a343a507006fbc
578e15bbf30cbd73dd27bde5889b50728dc55cc018aa7837685fd506de0e9878
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
63961fc0679b54f1427f57802cc1b05c2823e095700712dcc54639d23f573e5c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73527983ad5eea386a98efe34d9733cb1174d8ee0ecd303c4625bbef0954ef89
8025cb38d35dc4f4a0efb8d71af8d45065870d7ffd89383564fb229f450511d9
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
877a5f85701ff2a234977144ff9818844f5bfd85edc04fff11ef722f39542a73
883ab6b222727838506f6194345f238589414aa85f71e5170f2f1bd5ec59fea8
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
9c9661a04cfdb306ebad26cf5703707fff85af71f53f65ad6fe331bfdd50716e
a526afb3dcf625a39390d03046e73fe2682c64615bf1552e17cca8d2ce0d516a
a7b8e5f67644538ddad45b17974cfd9787c2761fe39a74f445c23973f7cc168b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae7306c93eaf54250993f127e662572f7a2a13cf8a96b4477dc90aec8828a413
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bf4d58e061732ea90527e44943b2c0faff6b03dcf690b6f542974b8fde6a6c90
cefce2f30682017640afd68dbbb1019a8af8c8f2242feb014c2ab66bf451b5c9
d0288a9580ee4b66531ab5f2f7bfb5c849af34afab32a1b89bd794b8e07ecf0e
d865eecf3e86c11ab224434aecb84384c87cd8e52f5f0d5fb2f9b5291eab8578
dbf3ea98740e672573680f36069856e55b8b8ed8ca1e1ab17911c696b40e3c50
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e19ed0a03b2c265876a66eb1e3e1f99c707a8a020d534793c96e87253805d71f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9a9829ea8c8841b1681c90b574a6a6ac924edcafcc1c28e36fc4238d114d1f9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28869a598359c7002741c502d3a0a53b76331f512e600f063289b09241b382d
f58122931447086efa3fb8ced3dbfc00e391d2353bf43697faeac61d92a9ce46
f59d7194ab4ee006e5af6bb17949fddf09efea7e77d4ad10dae38ab16d709b7c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f84d1b9cd8b10966e350efa596f3ac5d736c8593ec738f19f7318c8e875e5520
f9217f66874b0c01cd8c10b6a295dbc4f609acb6f5adc41c37da46641b57eb02